/** * Handle an incoming request. * * @param Request $request * @param \Closure $next * @return Response */ public function handle(Request $request, Closure $next) : Response { $result = $this->_sentinel->authenticateFromRequest($request); if ($result instanceof User) { $this->_setUser($result); } if (!$this->_isAllowed($request->param('action'))) { if (!$this->isAuthenticated()) { Session::getInstance()->set("Auth/redirect", $request->url); if ($request->is('ajax')) { $response = new Response(); $response->statusCode(401); return $response; } else { return Response::redirect(Configuration::getInstance()->get("Auth/loginUrl", "/")); } } if (!$this->_sentinel->isAuthorized($result, $request)) { if ($request->is('ajax')) { $response = new Response(); $response->statusCode(403); return $response; } else { return Response::redirect($request->referer()); } } } return $next($request); }
/** * Create a response thats redirects to given $url. * * @param string $url A string or array-based URL pointing to another location within the app, * or an absolute URL * @param int $statusCode HTTP status code (eg: 301) * @return Response */ public static function redirect(string $url, int $statusCode = 302) { $response = new Response(); $response->statusCode($statusCode); if (strpos($url, '#') !== false) { $url = Router::getInstance()->url(substr($url, 1)); } if (!$response->location()) { $response->location($url); } return $response; }
public function processError($request, $exception) { $response = new Response(); $viewVars = ["exception" => $exception]; $code = 500; $errorCode = $exception->getCode(); if ($errorCode >= 400 && $errorCode < 506) { $code = $errorCode; } $response->statusCode($code); $viewVars["code"] = $code; if (method_exists($exception, 'responseHeader')) { $response->header($exception->responseHeader()); } if ($request) { $viewVars["url"] = $request->url(); } $isDebug = Configuration::getInstance()->get("debug"); if ($isDebug) { $viewVars['trace'] = Debugger::formatTrace($exception->getTrace(), ['format' => 'array', 'args' => false]); } $message = $exception->getMessage(); $isHttpException = $exception instanceof HttpException; if (!$isDebug && !$isHttpException) { if ($code < 500) { $message = \CoreTyson\tr('cake', 'Not Found'); } else { $message = \CoreTyson\tr('cake', 'An Internal Error Has Occurred.'); } } $viewVars["message"] = $message; $template = "error" . $code; if (!$isDebug && !$isHttpException) { $template = 'error500'; if ($code < 500) { $template = 'error400'; } } if ($isHttpException) { $template = 'error500'; if ($code < 500) { $template = 'error400'; } } if ($exception instanceof PDOException) { $template = 'pdo_error'; } try { $view = new View(); $response->body($view->render("Error/" . $template)); } catch (MissingTemplateException $e) { return $this->_outputMessageSafe('error500'); } catch (MissingPluginException $e) { $attributes = $e->getAttributes(); if (isset($attributes['plugin']) && $attributes['plugin'] === $this->controller->plugin) { $this->controller->plugin = null; } return $this->_outputMessageSafe('error500'); } catch (Exception $e) { return $this->_outputMessageSafe('error500'); } }