blob: 8ad1f1a3554b6ba990742a07bd16fd932cd841aa (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
|
<?php
namespace Kanboard\Middleware;
use Kanboard\Core\Controller\BaseMiddleware;
/**
* Class PostAuthenticationMiddleware
*
* @package Kanboard\Middleware
* @author Frederic Guillot
*/
class PostAuthenticationMiddleware extends BaseMiddleware
{
/**
* Execute middleware
*/
public function execute()
{
$controller = strtolower($this->router->getController());
$action = strtolower($this->router->getAction());
$ignore = ($controller === 'twofactorcontroller' && in_array($action, array('code', 'check'))) || ($controller === 'authcontroller' && $action === 'logout');
if ($ignore === false && $this->userSession->hasPostAuthentication() && ! $this->userSession->isPostAuthenticationValidated()) {
$this->nextMiddleware = null;
if ($this->request->isAjax()) {
$this->response->text('Not Authorized', 401);
} else {
$this->response->redirect($this->helper->url->to('TwoFactorController', 'code'));
}
}
$this->next();
}
}
|
