rest-api-v6/src/Domain/Infrastructure/Middleware/ValidateTokenUserMiddleware.php at 1.x · phalcon/rest-api-v6 · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
<?php

/**
 * This file is part of the Phalcon API.
 *
 * (c) Phalcon Team <team@phalcon.io>
 *
 * For the full copyright and license information, please view
 * the LICENSE file that was distributed with this source code.
 */

declare(strict_types=1);

namespace Phalcon\Api\Domain\Infrastructure\Middleware;

use Phalcon\Api\Domain\Infrastructure\DataSource\User\Repository\UserRepository;
use Phalcon\Api\Domain\Infrastructure\DataSource\User\Repository\UserRepositoryInterface;
use Phalcon\Api\Domain\Infrastructure\Encryption\TokenManager;
use Phalcon\Api\Domain\Infrastructure\Encryption\TokenManagerInterface;
use Phalcon\Api\Domain\Infrastructure\Enums\Http\HttpCodesEnum;
use Phalcon\Encryption\Security\JWT\Token\Token;
use Phalcon\Events\Exception as EventsException;
use Phalcon\Http\Response\Exception;
use Phalcon\Mvc\Micro;
use Phalcon\Support\Registry;

/**
 */
final class ValidateTokenUserMiddleware extends AbstractMiddleware
{
    /**
     * @param Micro $application
     *
     * @return bool
     * @throws EventsException
     * @throws Exception
     */
    public function call(Micro $application): bool
    {
        /** @var UserRepositoryInterface $repository */
        $repository = $application->getSharedService(UserRepository::class);
        /** @var Registry $registry */
        $registry = $application->getSharedService(Registry::class);
        /** @var TokenManagerInterface $tokenManager */
        $tokenManager = $application->getSharedService(TokenManager::class);

        /**
         * Get the token object
         */
        /** @var Token $tokenObject */
        $tokenObject = $registry->get('token');
        $domainUser  = $tokenManager->getUser($repository, $tokenObject);

        if (null === $domainUser) {
            $this->halt(
                $application,
                HttpCodesEnum::Unauthorized->value,
                HttpCodesEnum::Unauthorized->text(),
                [],
                [HttpCodesEnum::AppTokenInvalidUser->error()]
            );

            return false;
        }

        /**
         * If we are here everything is fine and we need to keep the user
         * as a "session" user in the registry
         */
        $registry->set('user', $domainUser);

        return true;
    }
}