public function __invoke($request, $response, $next)
{
$token = Token::where('token', $_SESSION['login_token'])->first();
$user = User::where('id', $token->user_id)->first();
if ($user->permission_level !== 'Administrator') {
header('Location: /');
exit;
}
// Pass in the Routes Response body.
$response = $next($request, $response);
return $response;
}
public function __invoke($request, $response, $next)
{
$token = Token::validateToken($_SESSION['login_token']);
if ($token === false || is_null($token)) {
header('Location: /login');
exit;
}
$token = Token::where('token', $_SESSION['login_token'])->first();
// Pass in the Routes Response body.
$response = $next($request, $response);
return $response;
}
<?php
use GalacticBank\Classes\AuthMiddleware;
use GalacticBank\Models\User;
use GalacticBank\Models\Token;
use GalacticBank\Models\Character;
use GalacticBank\Models\BalanceRequest;
$app->get('/character', function ($request, $response, $args) {
$token = Token::where('token', $_SESSION['login_token'])->first();
$user = User::where('id', $token->user_id)->first();
$characters = Character::where('user_id', $user->id)->get();
return $this->view->render($response, 'character.php', ['characters' => $characters]);
})->add(new AuthMiddleware());
/**
* Validates an existing token in the database.
*
* @param String $token
* @return boolean
*/
public static function validateToken($token)
{
$record = Token::where('token', $token)->first();
return !is_null($record) && $record->active == 'Yes';
}
