my-portfolio/src/api/middleware.php

92 lines
2.5 KiB
PHP
Raw Normal View History

<?php
// middleware
namespace api;
use Slim\App;
use Selective\SameSiteCookie\SameSiteCookieConfiguration;
use Selective\SameSiteCookie\SameSiteCookieMiddleware;
use Tuupola\Middleware\JwtAuthentication;
use Tuupola\Middleware\JwtAuthentication\RequestMethodRule;
use Tuupola\Middleware\JwtAuthentication\RequestPathRule;
/**
* Middleware
* Define all middleware functions
*/
class middleware
{
/**
* Constructor for middleware
* @param App $app - Slim App
*/
function __construct(App $app)
{
$this->baseMiddleware($app);
$this->sameSiteConfig($app);
$this->jwtAuth($app);
$this->returnAsJSON($app);
}
/**
* Base middleware
* @param App $app - Slim App
*/
function baseMiddleware(App $app): void
{
$app->addBodyParsingMiddleware();
$app->addRoutingMiddleware();
}
/**
* SameSite Cookie Configuration
* @param App $app - Slim App
*/
function sameSiteConfig(App $app): void
{
$ssConfig = new SameSiteCookieConfiguration(["same_site" => "strict"]);
$app->add(new SameSiteCookieMiddleware($ssConfig));
}
/**
* Return all responses as JSON
* @param App $app - Slim App
*/
function returnAsJSON(App $app): void
{
$app->add(function ($request, $handler)
{
$response = $handler->handle($request);
return $response->withHeader("Content-Type", "application/json");
});
}
/**
* JWT Authentication
* @param App $app - Slim App
*/
function jwtAuth(App $app): void
{
$jwtSecret = getSecretKey();
$app->add(new JwtAuthentication([
"rules" => [
new RequestPathRule([
"path" => ["/api/projectData", "/api/timeline/[a-z]*", "/api/user/testMethod"],
"ignore" => ["/api/contact", "/api/user/login", "/api/user/changePassword"]
]),
new RequestMethodRule([
"ignore" => ["OPTIONS", "GET"]
])
],
"secret" => $jwtSecret,
"error" => function ($response)
{
session_destroy();
$response->getBody()->write(json_encode(array("status" => "401", "message" =>
"Unauthorized, please provide a valid token")));
return $response->withStatus(401);
}
]));
$app->addErrorMiddleware(true, true, true);
}
}