2024-08-30 00:07:58 +02:00
|
|
|
<?php
|
|
|
|
|
|
|
|
declare(strict_types=1);
|
|
|
|
|
|
|
|
class TokenAuthenticationMiddleware implements Middleware
|
|
|
|
{
|
|
|
|
public function __invoke(Request $request, $next): Response
|
|
|
|
{
|
|
|
|
if (! Configuration::getConfig('authentication', 'token')) {
|
|
|
|
return $next($request);
|
|
|
|
}
|
|
|
|
|
2025-01-03 06:19:24 +01:00
|
|
|
$token = $request->get('token');
|
2024-08-30 00:07:58 +02:00
|
|
|
|
2025-01-03 06:19:24 +01:00
|
|
|
if (! $token) {
|
2024-08-30 00:07:58 +02:00
|
|
|
return new Response(render(__DIR__ . '/../templates/token.html.php', [
|
2025-01-03 06:19:24 +01:00
|
|
|
'message' => 'Missing token',
|
|
|
|
'token' => '',
|
2024-08-30 00:07:58 +02:00
|
|
|
]), 401);
|
|
|
|
}
|
2025-01-03 06:19:24 +01:00
|
|
|
|
|
|
|
if (! hash_equals(Configuration::getConfig('authentication', 'token'), $token)) {
|
2024-08-30 00:07:58 +02:00
|
|
|
return new Response(render(__DIR__ . '/../templates/token.html.php', [
|
2025-01-03 06:19:24 +01:00
|
|
|
'message' => 'Invalid token',
|
|
|
|
'token' => $token,
|
2024-08-30 00:07:58 +02:00
|
|
|
]), 401);
|
|
|
|
}
|
|
|
|
|
2025-01-03 06:19:24 +01:00
|
|
|
$request = $request->withAttribute('token', $token);
|
|
|
|
|
2024-08-30 00:07:58 +02:00
|
|
|
return $next($request);
|
|
|
|
}
|
|
|
|
}
|