BookStack Code Mirror - bookstack/blob - app/Http/Middleware/AuthenticatedOrPendingMfa.php

   1 <?php
   2
   3 namespace BookStack\Http\Middleware;
   4
   5 use BookStack\Access\LoginService;
   6 use BookStack\Access\Mfa\MfaSession;
   7 use Closure;
   8
   9 class AuthenticatedOrPendingMfa
  10 {
  11     protected $loginService;
  12     protected $mfaSession;
  13
  14     public function __construct(LoginService $loginService, MfaSession $mfaSession)
  15     {
  16         $this->loginService = $loginService;
  17         $this->mfaSession = $mfaSession;
  18     }
  19
  20     /**
  21      * Handle an incoming request.
  22      *
  23      * @param \Illuminate\Http\Request $request
  24      * @param \Closure                 $next
  25      *
  26      * @return mixed
  27      */
  28     public function handle($request, Closure $next)
  29     {
  30         $user = auth()->user();
  31         $loggedIn = $user !== null;
  32         $lastAttemptUser = $this->loginService->getLastLoginAttemptUser();
  33
  34         if ($loggedIn || ($lastAttemptUser && $this->mfaSession->isPendingMfaSetup($lastAttemptUser))) {
  35             return $next($request);
  36         }
  37
  38         return redirect()->to(url('/login'));
  39     }
  40 }