Merge https://github.com/kanboard/kanboard

author: JLGC @monolinux <monolinux@junglacode.org> 2016-08-15 23:13:16 -0500
committer: JLGC @monolinux <monolinux@junglacode.org> 2016-08-15 23:13:16 -0500
commit: 683c0464093f6a7976236c68653c2a2cc5dae280 (patch)
tree: bf176ecd82415cc4952eea071b7d264dd5fd68b4 /app/Api/Middleware/AuthenticationMiddleware.php
parent: b1e795fc5b45369f7b9b565b1e106d2673361977 (diff)
parent: 5f82a942c0011bf91947b2c1d627c0907bda0c92 (diff)
1 files changed, 82 insertions, 0 deletions
diff --git a/app/Api/Middleware/AuthenticationMiddleware.php b/app/Api/Middleware/AuthenticationMiddleware.php
new file mode 100644
index 00000000..8e309593
--- /dev/null
+++ b/app/Api/Middleware/AuthenticationMiddleware.php
@@ -0,0 +1,82 @@
+<?php
+
+namespace Kanboard\Api\Middleware;
+
+use JsonRPC\Exception\AccessDeniedException;
+use JsonRPC\Exception\AuthenticationFailureException;
+use JsonRPC\MiddlewareInterface;
+use Kanboard\Core\Base;
+
+/**
+ * Class AuthenticationApiMiddleware
+ *
+ * @package Kanboard\Api\Middleware
+ * @author  Frederic Guillot
+ */
+class AuthenticationMiddleware extends Base implements MiddlewareInterface
+{
+    /**
+     * Execute Middleware
+     *
+     * @access public
+     * @param  string $username
+     * @param  string $password
+     * @param  string $procedureName
+     * @throws AccessDeniedException
+     * @throws AuthenticationFailureException
+     */
+    public function execute($username, $password, $procedureName)
+    {
+        $this->dispatcher->dispatch('app.bootstrap');
+
+        if ($this->isUserAuthenticated($username, $password)) {
+            $this->userSession->initialize($this->userModel->getByUsername($username));
+        } elseif (! $this->isAppAuthenticated($username, $password)) {
+            $this->logger->error('API authentication failure for '.$username);
+            throw new AuthenticationFailureException('Wrong credentials');
+        }
+    }
+
+    /**
+     * Check user credentials
+     *
+     * @access public
+     * @param  string  $username
+     * @param  string  $password
+     * @return boolean
+     */
+    private function isUserAuthenticated($username, $password)
+    {
+        return $username !== 'jsonrpc' &&
+        ! $this->userLockingModel->isLocked($username) &&
+        $this->authenticationManager->passwordAuthentication($username, $password);
+    }
+
+    /**
+     * Check administrative credentials
+     *
+     * @access public
+     * @param  string  $username
+     * @param  string  $password
+     * @return boolean
+     */
+    private function isAppAuthenticated($username, $password)
+    {
+        return $username === 'jsonrpc' && $password === $this->getApiToken();
+    }
+
+    /**
+     * Get API Token
+     *
+     * @access private
+     * @return string
+     */
+    private function getApiToken()
+    {
+        if (defined('API_AUTHENTICATION_TOKEN')) {
+            return API_AUTHENTICATION_TOKEN;
+        }
+
+        return $this->configModel->get('api_token');
+    }
+}
author	JLGC @monolinux <monolinux@junglacode.org>	2016-08-15 23:13:16 -0500
committer	JLGC @monolinux <monolinux@junglacode.org>	2016-08-15 23:13:16 -0500
commit	683c0464093f6a7976236c68653c2a2cc5dae280 (patch)
tree	bf176ecd82415cc4952eea071b7d264dd5fd68b4 /app/Api/Middleware/AuthenticationMiddleware.php
parent	b1e795fc5b45369f7b9b565b1e106d2673361977 (diff)
parent	5f82a942c0011bf91947b2c1d627c0907bda0c92 (diff)