public function __invoke(ServerRequestInterface $request, ResponseInterface $response, callable $next = null) { $registration = $this->service->registrationPath(); $logout = $this->service->logoutPath(); $login = $this->service->loginPath(); $base = $this->service->basePath(); $uri = $request->getUri(); $path = $uri->getPath(); if ($path === $logout) { $this->service->clearIdentity(); // including the user session return $this->redirectTo($uri->withPath($login)); } // Disallow to render the view (by default) if not authenticated if (!$this->service->hasIdentity()) { switch ($path) { case $login: return $next($request, $response); case $registration: return $next($request, $response); default: return $this->redirectTo($uri->withPath($login)); } } switch ($path) { case $login: return $this->redirectTo($uri->withPath($base)); case $registration: return $this->redirectTo($uri->withPath($base)); } return $next($request, $response); }