1 | <?php |
||
2 | /** |
||
3 | * @link https://www.yiiframework.com/ |
||
4 | * @copyright Copyright (c) 2008 Yii Software LLC |
||
5 | * @license https://www.yiiframework.com/license/ |
||
6 | */ |
||
7 | |||
8 | namespace yii\filters\auth; |
||
9 | |||
10 | use Yii; |
||
11 | use yii\base\Action; |
||
12 | use yii\base\ActionFilter; |
||
13 | use yii\helpers\StringHelper; |
||
14 | use yii\web\Request; |
||
15 | use yii\web\Response; |
||
16 | use yii\web\UnauthorizedHttpException; |
||
17 | use yii\web\User; |
||
18 | |||
19 | /** |
||
20 | * AuthMethod is a base class implementing the [[AuthInterface]] interface. |
||
21 | * |
||
22 | * @author Qiang Xue <[email protected]> |
||
23 | * @since 2.0 |
||
24 | */ |
||
25 | abstract class AuthMethod extends ActionFilter implements AuthInterface |
||
26 | { |
||
27 | /** |
||
28 | * @var User|null the user object representing the user authentication status. If not set, the `user` application component will be used. |
||
29 | */ |
||
30 | public $user; |
||
31 | /** |
||
32 | * @var Request|null the current request. If not set, the `request` application component will be used. |
||
33 | */ |
||
34 | public $request; |
||
35 | /** |
||
36 | * @var Response|null the response to be sent. If not set, the `response` application component will be used. |
||
37 | */ |
||
38 | public $response; |
||
39 | /** |
||
40 | * @var array list of action IDs that this filter will be applied to, but auth failure will not lead to error. |
||
41 | * It may be used for actions, that are allowed for public, but return some additional data for authenticated users. |
||
42 | * Defaults to empty, meaning authentication is not optional for any action. |
||
43 | * Since version 2.0.10 action IDs can be specified as wildcards, e.g. `site/*`. |
||
44 | * @see isOptional() |
||
45 | * @since 2.0.7 |
||
46 | */ |
||
47 | public $optional = []; |
||
48 | |||
49 | |||
50 | /** |
||
51 | * {@inheritdoc} |
||
52 | */ |
||
53 | 75 | public function beforeAction($action) |
|
54 | { |
||
55 | 75 | $response = $this->response ?: Yii::$app->getResponse(); |
|
56 | |||
57 | try { |
||
58 | 75 | $identity = $this->authenticate( |
|
59 | 75 | $this->user ?: Yii::$app->getUser(), |
|
0 ignored issues
–
show
Bug
introduced
by
Loading history...
|
|||
60 | 75 | $this->request ?: Yii::$app->getRequest(), |
|
61 | $response |
||
62 | ); |
||
63 | 20 | } catch (UnauthorizedHttpException $e) { |
|
64 | 20 | if ($this->isOptional($action)) { |
|
65 | 17 | return true; |
|
66 | } |
||
67 | |||
68 | 20 | throw $e; |
|
69 | } |
||
70 | |||
71 | 55 | if ($identity !== null || $this->isOptional($action)) { |
|
72 | 52 | return true; |
|
73 | } |
||
74 | |||
75 | 9 | $this->challenge($response); |
|
76 | 9 | $this->handleFailure($response); |
|
77 | |||
78 | return false; |
||
79 | } |
||
80 | |||
81 | /** |
||
82 | * {@inheritdoc} |
||
83 | */ |
||
84 | 11 | public function challenge($response) |
|
85 | { |
||
86 | 11 | } |
|
87 | |||
88 | /** |
||
89 | * {@inheritdoc} |
||
90 | */ |
||
91 | 29 | public function handleFailure($response) |
|
92 | { |
||
93 | 29 | throw new UnauthorizedHttpException('Your request was made with invalid credentials.'); |
|
94 | } |
||
95 | |||
96 | /** |
||
97 | * Checks, whether authentication is optional for the given action. |
||
98 | * |
||
99 | * @param Action $action action to be checked. |
||
100 | * @return bool whether authentication is optional or not. |
||
101 | * @see optional |
||
102 | * @since 2.0.7 |
||
103 | */ |
||
104 | 31 | protected function isOptional($action) |
|
105 | { |
||
106 | 31 | $id = $this->getActionId($action); |
|
107 | 31 | foreach ($this->optional as $pattern) { |
|
108 | 24 | if (StringHelper::matchWildcard($pattern, $id)) { |
|
109 | 24 | return true; |
|
110 | } |
||
111 | } |
||
112 | |||
113 | 30 | return false; |
|
114 | } |
||
115 | } |
||
116 |