31 lines
1.1 KiB
PHP
31 lines
1.1 KiB
PHP
<?php
|
|
namespace Incoviba\API\Common\Middleware;
|
|
|
|
use Psr\Http\Message\ServerRequestInterface as Request;
|
|
use Psr\Http\Server\RequestHandlerInterface as Handler;
|
|
use Psr\Http\Message\ResponseInterface as Response;
|
|
use Psr\Http\Message\ResponseFactoryInterface as Factory;
|
|
use Incoviba\API\Common\Service\Auth as Service;
|
|
|
|
class Auth {
|
|
protected $service;
|
|
protected $factory;
|
|
protected $exceptions;
|
|
public function __construct(Service $service, Factory $factory, array $exception_routes) {
|
|
$this->service = $service;
|
|
$this->factory = $factory;
|
|
$this->exceptions = $exception_routes;
|
|
}
|
|
public function __invoke(Request $request, Handler $handler): Response {
|
|
$path = $request->getUri()->getPath();
|
|
if (in_array($path, $this->exceptions) or $this->service->isValid($request)) {
|
|
return $handler->handle($request);
|
|
}
|
|
$response = $this->factory->createResponse();
|
|
$response->getBody()->write(json_encode(['message' => 'Not authorized.']));
|
|
return $response
|
|
->withStatus(401) // unauthorized
|
|
->withHeader('content-type', 'application/json');
|
|
}
|
|
}
|