39 lines
1.2 KiB
PHP
39 lines
1.2 KiB
PHP
<?php
|
|
|
|
namespace KTXC\Http\Middleware;
|
|
|
|
use KTXC\Http\Request\Request;
|
|
use KTXC\Http\Response\Response;
|
|
use KTXC\Service\SecurityService;
|
|
use KTXC\SessionIdentity;
|
|
|
|
/**
|
|
* Authentication middleware
|
|
* Authenticates the request and initializes session identity
|
|
*
|
|
* Note: This middleware does NOT enforce authentication.
|
|
* It only attempts to authenticate if credentials are present.
|
|
* Route-level authentication is enforced by RouterMiddleware.
|
|
*/
|
|
class AuthenticationMiddleware implements MiddlewareInterface
|
|
{
|
|
public function __construct(
|
|
private readonly SecurityService $securityService,
|
|
private readonly SessionIdentity $sessionIdentity
|
|
) {}
|
|
|
|
public function process(Request $request, RequestHandlerInterface $handler): Response
|
|
{
|
|
// Attempt to authenticate the request
|
|
$identity = $this->securityService->authenticate($request);
|
|
|
|
// Initialize session identity if authentication succeeded
|
|
if ($identity) {
|
|
$this->sessionIdentity->initialize($identity, true);
|
|
}
|
|
|
|
// Continue to next middleware (authentication is optional at this stage)
|
|
return $handler->handle($request);
|
|
}
|
|
}
|