hi i want create my own authorization to study the new veri=sion of framework ... this is my route :
$routes->add('/user/login', 'User::login',['filter'=>'usersFiltersNoAuth']);
$routes->add('/login', 'User::login',['filter'=>'usersFiltersNoAuth']);
$routes->add('/user/registration', 'User::registration',['filter'=>'usersFiltersNoAuth']);
$routes->add('/logout', 'User::logout');
$routes->add('/user/changeEmail', 'User::changeEmail',['filter'=>'usersFiltersAuth']);
$routes->add('/user/changePassword', 'User::changePassword',['filter'=>'usersFiltersAuth']);
And this is my 2 filter class:
class UsersFiltersNoAuth implements FilterInterface
{
/**
* Do whatever processing this filter needs to do.
* By default it should not return anything during
* normal execution. However, when an abnormal state
* is found, it should return an instance of
* CodeIgniter\HTTP\Response. If it does, script
* execution will end and that Response will be
* sent back to the client, allowing for error pages,
* redirects, etc.
*
* @param \CodeIgniter\HTTP\RequestInterface $request
* @param array|null $params
*
* @return mixed
*/
public function before(RequestInterface $request, $params = null)
{
// if no user is logged in then send them to the login form
if (isset($_SESSION['user_id']))
{
return redirect()->to('/user/index');
}
}
//--------------------------------------------------------------------
/**
* Allows After filters to inspect and modify the response
* object as needed. This method does not allow any way
* to stop execution of other after filters, short of
* throwing an Exception or Error.
*
* @param \CodeIgniter\HTTP\RequestInterface $request
* @param \CodeIgniter\HTTP\ResponseInterface $response
* @param array|null $arguments
*
* @return void
*/
public function after(RequestInterface $request, ResponseInterface $response, $arguments = null)
{
}
//--------------------------------------------------------------------
} // End of UsersFiltersNoAuth Class.
class UsersFiltersAuth implements FilterInterface
{
/**
* Do whatever processing this filter needs to do.
* By default it should not return anything during
* normal execution. However, when an abnormal state
* is found, it should return an instance of
* CodeIgniter\HTTP\Response. If it does, script
* execution will end and that Response will be
* sent back to the client, allowing for error pages,
* redirects, etc.
*
* @param \CodeIgniter\HTTP\RequestInterface $request
* @param array|null $params
*
* @return mixed
*/
public function before(RequestInterface $request, $params = null)
{
// if no user is logged in then send them to the login form
if (!isset($_SESSION['user_id']))
{
session()->set('redirect_url', current_url());
return redirect()->to('/login');
}
}
//--------------------------------------------------------------------
/**
* Allows After filters to inspect and modify the response
* object as needed. This method does not allow any way
* to stop execution of other after filters, short of
* throwing an Exception or Error.
*
* @param \CodeIgniter\HTTP\RequestInterface $request
* @param \CodeIgniter\HTTP\ResponseInterface $response
* @param array|null $arguments
*
* @return void
*/
public function after(RequestInterface $request, ResponseInterface $response, $arguments = null)
{
}
//--------------------------------------------------------------------
} // End of UsersFiltersAuth Class.
if i try to go to /user/chengeEmail or /user/changePassword when ($_SESSION['user_id] is set) i am redirect to /user/index why ?
Moreover there is a way to apply a filter to an entire controller ? except some method ?
