Code Coverage |
||||||||||
Lines |
Functions and Methods |
Classes and Traits |
||||||||
Total | |
100.00% |
26 / 26 |
|
100.00% |
3 / 3 |
CRAP | |
100.00% |
1 / 1 |
VerifyApieUser | |
100.00% |
26 / 26 |
|
100.00% |
3 / 3 |
11 | |
100.00% |
1 / 1 |
handle | |
100.00% |
12 / 12 |
|
100.00% |
1 / 1 |
4 | |||
supports | |
100.00% |
4 / 4 |
|
100.00% |
1 / 1 |
4 | |||
createResponse | |
100.00% |
10 / 10 |
|
100.00% |
1 / 1 |
3 |
1 | <?php |
2 | |
3 | namespace Apie\LaravelApie\Wrappers\Security; |
4 | |
5 | use Apie\Cms\Controllers\FormCommitController; |
6 | use Apie\Common\ValueObjects\DecryptedAuthenticatedUser; |
7 | use Apie\Core\Actions\ActionResponse; |
8 | use Apie\Core\Actions\ActionResponseStatus; |
9 | use Apie\Core\BoundedContext\BoundedContextId; |
10 | use Apie\Core\ContextConstants; |
11 | use Apie\Core\Entities\EntityInterface; |
12 | use Closure; |
13 | use Illuminate\Support\Facades\Auth; |
14 | use Psr\Http\Message\ResponseInterface; |
15 | use Psr\Http\Message\ServerRequestInterface; |
16 | use Symfony\Component\HttpFoundation\Request; |
17 | use Symfony\Component\HttpFoundation\Response; |
18 | |
19 | class VerifyApieUser extends FormCommitController |
20 | { |
21 | public function handle(Request $request, Closure $next): Response |
22 | { |
23 | $psrRequest = app(ServerRequestInterface::class); |
24 | $context = $this->contextBuilderFactory->createFromRequest($psrRequest); |
25 | $decryptedAuthenticatedUser = $context->getContext(DecryptedAuthenticatedUser::class, false); |
26 | if ($context->hasContext(ContextConstants::AUTHENTICATED_USER) |
27 | && $decryptedAuthenticatedUser instanceof DecryptedAuthenticatedUser) { |
28 | $userIdentifier = $decryptedAuthenticatedUser->toNative(); |
29 | $user = resolve(ApieUserProvider::class)->retrieveById($userIdentifier); |
30 | Auth::login($user); |
31 | } |
32 | |
33 | if (!$this->supports($psrRequest)) { |
34 | return $next($request); |
35 | } |
36 | $this->__invoke($psrRequest); |
37 | return $next($request); |
38 | } |
39 | |
40 | private function supports(ServerRequestInterface $request): bool |
41 | { |
42 | return $request->getAttribute('_is_apie', false) |
43 | && $request->getAttribute(ContextConstants::OPERATION_ID) |
44 | && str_starts_with($request->getAttribute(ContextConstants::OPERATION_ID), 'call-method-') |
45 | && 'verifyAuthentication' === $request->getAttribute(ContextConstants::METHOD_NAME); |
46 | } |
47 | |
48 | protected function createResponse(ServerRequestInterface $psrRequest, ActionResponse $actionResponse): ResponseInterface |
49 | { |
50 | if ($actionResponse->status === ActionResponseStatus::SUCCESS && $actionResponse->result instanceof EntityInterface) { |
51 | $decryptedUserId = DecryptedAuthenticatedUser::createFromEntity( |
52 | $actionResponse->result, |
53 | new BoundedContextId($psrRequest->getAttribute(ContextConstants::BOUNDED_CONTEXT_ID)), |
54 | time() + 3600 |
55 | ); |
56 | $userIdentifier = $decryptedUserId->toNative(); |
57 | $user = resolve(ApieUserProvider::class)->retrieveById($userIdentifier); |
58 | Auth::login($user); |
59 | } |
60 | return parent::createResponse($psrRequest, $actionResponse); |
61 | } |
62 | } |