/**
  * Replace standard admin login form with HTTP Basic authentication
  *
  * @param AbstractAction $subject
  * @param callable $proceed
  * @param RequestInterface $request
  * @return ResponseInterface
  * @SuppressWarnings(PHPMD.UnusedFormalParameter)
  * @SuppressWarnings(PHPMD.CyclomaticComplexity)
  * @SuppressWarnings(PHPMD.NPathComplexity)
  */
 public function aroundDispatch(AbstractAction $subject, \Closure $proceed, RequestInterface $request)
 {
     $resource = isset($this->aclResources[$request->getControllerName()]) ? isset($this->aclResources[$request->getControllerName()][$request->getActionName()]) ? $this->aclResources[$request->getControllerName()][$request->getActionName()] : $this->aclResources[$request->getControllerName()] : null;
     $type = $request->getParam('type');
     $resourceType = isset($this->aclResources[$type]) ? $this->aclResources[$type] : null;
     if (!$resource || !$resourceType) {
         return parent::aroundDispatch($subject, $proceed, $request);
     }
     $session = $this->_auth->getAuthStorage();
     // Try to login using HTTP-authentication
     if (!$session->isLoggedIn()) {
         list($login, $password) = $this->httpAuthentication->getCredentials();
         try {
             $this->_auth->login($login, $password);
         } catch (AuthenticationException $e) {
             $this->logger->critical($e);
         }
     }
     // Verify if logged in and authorized
     if (!$session->isLoggedIn() || !$this->authorization->isAllowed($resource) || !$this->authorization->isAllowed($resourceType)) {
         $this->httpAuthentication->setAuthenticationFailed('RSS Feeds');
         return $this->_response;
     }
     return parent::aroundDispatch($subject, $proceed, $request);
 }
Exemple #2
0
 /**
  * @return bool
  */
 protected function auth()
 {
     if (!$this->customerSession->isLoggedIn()) {
         list($login, $password) = $this->httpAuthentication->getCredentials();
         try {
             $customer = $this->customerAccountManagement->authenticate($login, $password);
             $this->customerSession->setCustomerDataAsLoggedIn($customer);
             $this->customerSession->regenerateId();
         } catch (\Exception $e) {
             $this->logger->critical($e);
         }
     }
     if (!$this->customerSession->isLoggedIn()) {
         $this->httpAuthentication->setAuthenticationFailed('RSS Feeds');
         return false;
     }
     return true;
 }