/**
* Execute the middleware.
*
* @param \Slim\Http\Request $req
* @param \Slim\Http\Response $res
* @param callable $next
* @return \Slim\Http\Response
*/
public function __invoke(Request $req, Response $res, callable $next)
{
$uri = $req->getUri();
$path = $this->filterTrailingSlash($uri);
if ($uri->getPath() !== $path) {
return $res->withStatus(301)->withHeader('Location', $path)->withBody($req->getBody());
}
// if ($this->filterBaseurl($uri)) {
// return $res->withStatus(301)
// ->withHeader('Location', (string) $uri)
// ->withBody($req->getBody());
// }
$server = $req->getServerParams();
if (!isset($server['REQUEST_TIME_FLOAT'])) {
$server['REQUEST_TIME_FLOAT'] = microtime(true);
}
$uri = $uri->withPath($path);
$req = $this->filterRequestMethod($req->withUri($uri));
$res = $next($req, $res);
$res = $this->filterPrivateRoutes($uri, $res);
// Only provide response calculation time in non-production env, tho.
if ($this->settings['mode'] !== 'production') {
$time = (microtime(true) - $server['REQUEST_TIME_FLOAT']) * 1000;
$res = $res->withHeader('X-Response-Time', sprintf('%2.3fms', $time));
}
return $res;
}
/**
* Execute the middleware.
*
* @param Request $request
* @param Response $response
* @param callable $next
*
* @return Response
*/
public function __invoke(Request $request, Response $response, callable $next)
{
$server = $request->getServerParams();
$requestTime = $server['REQUEST_TIME_FLOAT'] ?? microtime(true);
// Call next middleware
$response = $next($request, $response);
$executionTime = microtime(true) - $requestTime;
return $response->withHeader(self::HEADER, sprintf('%.3f', $executionTime));
}
/**
* @param \Slim\Http\Request $request
* @return bool|int
*/
private function getOwnerId(Request $request)
{
// Simply grab it from session, if available :P
if ($this->session->has('user_id')) {
return (int) $this->session->get('user_id');
}
// Or use HTTP Basic Auth.
$serverParams = $request->getServerParams();
$username = isset($serverParams['PHP_AUTH_USER']) ? $serverParams['PHP_AUTH_USER'] : '';
$password = isset($serverParams['PHP_AUTH_PW']) ? $serverParams['PHP_AUTH_PW'] : '';
if (isset($serverParams['HTTP_AUTHORIZATION'])) {
if (preg_match("/Basic\\s+(.*)\$/i", $serverParams['HTTP_AUTHORIZATION'], $matches)) {
list($username, $password) = explode(':', base64_decode($matches[1]));
}
}
$users = $this->data(Models\Users::class);
$user = $users->get([$users->primary(), 'password', 'username'], ['username' => $username])->fetch();
$salt = $this->settings->get('salt_pwd');
// TODO: We need better password hashing :sweat_smile:
if ($user['password'] === md5($salt . $password)) {
$userId = (int) $user[$users->primary()];
$this->session->set('user_id', $userId);
$this->session->set('username', $user['username']);
return $userId;
}
return false;
}
