keii.dev
1<?php
2
3// Copyright (c) ppy Pty Ltd <contact@ppy.sh>. Licensed under the GNU Affero General Public License v3.0.
4// See the LICENCE file in the repository root for full licence text.
5
6namespace App\Http\Middleware;
7
8use App\Libraries\SessionVerification;
9use Closure;
10use Illuminate\Contracts\Auth\Guard as AuthGuard;
11use Illuminate\Http\Request;
12
13class VerifyUser
14{
15 const SKIP_VERIFICATION_ROUTES = [
16 'account_controller@reissue_code' => true,
17 'account_controller@update_options' => true,
18 'account_controller@verify' => true,
19 'account_controller@verify_link' => true,
20 'notifications_controller@endpoint' => true,
21 'sessions_controller@destroy' => true,
22 'sessions_controller@store' => true,
23 'users_controller@me' => true,
24 'wiki_controller@image' => true,
25 'wiki_controller@show' => true,
26 'wiki_controller@sitemap' => true,
27 'wiki_controller@suggestions' => true,
28 ];
29
30 public function __construct(protected AuthGuard $auth)
31 {
32 }
33
34 public function handle(Request $request, Closure $next)
35 {
36 $user = $this->auth->user();
37
38 if (
39 $user !== null
40 && !$user->isSessionVerified()
41 && !$this->alwaysSkipVerification()
42 && $this->requiresVerification($request)
43 ) {
44 return SessionVerification\Controller::initiate();
45 }
46
47 return $next($request);
48 }
49
50 public function requiresVerification($request)
51 {
52 return true;
53 }
54
55 private function alwaysSkipVerification()
56 {
57 $currentRouteData = app('route-section')->getCurrent();
58 $currentRoute = "{$currentRouteData['controller']}@{$currentRouteData['action']}";
59
60 return isset(static::SKIP_VERIFICATION_ROUTES[$currentRoute]);
61 }
62}