/** * Method executed before each action * * @access public */ public function beforeAction($controller, $action) { // Start the session $this->session->open(BASE_URL_DIRECTORY, SESSION_SAVE_PATH); // HTTP secure headers $this->response->csp(); $this->response->nosniff(); $this->response->xss(); $this->response->hsts(); $this->response->xframe(); // Load translations $language = $this->config->get('language', 'en_US'); if ($language !== 'en_US') { \Translator\load($language); } // Set timezone date_default_timezone_set($this->config->get('timezone', 'UTC')); // Authentication if (!$this->acl->isLogged() && !$this->acl->isPublicAction($controller, $action)) { // Try the remember me authentication first if (!$this->rememberMe->authenticate()) { // Redirect to the login form if not authenticated $this->response->redirect('?controller=user&action=login'); } else { $this->lastLogin->create(\Model\LastLogin::AUTH_REMEMBER_ME, $this->acl->getUserId(), $this->user->getIpAddress(), $this->user->getUserAgent()); } } else { if ($this->rememberMe->hasCookie()) { $this->rememberMe->refresh(); } } // Check if the user is allowed to see this page if (!$this->acl->isPageAccessAllowed($controller, $action)) { $this->response->redirect('?controller=user&action=forbidden'); } // Attach events for automatic actions $this->action->attachEvents(); }