BookStack Code Mirror - bookstack/blob - app/Http/Middleware/AuthenticatedOrPendingMfa.php

   1 <?php
   2
   3 namespace BookStack\Http\Middleware;
   4
   5 use BookStack\Auth\Access\LoginService;
   6 use BookStack\Auth\Access\Mfa\MfaSession;
   7 use Closure;
   8
   9 class AuthenticatedOrPendingMfa
  10 {
  11
  12     protected $loginService;
  13     protected $mfaSession;
  14
  15     public function __construct(LoginService $loginService, MfaSession $mfaSession)
  16     {
  17         $this->loginService = $loginService;
  18         $this->mfaSession = $mfaSession;
  19     }
  20
  21
  22     /**
  23      * Handle an incoming request.
  24      *
  25      * @param  \Illuminate\Http\Request  $request
  26      * @param  \Closure  $next
  27      * @return mixed
  28      */
  29     public function handle($request, Closure $next)
  30     {
  31         $user = auth()->user();
  32         $loggedIn = $user !== null;
  33         $lastAttemptUser = $this->loginService->getLastLoginAttemptUser();
  34
  35         if ($loggedIn || ($lastAttemptUser && $this->mfaSession->isPendingMfaSetup($lastAttemptUser))) {
  36             return $next($request);
  37         }
  38
  39         return redirect()->to(url('/login'));
  40     }
  41 }