diff options
| -rw-r--r-- | app/Auth/DatabaseAuth.php | 2 | ||||
| -rw-r--r-- | app/Middleware/AuthenticationMiddleware.php | 3 | ||||
| -rw-r--r-- | app/Model/UserModel.php | 9 |
3 files changed, 12 insertions, 2 deletions
diff --git a/app/Auth/DatabaseAuth.php b/app/Auth/DatabaseAuth.php index 84a1e019..1982f576 100644 --- a/app/Auth/DatabaseAuth.php +++ b/app/Auth/DatabaseAuth.php @@ -84,7 +84,7 @@ class DatabaseAuth extends Base implements PasswordAuthenticationProviderInterfa */ public function isValidSession() { - return $this->userModel->isActive($this->userSession->getId()); + return $this->userModel->isValidSession($this->userSession->getId(), $this->userSession->getRole()); } /** diff --git a/app/Middleware/AuthenticationMiddleware.php b/app/Middleware/AuthenticationMiddleware.php index 54652e57..7eb9f745 100644 --- a/app/Middleware/AuthenticationMiddleware.php +++ b/app/Middleware/AuthenticationMiddleware.php @@ -20,7 +20,8 @@ class AuthenticationMiddleware extends BaseMiddleware public function execute() { if (! $this->authenticationManager->checkCurrentSession()) { - throw AccessForbiddenException::getInstance()->withoutLayout(); + $this->response->redirect($this->helper->url->to('AuthController', 'login')); + return; } if (! $this->isPublicAccess()) { diff --git a/app/Model/UserModel.php b/app/Model/UserModel.php index c44fd3e7..d8db3270 100644 --- a/app/Model/UserModel.php +++ b/app/Model/UserModel.php @@ -29,6 +29,15 @@ class UserModel extends Base */ const EVERYBODY_ID = -1; + public function isValidSession($userID, $sessionRole) + { + return $this->db->table(self::TABLE) + ->eq('id', $userID) + ->eq('is_active', 1) + ->eq('role', $sessionRole) + ->exists(); + } + /** * Return true if the user exists * |