Using middleware for authentication
Permalink
I am developing a package of multiple single dashboard pages. The package requires some api information to be filled out prior to using it. Each time the package is accessed, I wish to verify that it is configured before displaying a given page. Can middleware be used? What about the package controller such as in on_start()? Or will I need to locate it in the individual page controllers? Thank you
Thanks John,
Need more than the standard.
I first tried to implement using on-start event handler in the package controller, but couldn't figure out how to redirect to from there.
Then I tried on_start() on an abstract parent class for the single page controllers which would redirect if not configured and not accessing the configuration page, but DashboardPageController::getControllerActionPath() returns the original path and not redirected path so I got an endless loop.
So, then I tried the same thing but with on_before_render, and it worked perfect.
While all works, if I should be doing differently, please advise.
Thanks
Need more than the standard.
I first tried to implement using on-start event handler in the package controller, but couldn't figure out how to redirect to from there.
Then I tried on_start() on an abstract parent class for the single page controllers which would redirect if not configured and not accessing the configuration page, but DashboardPageController::getControllerActionPath() returns the original path and not redirected path so I got an endless loop.
So, then I tried the same thing but with on_before_render, and it worked perfect.
While all works, if I should be doing differently, please advise.
Thanks
For the package controller, I suspect you were mixing up the on_start method with the on_start event handler.
In the on_start method, the page has not necessarily been resolved. In the event handler, it has.
In the on_start method, the page has not necessarily been resolved. In the event handler, it has.
Didn't even know about the event handler. I like it! Thanks
What you have bee doing with on_before_render sounds reasonable. The only reason for changing to use on_start is a small performance gain. If you are redirecting anyway, the earlier you catch it, the less un-necessary other processing gets done.
Thanks for the links. Add the event handler in the package controller's on_start method? But then I don't believe I have a method to retrieve the path.
Get the path from either the current page or from the request object.
Hissy has an example on github. He adds the middleware via the package on_start method.
https://gist.github.com/hissy/520e26197687e05241bba0b08e0c0726...
In the middle ware class you can implement the MiddlewareInterface.
https://gist.github.com/hissy/520e26197687e05241bba0b08e0c0726...
<?php namespace Concrete\Package\YourPackage; use Acme\Http\Middleware\YourMiddleware; use Concrete\Core\Http\ServerInterface; use Concrete\Core\Package\Package; class Controller extends Package { public function on_start() { /** @var ServerInterface $server */ $server = $this->app->make(ServerInterface::class); $server->addMiddleware($this->app->make(YourMiddleware::class)); } }
In the middle ware class you can implement the MiddlewareInterface.
<?php namespace MyNameSpace\Http\Middleware; use Concrete\Core\Http\Middleware\MiddlewareInterface; use Symfony\Component\HttpFoundation\Request; class AuthMiddleware implements MiddlewareInterface { public function process(Request $request, DelegateInterface $frame) { return $frame->next($request); } }
If not and/or more code is required, I would either:
- use an on-start event handler in the package controller and check for relevant pages (guessing they all share a common parent)
or
- use inheritance, so set up my own abstract parent class with the on_start() etc, then inherit from that for the other single page controllers.