/** * Replace standard admin login form with HTTP Basic authentication * * @param AbstractAction $subject * @param callable $proceed * @param RequestInterface $request * @return ResponseInterface * @SuppressWarnings(PHPMD.UnusedFormalParameter) * @SuppressWarnings(PHPMD.CyclomaticComplexity) * @SuppressWarnings(PHPMD.NPathComplexity) */ public function aroundDispatch(AbstractAction $subject, \Closure $proceed, RequestInterface $request) { $resource = isset($this->aclResources[$request->getControllerName()]) ? isset($this->aclResources[$request->getControllerName()][$request->getActionName()]) ? $this->aclResources[$request->getControllerName()][$request->getActionName()] : $this->aclResources[$request->getControllerName()] : null; $type = $request->getParam('type'); $resourceType = isset($this->aclResources[$type]) ? $this->aclResources[$type] : null; if (!$resource || !$resourceType) { return parent::aroundDispatch($subject, $proceed, $request); } $session = $this->_auth->getAuthStorage(); // Try to login using HTTP-authentication if (!$session->isLoggedIn()) { list($login, $password) = $this->httpAuthentication->getCredentials(); try { $this->_auth->login($login, $password); } catch (AuthenticationException $e) { $this->logger->critical($e); } } // Verify if logged in and authorized if (!$session->isLoggedIn() || !$this->authorization->isAllowed($resource) || !$this->authorization->isAllowed($resourceType)) { $this->httpAuthentication->setAuthenticationFailed('RSS Feeds'); return $this->_response; } return parent::aroundDispatch($subject, $proceed, $request); }
/** * @return bool */ protected function auth() { if (!$this->customerSession->isLoggedIn()) { list($login, $password) = $this->httpAuthentication->getCredentials(); try { $customer = $this->customerAccountManagement->authenticate($login, $password); $this->customerSession->setCustomerDataAsLoggedIn($customer); $this->customerSession->regenerateId(); } catch (\Exception $e) { $this->logger->critical($e); } } if (!$this->customerSession->isLoggedIn()) { $this->httpAuthentication->setAuthenticationFailed('RSS Feeds'); return false; } return true; }