From 254204a3a66045e97ed076dc27910f85721177a9 Mon Sep 17 00:00:00 2001 From: Sam Minnee Date: Fri, 23 Jun 2017 12:32:43 +1200 Subject: [PATCH] NEW: Replace AuthenticationRequestFilter with AuthenticationMiddleware --- _config/security.yml | 9 ++-- ...ilter.php => AuthenticationMiddleware.php} | 41 +++++++------------ src/Security/Member.php | 2 +- 3 files changed, 20 insertions(+), 32 deletions(-) rename src/Security/{AuthenticationRequestFilter.php => AuthenticationMiddleware.php} (57%) diff --git a/_config/security.yml b/_config/security.yml index 8930f15bb..03dbf19ea 100644 --- a/_config/security.yml +++ b/_config/security.yml @@ -19,14 +19,13 @@ SilverStripe\Core\Injector\Injector: --- Name: coresecurity --- +SilverStripe\Control\Director: + middlewares: + - %$SilverStripe\Security\AuthenticationMiddleware SilverStripe\Core\Injector\Injector: - SilverStripe\Security\AuthenticationRequestFilter: + SilverStripe\Security\AuthenticationMiddleware: properties: AuthenticationHandler: %$SilverStripe\Security\AuthenticationHandler - SilverStripe\Control\RequestProcessor: - properties: - filters: - - %$SilverStripe\Security\AuthenticationRequestFilter SilverStripe\Security\Security: properties: Authenticators: diff --git a/src/Security/AuthenticationRequestFilter.php b/src/Security/AuthenticationMiddleware.php similarity index 57% rename from src/Security/AuthenticationRequestFilter.php rename to src/Security/AuthenticationMiddleware.php index c276e8174..bb427ea2d 100644 --- a/src/Security/AuthenticationRequestFilter.php +++ b/src/Security/AuthenticationMiddleware.php @@ -5,11 +5,11 @@ namespace SilverStripe\Security; use SilverStripe\Control\HTTPRequest; use SilverStripe\Control\HTTPResponse; use SilverStripe\Control\HTTPResponse_Exception; -use SilverStripe\Control\RequestFilter; +use SilverStripe\Control\HTTPMiddleware; use SilverStripe\Core\Config\Configurable; use SilverStripe\ORM\ValidationException; -class AuthenticationRequestFilter implements RequestFilter +class AuthenticationMiddleware implements HTTPMiddleware { use Configurable; @@ -43,32 +43,21 @@ class AuthenticationRequestFilter implements RequestFilter * @return bool|void * @throws HTTPResponse_Exception */ - public function preRequest(HTTPRequest $request) + public function process(HTTPRequest $request, callable $delegate) { - if (!Security::database_is_ready()) { - return; + if (Security::database_is_ready()) { + try { + $this + ->getAuthenticationHandler() + ->authenticateRequest($request); + } catch (ValidationException $e) { + return new HTTPResponse( + "Bad log-in details: " . $e->getMessage(), + 400 + ); + } } - try { - $this - ->getAuthenticationHandler() - ->authenticateRequest($request); - } catch (ValidationException $e) { - throw new HTTPResponse_Exception( - "Bad log-in details: " . $e->getMessage(), - 400 - ); - } + return $delegate($request); } - - /** - * No-op - * - * @param HTTPRequest $request - * @param HTTPResponse $response - * @return bool|void - */ - public function postRequest(HTTPRequest $request, HTTPResponse $response) - { } -} diff --git a/src/Security/Member.php b/src/Security/Member.php index ac778ecba..30cac32d6 100644 --- a/src/Security/Member.php +++ b/src/Security/Member.php @@ -415,7 +415,7 @@ class Member extends DataObject */ public function beforeMemberLoggedIn() { - // @todo Move to middleware on the AuthenticationRequestFilter IdentityStore + // @todo Move to middleware on the AuthenticationMiddleware IdentityStore $this->extend('beforeMemberLoggedIn'); }