Initial Version

core/lib/Http/Middleware/AuthenticationMiddleware.php

@@ -0,0 +1,38 @@
+<?php
+
+namespace KTXC\Http\Middleware;
+
+use KTXC\Http\Request\Request;
+use KTXC\Http\Response\Response;
+use KTXC\Service\SecurityService;
+use KTXC\SessionIdentity;
+
+/**
+ * Authentication middleware
+ * Authenticates the request and initializes session identity
+ * 
+ * Note: This middleware does NOT enforce authentication.
+ * It only attempts to authenticate if credentials are present.
+ * Route-level authentication is enforced by RouterMiddleware.
+ */
+class AuthenticationMiddleware implements MiddlewareInterface
+{
+    public function __construct(
+        private readonly SecurityService $securityService,
+        private readonly SessionIdentity $sessionIdentity
+    ) {}
+
+    public function process(Request $request, RequestHandlerInterface $handler): Response
+    {
+        // Attempt to authenticate the request
+        $identity = $this->securityService->authenticate($request);
+        
+        // Initialize session identity if authentication succeeded
+        if ($identity) {
+            $this->sessionIdentity->initialize($identity, true);
+        }
+
+        // Continue to next middleware (authentication is optional at this stage)
+        return $handler->handle($request);
+    }
+}