Bristol SU Support Package
CheckDatabaseUserOwnsControlUser.php
Go to the documentation of this file.
1 <?php
2 
3 namespace BristolSU\Support\Authorization\Middleware;
4 
5 use BristolSU\Support\Authentication\Contracts\Authentication;
6 use BristolSU\Support\Authorization\Exception\IncorrectLogin;
7 use BristolSU\Support\User\Contracts\UserAuthentication;
8 use Closure;
9 use Illuminate\Auth\AuthenticationException;
10 use Illuminate\Http\Request;
11 use Illuminate\Validation\UnauthorizedException;
12 
16 class CheckDatabaseUserOwnsControlUser
17 {
18 
24  private $userAuthentication;
25 
31  private $authentication;
32 
39  public function __construct(UserAuthentication $userAuthentication, Authentication $authentication)
40  {
41  $this->userAuthentication = $userAuthentication;
42  $this->authentication = $authentication;
43  }
44 
53  public function handle(Request $request, \Closure $next)
54  {
55  if ($this->hasUsers() && !$this->usersAreEqual()) {
56  throw new IncorrectLogin('Logged into incorrect user');
57  }
58 
59  return $next($request);
60  }
61 
67  private function hasUsers(): bool
68  {
69  return $this->userAuthentication->getUser() !== null && $this->authentication->getUser() !== null;
70  }
71 
72  private function usersAreEqual(): bool
73  {
74  return $this->userAuthentication->getUser()->controlUser()->id() === $this->authentication->getUser()->id();
75  }
76 }
BristolSU\Support\Authorization\Middleware\CheckDatabaseUserOwnsControlUser\__construct
__construct(UserAuthentication $userAuthentication, Authentication $authentication)
Definition: CheckDatabaseUserOwnsControlUser.php:39
Generated by   doxygen 1.8.13