|
<?php |
|
|
|
namespace Kanboard\Middleware; |
|
|
|
use Kanboard\Core\Controller\BaseMiddleware; |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
class PostAuthenticationMiddleware extends BaseMiddleware |
|
{ |
|
|
|
|
|
|
|
public function execute() |
|
{ |
|
$controller = strtolower($this->router->getController()); |
|
$action = strtolower($this->router->getAction()); |
|
$ignore = ($controller === 'twofactorcontroller' && in_array($action, array('code', 'check'))) || ($controller === 'authcontroller' && $action === 'logout'); |
|
|
|
if ($ignore === false && $this->userSession->hasPostAuthentication() && ! $this->userSession->isPostAuthenticationValidated()) { |
|
$this->nextMiddleware = null; |
|
|
|
if ($this->request->isAjax()) { |
|
$this->response->text('Not Authorized', 401); |
|
} else { |
|
$this->response->redirect($this->helper->url->to('TwoFactorController', 'code')); |
|
} |
|
} |
|
|
|
$this->next(); |
|
} |
|
} |
|
|
