blob: f8234629432c3ed3e3564113c9aabb4a3de27510 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
|
<?php
declare(strict_types=1);
class TokenAuthenticationMiddleware implements Middleware
{
public function __invoke(Request $request, $next): Response
{
if (! Configuration::getConfig('authentication', 'token')) {
return $next($request);
}
// Always add token to request attribute
$request = $request->withAttribute('token', $request->get('token'));
if (! $request->attribute('token')) {
return new Response(render(__DIR__ . '/../templates/token.html.php', [
'message' => 'Missing token',
]), 401);
}
if (! hash_equals(Configuration::getConfig('authentication', 'token'), $request->attribute('token'))) {
return new Response(render(__DIR__ . '/../templates/token.html.php', [
'message' => 'Invalid token',
]), 401);
}
return $next($request);
}
}
|
