2019-05-20 07:37:41 +02:00
|
|
|
<?php
|
|
|
|
|
|
|
|
|
|
namespace App\Http\Middleware;
|
|
|
|
|
|
2024-07-03 11:14:49 +02:00
|
|
|
use App\Events\VisitedByProxyUser;
|
2019-05-20 07:37:41 +02:00
|
|
|
use Illuminate\Auth\Middleware\Authenticate as Middleware;
|
2024-07-03 11:14:49 +02:00
|
|
|
use Illuminate\Support\Carbon;
|
2023-02-25 21:12:10 +01:00
|
|
|
use Illuminate\Support\Facades\App;
|
2024-07-03 11:14:49 +02:00
|
|
|
use Illuminate\Support\Facades\Auth;
|
2019-05-20 07:37:41 +02:00
|
|
|
|
|
|
|
|
class Authenticate extends Middleware
|
|
|
|
|
{
|
2022-03-24 14:58:30 +01:00
|
|
|
/**
|
|
|
|
|
* Determine if the user is logged in to any of the given guards.
|
|
|
|
|
*
|
|
|
|
|
* @param \Illuminate\Http\Request $request
|
|
|
|
|
* @return void
|
|
|
|
|
*
|
|
|
|
|
* @throws \Illuminate\Auth\AuthenticationException
|
|
|
|
|
*/
|
|
|
|
|
protected function authenticate($request, array $guards)
|
|
|
|
|
{
|
2024-07-03 11:14:49 +02:00
|
|
|
$proxyGuard = 'reverse-proxy-guard';
|
|
|
|
|
|
2022-03-24 14:58:30 +01:00
|
|
|
if (empty($guards)) {
|
|
|
|
|
// Will retreive the default guard
|
|
|
|
|
$guards = [null];
|
2022-11-22 15:15:52 +01:00
|
|
|
} else {
|
2024-09-20 10:50:25 +02:00
|
|
|
// If reverse proxy is defined as the default guard, we force the
|
|
|
|
|
// authentication against this only guard.
|
2022-05-19 15:50:06 +02:00
|
|
|
if (config('auth.defaults.guard') === $proxyGuard) {
|
|
|
|
|
$guards = [$proxyGuard];
|
2022-03-24 14:58:30 +01:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
foreach ($guards as $guard) {
|
|
|
|
|
if ($this->auth->guard($guard)->check()) {
|
2022-09-07 17:54:27 +02:00
|
|
|
$this->auth->shouldUse($guard);
|
2022-11-22 15:15:52 +01:00
|
|
|
|
2023-02-17 17:12:53 +01:00
|
|
|
// We now have an authenticated user so we override the locale already set
|
|
|
|
|
// by the SetLanguage global middleware
|
2024-07-03 11:14:49 +02:00
|
|
|
$user = $this->auth->guard()->user();
|
|
|
|
|
$lang = $user->preferences['lang'];
|
2023-02-17 17:12:53 +01:00
|
|
|
|
2023-03-15 11:46:37 +01:00
|
|
|
if (in_array($lang, config('2fauth.locales')) && ! App::isLocale($lang)) {
|
2023-02-17 17:12:53 +01:00
|
|
|
App::setLocale($lang);
|
|
|
|
|
}
|
|
|
|
|
|
2024-07-03 11:14:49 +02:00
|
|
|
// Unlike the SessionGuard, the reverse-proxy-guard does not implement an attempt()
|
|
|
|
|
// method when it comes to log the user in. So auth events (Login, FailedLogin, etc..) are not
|
|
|
|
|
// fired by the guard, they are not even relevant.
|
|
|
|
|
// So when using the reverse-proxy-guard, we fire a VisitedByProxyUser event from here, but only
|
|
|
|
|
// if the user last request is older than 15 minutes to avoid too many dispatchs
|
|
|
|
|
if ($guard === $proxyGuard && (! $user->last_seen_at || Carbon::parse($user->last_seen_at) < Carbon::now()->subMinutes(15))) {
|
|
|
|
|
event(new VisitedByProxyUser($user));
|
|
|
|
|
}
|
|
|
|
|
|
2022-09-07 17:54:27 +02:00
|
|
|
return;
|
2022-03-24 14:58:30 +01:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$this->unauthenticated($request, $guards);
|
|
|
|
|
}
|
2022-11-22 15:15:52 +01:00
|
|
|
}
|
