all-in-one/php/src/Middleware/AuthMiddleware.php

<?php

namespace AIO\Middleware;

use AIO\Auth\AuthManager;
use GuzzleHttp\Psr7\Response;
use Psr\Http\Message\ResponseInterface;
use Psr\Http\Message\ServerRequestInterface;
use Psr\Http\Server\RequestHandlerInterface;

readonly class AuthMiddleware {
    public function __construct(
        private AuthManager $authManager
    ) {
    }

    public function __invoke(ServerRequestInterface $request, RequestHandlerInterface $handler): ResponseInterface
    {
        $publicRoutes = [
            '/api/auth/login',
            '/api/auth/getlogin',
            '/login',
            '/setup',
            '/',
        ];

        if(!in_array($request->getUri()->getPath(), $publicRoutes)) {
            if(!$this->authManager->IsAuthenticated()) {
                $status = 302;

                // Check the url of the request: split the string by '/' and count the number of elements
                // Note that the path that gets to this middleware is not aware of any base path managed by a reverse proxy, so if the url is 'https://example.com/AIO/somepage', the path will be 'https://mastercontainer/somepage'
                if (count(explode('/', $request->getUri()->getPath())) < 2) {
                    // If there are less than 2 elements it means we are somewhere in the root folder (no '/', so no subfolder), so we redirect to the same folder level to offload the redirection to the appropriate page to 'index.php' (specifically, once in the root level the login page will be loaded since we are not authenticated)
                    $location = '.';
                } else {
                    // If there are 2 or more elements it means we are in a subfolder, so we need to go back to the root folder
                    // In the best case we need to go back by 1 level only
                    $location = '..';
                    // In the worst case we need to go back by n levels, where n is the number of elements - 2 (the first element is not a folder, the second element is already accounted for by the initial '..')
                    for ($i = 1; $i < count(explode('/', $request->getUri()->getPath())) - 2; $i++) {
                        // For each extra level we need to go back by another level
                        $location = $location . '/..';
                    }
                }

                $headers = ['Location' => $location];
                $response = new Response($status, $headers);
                return $response;
            }
        }

        $response = $handler->handle($request);
        return $response;
    }
}
Initial import 2021-11-30 11:20:42 +01:00			`<?php`

			`namespace AIO\Middleware;`

			`use AIO\Auth\AuthManager;`
			`use GuzzleHttp\Psr7\Response;`
			`use Psr\Http\Message\ResponseInterface;`
			`use Psr\Http\Message\ServerRequestInterface;`
			`use Psr\Http\Server\RequestHandlerInterface;`

update constructor Signed-off-by: Jean-Yves <7360784+docjyJ@users.noreply.github.com> 2024-10-07 10:12:43 +02:00			`readonly class AuthMiddleware {`
			`public function __construct(`
			`private AuthManager $authManager`
			`) {`
Initial import 2021-11-30 11:20:42 +01:00			`}`

			`public function __invoke(ServerRequestInterface $request, RequestHandlerInterface $handler): ResponseInterface`
			`{`
			`$publicRoutes = [`
			`'/api/auth/login',`
			`'/api/auth/getlogin',`
			`'/login',`
			`'/setup',`
			`'/',`
			`];`

			`if(!in_array($request->getUri()->getPath(), $publicRoutes)) {`
			`if(!$this->authManager->IsAuthenticated()) {`
rework session deduplication Signed-off-by: szaimen <szaimen@e.mail.de> 2022-10-16 17:37:13 +02:00			`$status = 302;`
Added suggested changes Signed-off-by: Lorenzo Moscati <lorenzo@moscati.page> 2025-10-14 15:59:28 +02:00
			`// Check the url of the request: split the string by '/' and count the number of elements`
			`// Note that the path that gets to this middleware is not aware of any base path managed by a reverse proxy, so if the url is 'https://example.com/AIO/somepage', the path will be 'https://mastercontainer/somepage'`
			`if (count(explode('/', $request->getUri()->getPath())) < 2) {`
			`// If there are less than 2 elements it means we are somewhere in the root folder (no '/', so no subfolder), so we redirect to the same folder level to offload the redirection to the appropriate page to 'index.php' (specifically, once in the root level the login page will be loaded since we are not authenticated)`
			`$location = '.';`
			`} else {`
			`// If there are 2 or more elements it means we are in a subfolder, so we need to go back to the root folder`
			`// In the best case we need to go back by 1 level only`
Rewrite all AIO interface paths to be relative Signed-off-by: Lorenzo Moscati <lorenzo@moscati.page> 2025-08-23 01:30:20 +02:00			`$location = '..';`
Added suggested changes Signed-off-by: Lorenzo Moscati <lorenzo@moscati.page> 2025-10-14 15:59:28 +02:00			`// In the worst case we need to go back by n levels, where n is the number of elements - 2 (the first element is not a folder, the second element is already accounted for by the initial '..')`
			`for ($i = 1; $i < count(explode('/', $request->getUri()->getPath())) - 2; $i++) {`
			`// For each extra level we need to go back by another level`
Rewrite all AIO interface paths to be relative Signed-off-by: Lorenzo Moscati <lorenzo@moscati.page> 2025-08-23 01:30:20 +02:00			`$location = $location . '/..';`
			`}`
			`}`
Added suggested changes Signed-off-by: Lorenzo Moscati <lorenzo@moscati.page> 2025-10-14 15:59:28 +02:00
Rewrite all AIO interface paths to be relative Signed-off-by: Lorenzo Moscati <lorenzo@moscati.page> 2025-08-23 01:30:20 +02:00			`$headers = ['Location' => $location];`
rework session deduplication Signed-off-by: szaimen <szaimen@e.mail.de> 2022-10-16 17:37:13 +02:00			`$response = new Response($status, $headers);`
			`return $response;`
Initial import 2021-11-30 11:20:42 +01:00			`}`
			`}`

			`$response = $handler->handle($request);`
			`return $response;`
			`}`
			`}`