Dolo/BetiX
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
0280278978d2ab2870f9da601ef1b56738f71071
BetiX/app/Http/Middleware/EnforceRestriction.php
Dolo 0280278978
Some checks failed
linter / quality (push) Has been cancelled
Details
tests / ci (8.4) (push) Has been cancelled
Details
tests / ci (8.5) (push) Has been cancelled
Details
Initialer Laravel Commit für BetiX
2026-04-04 18:01:50 +02:00

68 lines
2.2 KiB
PHP
Raw Blame History

<?php
namespace App\Http\Middleware;
use App\Services\BackendHttpClient;
use Closure;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
class EnforceRestriction
{
public function __construct(private readonly BackendHttpClient $client)
{
}
/**
* Handle an incoming request.
* @param array<int,string> $types One or more restriction types to check
*/
public function handle(Request $request, Closure $next, ...$types)
{
$user = $request->user();
if (!$user) {
return $next($request);
}
if (empty($types)) {
$types = ['account_ban'];
}
try {
// Ask upstream whether any of the requested types are active for the current user
$query = ['types' => implode(',', $types)];
$res = $this->client->get($request, '/users/me/restrictions/check', $query, retry: true);
if ($res->successful()) {
$json = $res->json() ?: [];
$data = $json['data'] ?? $json; // support either {data:{...}} or flat map
$isRestricted = false;
$hitType = null;
foreach ($types as $t) {
if (!empty($data[$t])) { $isRestricted = true; $hitType = $t; break; }
}
if ($isRestricted) {
// For web requests: log out if account is banned and block access
if (!$request->expectsJson() && in_array('account_ban', $types, true)) {
Auth::logout();
$request->session()->invalidate();
$request->session()->regenerateToken();
}
$payload = [
'message' => 'Access is restricted for this action.',
'type' => $hitType,
];
return response()->json($payload, 403);
}
}
// On client/server error we fail open to avoid locking out users due to upstream outage
} catch (\Throwable $e) {
// swallow and continue
}
return $next($request);
}
}
Reference in New Issue View Git Blame Copy Permalink