/**
* Basic auth process
*
* @param Context $context
* @param callable $chain
* @return Context
*
* @throws AccessDeniedException
*/
public function handle(Context $context, callable $chain = null)
{
// define access report
$context->access = new Firewall\Access(true, 0, 0);
// access control needed
$context->access->level = $context->invokable->annotation('access');
if ($context->access->level and !Auth::rank($context->access->level)) {
$context->access->granted = false;
throw new AccessDeniedException();
}
// update context
$context->access->auth = Auth::valid();
$context->access->user = Auth::user();
return $chain($context);
}
/**
* Log out user
*
* @param Context $ctx
* @return Response\Redirect
*/
public function logout(Context $ctx)
{
Auth::logout();
$ctx->logger->info($ctx->user->username . ' logs out');
return Response::redirect('/login');
}
<?php
/**
* PHP Settings
*/
ini_set('display_errors', 1);
ini_set('display_startup_errors', 1);
error_reporting(E_ALL & ~E_NOTICE);
require 'instance.php';
/**
* Authentication setup
*/
use Colorium\Stateful\Auth;
use Pictobox\Model\User;
Auth::factory(function ($id) {
return User::one(['id' => $id]);
});
/**
* Debug mode
*/
use Colorium\Http;
$request = Http\Request::globals();
$request->local[] = '10.0.2.2';
if ($request->local()) {
$app->catch = false;
$handler = new Whoops\Handler\PrettyPageHandler();
$handler->addDataTableCallback('App Request', function () use($request) {
return (array) $request;
});
$whoops = new Whoops\Run();
$whoops->pushHandler($handler)->register();
<?php
/**
* Database setup
*/
use Colorium\Orm;
use App\Model\User;
$sqlite = new Orm\SQLite(__DIR__ . '/database.db', ['user' => User::class]);
Orm\Hub::source($sqlite);
/**
* Authentication setup
* Define user factory when login in
*/
use Colorium\Stateful\Auth;
Auth::factory(function ($ref) {
return User::one(['id' => $ref]);
});
/**
* Template setup
*/
use Colorium\Templating\Templater;
$templater = new Templater(__DIR__ . '/views/');
/**
* Router setup
*/
use Colorium\Routing\Router;
$router = new Router(['GET /login' => 'App\\Logic\\Users::login', 'POST /authenticate' => 'App\\Logic\\Users::authenticate', 'GET /logout' => 'App\\Logic\\Users::logout', 'GET /' => 'App\\Logic\\Home::page']);
/**
* App instance
*/
$app = new Colorium\App\Front($router, $templater);
/**
* Renew user session if still logged in
*/
protected function renewSession()
{
if (Auth::valid()) {
session_regenerate_id();
}
}
/**
* Check access
*
* @param Context $context
* @return Context
*
* @throws AccessDeniedException
*/
protected function guard(Context $context)
{
$this->logger->debug('kernel.guard: check user rank');
// 401
if ($context->logic->access and $context->logic->access > Auth::rank()) {
throw new AccessDeniedException('Access denied (#' . $context->logic->name . ': ' . $context->logic->access . ', user: '******')');
}
// set user
if (Auth::valid()) {
$context->user = Auth::user();
}
$this->logger->debug('kernel.guard: access granted (#' . $context->logic->name . ': ' . $context->logic->access . ', user: '******')');
return $context;
}
