2018-09-11 07:51:35 -05:00
|
|
|
<?php
|
|
|
|
|
|
|
|
|
|
namespace App\Http\Middleware;
|
|
|
|
|
|
|
|
|
|
use Closure;
|
2023-05-24 22:21:54 +02:00
|
|
|
use Illuminate\Http\Request;
|
2021-03-31 21:30:04 +02:00
|
|
|
use Illuminate\Support\Facades\Auth;
|
2018-09-11 07:51:35 -05:00
|
|
|
use LibreNMS\Authentication\LegacyAuth;
|
2023-11-07 16:25:28 -06:00
|
|
|
use LibreNMS\Config;
|
2023-05-24 22:21:54 +02:00
|
|
|
use Symfony\Component\HttpFoundation\Response;
|
2018-09-11 07:51:35 -05:00
|
|
|
|
|
|
|
|
class LegacyExternalAuth
|
|
|
|
|
{
|
|
|
|
|
/**
|
|
|
|
|
* Handle an incoming request.
|
|
|
|
|
*
|
|
|
|
|
* @param \Illuminate\Http\Request $request
|
|
|
|
|
* @param \Closure $next
|
|
|
|
|
*/
|
2023-05-24 22:21:54 +02:00
|
|
|
public function handle(Request $request, Closure $next, $guard = null): Response
|
2018-09-11 07:51:35 -05:00
|
|
|
{
|
2018-10-01 20:05:30 -05:00
|
|
|
if (! Auth::guard($guard)->check()) {
|
|
|
|
|
// check for get variables
|
2023-11-07 16:25:28 -06:00
|
|
|
if (Config::get('auth.allow_get_login')) {
|
|
|
|
|
if ($request->isMethod('get') && $request->has(['username', 'password'])) {
|
|
|
|
|
Auth::attempt($request->only(['username', 'password']));
|
|
|
|
|
}
|
2018-10-01 20:05:30 -05:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (LegacyAuth::get()->authIsExternal()) {
|
|
|
|
|
$credentials = [
|
|
|
|
|
'username' => LegacyAuth::get()->getExternalUsername(),
|
|
|
|
|
'password' => isset($_SERVER['PHP_AUTH_PW']) ? $_SERVER['PHP_AUTH_PW'] : '',
|
|
|
|
|
];
|
2018-09-11 07:51:35 -05:00
|
|
|
|
2018-10-01 20:05:30 -05:00
|
|
|
if (! Auth::guard($guard)->attempt($credentials)) {
|
|
|
|
|
$message = ''; // no debug info for now...
|
2018-09-11 07:51:35 -05:00
|
|
|
|
2018-10-01 20:05:30 -05:00
|
|
|
// force user to failure page
|
|
|
|
|
return response(view('auth.external-auth-failed')->with('message', $message));
|
|
|
|
|
}
|
2018-09-11 07:51:35 -05:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return $next($request);
|
|
|
|
|
}
|
|
|
|
|
}
|
