2018-11-11 16:02:50 +00:00
|
|
|
<?php
|
|
|
|
|
|
|
|
|
|
namespace App\Middleware;
|
|
|
|
|
|
2019-11-12 23:13:23 +00:00
|
|
|
use Psr\Http\Message\ResponseInterface;
|
|
|
|
|
use Psr\Http\Message\ServerRequestInterface as Request;
|
|
|
|
|
use Psr\Http\Server\RequestHandlerInterface as RequestHandler;
|
|
|
|
|
use Slim\Exception\HttpUnauthorizedException;
|
2018-11-11 16:02:50 +00:00
|
|
|
|
2019-01-10 22:22:19 +00:00
|
|
|
class AdminMiddleware extends Middleware
|
2018-11-11 16:02:50 +00:00
|
|
|
{
|
2019-11-12 23:13:23 +00:00
|
|
|
/**
|
2019-11-20 17:49:31 +00:00
|
|
|
* @param Request $request
|
|
|
|
|
* @param RequestHandler $handler
|
|
|
|
|
*
|
2019-11-12 23:13:23 +00:00
|
|
|
* @throws HttpUnauthorizedException
|
2019-11-20 17:49:31 +00:00
|
|
|
*
|
2023-01-16 20:03:36 +00:00
|
|
|
* @return ResponseInterface
|
2019-11-12 23:13:23 +00:00
|
|
|
*/
|
|
|
|
|
public function __invoke(Request $request, RequestHandler $handler): ResponseInterface
|
2019-11-20 17:49:31 +00:00
|
|
|
{
|
2019-11-21 17:00:47 +00:00
|
|
|
if (!$this->database->query('SELECT `id`, `is_admin` FROM `users` WHERE `id` = ? LIMIT 1', [$this->session->get('user_id')])->fetch()->is_admin) {
|
2019-11-20 17:49:31 +00:00
|
|
|
$this->session->set('admin', false);
|
2018-11-11 16:02:50 +00:00
|
|
|
|
2019-11-20 17:49:31 +00:00
|
|
|
throw new HttpUnauthorizedException($request);
|
|
|
|
|
}
|
2018-11-11 16:02:50 +00:00
|
|
|
|
2019-11-20 17:49:31 +00:00
|
|
|
return $handler->handle($request);
|
|
|
|
|
}
|
|
|
|
|
}
|
