Moves session auth logic to the new core/Router class
parent
9c896d9e0e
commit
9797caa58e
|
@ -171,31 +171,9 @@ function filter_public_pages($pages) {
|
||||||
}
|
}
|
||||||
$public_pages = filter_public_pages($public_pages);
|
$public_pages = filter_public_pages($public_pages);
|
||||||
|
|
||||||
// Check session and redirect if needed
|
// Dispatch routing and auth
|
||||||
$currentUser = null;
|
require_once __DIR__ . '/../app/core/Router.php';
|
||||||
if ($validSession) {
|
$currentUser = \App\Core\Router::checkAuth($config, $app_root, $public_pages, $page);
|
||||||
// Session is OK
|
|
||||||
$currentUser = Session::getUsername();
|
|
||||||
} else if (!in_array($page, $public_pages)) {
|
|
||||||
// Session expired/invalid, page needs login
|
|
||||||
if (isset($_SESSION['LAST_ACTIVITY']) && !isset($_SESSION['session_timeout_shown'])) {
|
|
||||||
// Only show session timeout message if there was an active session
|
|
||||||
// and we haven't shown it yet
|
|
||||||
Feedback::flash('LOGIN', 'SESSION_TIMEOUT');
|
|
||||||
$_SESSION['session_timeout_shown'] = true;
|
|
||||||
// Cleanup session but keep flash messages
|
|
||||||
$flash_messages = $_SESSION['flash_messages'] ?? [];
|
|
||||||
Session::cleanup($config);
|
|
||||||
$_SESSION['flash_messages'] = $flash_messages;
|
|
||||||
}
|
|
||||||
$loginUrl = $app_root . '?page=login';
|
|
||||||
$trimmed = trim($page, '/?');
|
|
||||||
if (!in_array($trimmed, INVALID_REDIRECT_PAGES, true)) {
|
|
||||||
$loginUrl .= '&redirect=' . urlencode($_SERVER['REQUEST_URI']);
|
|
||||||
}
|
|
||||||
header('Location: ' . $loginUrl);
|
|
||||||
exit();
|
|
||||||
}
|
|
||||||
|
|
||||||
// connect to db of Jilo Web
|
// connect to db of Jilo Web
|
||||||
require '../app/classes/database.php';
|
require '../app/classes/database.php';
|
||||||
|
|
Loading…
Reference in New Issue