Esempio n. 1
0
 function __invoke($req, $res, $next)
 {
     $apip = apip::getInstance();
     $userId = utils::getRequestHeader($req, 'AliceSPA-UserID');
     $webToken = utils::getRequestHeader($req, 'AliceSPA-WebToken');
     $userId = empty($userId) ? null : $userId[0];
     $webToken = empty($webToken) ? null : $webToken[0];
     if ($userId === null || $webToken === null) {
         $apip->pushError(3);
         return $res;
     }
     $r = utils::disposeAPIException(function () use($userId, $webToken) {
         return authService::getInstance()->authenticateByWebToken($userId, $webToken);
     }, [1 => ['dispel' => 3, 'dispelPushError' => false]]);
     if ($r === false) {
         $apip->pushError(3);
         return $res;
     }
     $roles = $req->getAttribute('route')->getArgument('AliceSPA_Roles');
     $r = authService::getInstance()->checkRoles($roles);
     if ($r === false) {
         $apip->pushError(5);
         return $res;
     }
     return $next($req, $res);
 }
Esempio n. 2
0
        $roles = null;
        if ($this->isLoggedIn()) {
            $db = db::getInstance();
            $roles = $db->select('aspa_role', 'role_names', ['user_id' => $this->userInfo['id']]);
            if (!empty($roles)) {
                $roles = $roles[0];
                $roles = json_decode($roles, true);
                if (!in_array('visitor', $roles)) {
                    $roles[] = 'visitor';
                }
                if (!in_array('user', $roles)) {
                    $roles[] = 'user';
                }
            } else {
                $roles = ['visitor', 'user'];
            }
        } else {
            $roles = ['visitor'];
        }
        if (in_array('admin', $roles)) {
            //Admin can access every where.
            return true;
        }
        $r = count(array_intersect($routeRoles, $roles)) >= 1;
        //If user has any one of roles required;
        return $r;
    }
}
$container['auth'] = function () {
    return \AliceSPA\Service\Authentication::getInstance();
};