summaryrefslogtreecommitdiff
path: root/app
diff options
context:
space:
mode:
Diffstat (limited to 'app')
-rw-r--r--app/Auth/DatabaseAuth.php2
-rw-r--r--app/Middleware/AuthenticationMiddleware.php3
-rw-r--r--app/Model/UserModel.php9
3 files changed, 12 insertions, 2 deletions
diff --git a/app/Auth/DatabaseAuth.php b/app/Auth/DatabaseAuth.php
index 84a1e019..1982f576 100644
--- a/app/Auth/DatabaseAuth.php
+++ b/app/Auth/DatabaseAuth.php
@@ -84,7 +84,7 @@ class DatabaseAuth extends Base implements PasswordAuthenticationProviderInterfa
*/
public function isValidSession()
{
- return $this->userModel->isActive($this->userSession->getId());
+ return $this->userModel->isValidSession($this->userSession->getId(), $this->userSession->getRole());
}
/**
diff --git a/app/Middleware/AuthenticationMiddleware.php b/app/Middleware/AuthenticationMiddleware.php
index 54652e57..7eb9f745 100644
--- a/app/Middleware/AuthenticationMiddleware.php
+++ b/app/Middleware/AuthenticationMiddleware.php
@@ -20,7 +20,8 @@ class AuthenticationMiddleware extends BaseMiddleware
public function execute()
{
if (! $this->authenticationManager->checkCurrentSession()) {
- throw AccessForbiddenException::getInstance()->withoutLayout();
+ $this->response->redirect($this->helper->url->to('AuthController', 'login'));
+ return;
}
if (! $this->isPublicAccess()) {
diff --git a/app/Model/UserModel.php b/app/Model/UserModel.php
index c44fd3e7..d8db3270 100644
--- a/app/Model/UserModel.php
+++ b/app/Model/UserModel.php
@@ -29,6 +29,15 @@ class UserModel extends Base
*/
const EVERYBODY_ID = -1;
+ public function isValidSession($userID, $sessionRole)
+ {
+ return $this->db->table(self::TABLE)
+ ->eq('id', $userID)
+ ->eq('is_active', 1)
+ ->eq('role', $sessionRole)
+ ->exists();
+ }
+
/**
* Return true if the user exists
*