From 67b836164997527b91452b19adbcb8aa3c5decf1 Mon Sep 17 00:00:00 2001
From: Frederic Guillot <fred@kanboard.net>
Date: Sun, 15 May 2016 18:31:47 -0400
Subject: Refactoring: added controlled middleware and changed response class

---
 app/Middleware/PostAuthenticationMiddleware.php | 36 +++++++++++++++++++++++++
 1 file changed, 36 insertions(+)
 create mode 100644 app/Middleware/PostAuthenticationMiddleware.php

(limited to 'app/Middleware/PostAuthenticationMiddleware.php')

diff --git a/app/Middleware/PostAuthenticationMiddleware.php b/app/Middleware/PostAuthenticationMiddleware.php
new file mode 100644
index 00000000..8287c10e
--- /dev/null
+++ b/app/Middleware/PostAuthenticationMiddleware.php
@@ -0,0 +1,36 @@
+<?php
+
+namespace Kanboard\Middleware;
+
+use Kanboard\Core\Controller\BaseMiddleware;
+
+/**
+ * Class PostAuthenticationMiddleware
+ *
+ * @package Kanboard\Middleware
+ * @author  Frederic Guillot
+ */
+class PostAuthenticationMiddleware extends BaseMiddleware
+{
+    /**
+     * Execute middleware
+     */
+    public function execute()
+    {
+        $controller = strtolower($this->router->getController());
+        $action = strtolower($this->router->getAction());
+        $ignore = ($controller === 'twofactor' && in_array($action, array('code', 'check'))) || ($controller === 'auth' && $action === 'logout');
+
+        if ($ignore === false && $this->userSession->hasPostAuthentication() && ! $this->userSession->isPostAuthenticationValidated()) {
+            $this->setNextMiddleware(null);
+
+            if ($this->request->isAjax()) {
+                $this->response->text('Not Authorized', 401);
+            }
+
+            $this->response->redirect($this->helper->url->to('twofactor', 'code'));
+        }
+
+        $this->next();
+    }
+}
-- 
cgit v1.2.3