Merge pull request #3783 from JosephSilber/authenticate

[5.3] Make the Authenticate middleware throw an AuthenticationException
2016-05-26 08:16:54 -05:00 · 2016-05-26 08:16:54 -05:00 · 3ddaf3f901
parent c332ad9582 d26314de20
commit 3ddaf3f901
2 changed files with 33 additions and 16 deletions
--- a/app/Exceptions/Handler.php
+++ b/app/Exceptions/Handler.php
@ -3,6 +3,7 @@
 namespace App\Exceptions;

 use Exception;
+use Illuminate\Auth\AuthenticationException;
 use Illuminate\Validation\ValidationException;
 use Illuminate\Auth\Access\AuthorizationException;
 use Illuminate\Database\Eloquent\ModelNotFoundException;
@ -17,12 +18,29 @@ class Handler extends ExceptionHandler
     * @var array
     */
    protected $dontReport = [
+        AuthenticationException::class,
        AuthorizationException::class,
        HttpException::class,
        ModelNotFoundException::class,
        ValidationException::class,
    ];

+    /**
+     * Convert an authentication exception into an unauthenticated response.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @param  \Illuminate\Auth\AuthenticationException  $e
+     * @return \Symfony\Component\HttpFoundation\Response
+     */
+    protected function unauthenticated($request, AuthenticationException $e)
+    {
+        if ($request->ajax() || $request->wantsJson()) {
+            return response('Unauthorized.', 401);
+        } else {
+            return redirect()->guest('login');
+        }
+    }
+
    /**
     * Report or log an exception.
     *
--- a/app/Http/Middleware/Authenticate.php
+++ b/app/Http/Middleware/Authenticate.php
@ -4,6 +4,7 @@

 use Closure;
 use Illuminate\Support\Facades\Auth;
+use Illuminate\Auth\AuthenticationException;

 class Authenticate
 {
@ -14,40 +15,38 @@ class Authenticate
     * @param  \Closure  $next
     * @param  string  ...$guards
     * @return mixed
+     *
+     * @throws \Illuminate\Auth\AuthenticationException
     */
    public function handle($request, Closure $next, ...$guards)
    {
-        if ($this->check($guards)) {
-            return $next($request);
-        }
+        $this->authenticate($guards);

-        if ($request->ajax() || $request->wantsJson()) {
-            return response('Unauthorized.', 401);
-        } else {
-            return redirect()->guest('login');
-        }
+        return $next($request);
    }

    /**
     * Determine if the user is logged in to any of the given guards.
     *
     * @param  array  $guards
-     * @return bool
+     * @return void
+     *
+     * @throws \Illuminate\Auth\AuthenticationException
     */
-    protected function check(array $guards)
+    protected function authenticate(array $guards)
    {
-        if (empty($guards)) {
-            return Auth::check();
+        if (count($guards) <= 1) {
+            Auth::guard(array_first($guards))->authenticate();
+
+            return Auth::shouldUse($guard);
        }

        foreach ($guards as $guard) {
            if (Auth::guard($guard)->check()) {
-                Auth::shouldUse($guard);
-
-                return true;
+                return Auth::shouldUse($guard);
            }
        }

-        return false;
+        throw new AuthenticationException;
    }
 }