Multiple filters on routes - Beewez - 06-10-2021
Hi,
When passing the filters to the routes, it would be very useful to be able to pass multiple filters to the routes
At the moment CI4 allows to pass only one filter to the routes or groups.
Code: $routes->get('adm', 'adm\MessagesAction::messages', ['filter' => 'Auth:admin']);
We should be able to pass multiple filters as follows
Code: $routes->get('adm', 'adm\MessagesAction::messages', ['filter' => 'Auth:admin', 'Performance']);
or
$routes->get('adm', 'adm\MessagesAction::messages', ['filter' => 'Auth:admin|Performance']);
RE: Multiple filters on routes - seunex - 06-10-2021
Definitely you are making a Critical point. I agree with you.
RE: Multiple filters on routes - paliz - 06-11-2021
i faced issue too but find way to manage it
i have a few filter
PHP Code: public $aliases = [ //'csrf' => CSRF::class, 'toolbar' => DebugToolbar::class, 'honeypot' => Honeypot::class, 'csrf' => CsrfFilter::class, 'cors' => CorsFilter::class, 'auth' => AuthFilter::class, 'jwt' => JwtFilter::class, 'url' => UrlFilter::class,
];
priporty are
cros , url , auth ,jwt, csrf
cros and url csrf filter is global filter but for other routes
PHP Code: this code not working beacuse ci4 support single filter at same time for it $routes->resource('x',['filter'=>['auth:admin','jwt','csrf']);
the best way handle it do my
first create service and set rules in it
PHP Code: <?php
namespace CoreAuth\Services;
class RuleRoute { public static function getRuleAccess(string $name): ?array { $listOfRule = array( 'profile' => null, 'chatContact' => null, 'chatRoom' => null, 'chatRoomMedia' => null, 'chatPrivate' => null, 'chatPrivateMedia' => null, 'dashboard' => null, 'user' => ['admin'], 'group' => ['admin'], 'setting' => ['admin'], 'visitor' => ['admin'], 'advertisement' => ['admin'], 'advertisementMedia' => ['admin'], 'contact' => ['admin', 'coworker'], 'contactMedia' => ['admin', 'coworker'], 'newsCategory' => ['admin', 'coworker'], 'newsSubCategory' => ['admin', 'coworker'], 'newsPost' => ['admin', 'coworker'], 'newsComment' => ['admin', 'coworker'], 'newsMedia' => ['admin', 'coworker'], 'viewOption' => ['admin', 'coworker'], 'viewMedia' => ['admin', 'coworker'], 'requestCategory' => ['admin', 'coworker'], 'requestPost' => ['admin', 'coworker'], 'requestReply' => ['admin', 'coworker'], );
foreach ($listOfRule as $key => $value) { if ($key == $name) { return $value; } } return null; }
public static function ignoreRoute():bool { $listOfIgnore = array('home', 'test', 'auth');
foreach ($listOfIgnore as $item) { if (preg_match("~\b" . $item . "\b~", uri_string())) { return true; } }
return false; }
}
PHP Code: <?php namespace CoreAuth\Config;
use Config\Services as BaseService; use CoreAuth\Services\RuleRoute;
class Services extends BaseService {
public static function ruleRoute($getShared = true) { if ($getShared) { return static::getSharedInstance('ruleRoute'); }
return new RuleRoute(); }
public static function jwtSecretKey() { return 'sljjljtgidhvxvxzfdfarwfsdkk_ayuikjukliebmvlhqewhw'; } }
config/filter.php files
jwt and auth run after /api* in uri
PHP Code: <?php
namespace Config;
use CodeIgniter\Config\BaseConfig; use CodeIgniter\Filters\CSRF; use CodeIgniter\Filters\DebugToolbar; use CodeIgniter\Filters\Honeypot; use CoreAuth\Filters\AuthFilter; use CoreAuth\Filters\JwtFilter; use CoreCommon\Filters\CorsFilter; use CoreCommon\Filters\ThrottleFilter; use CoreCommon\Filters\UrlFilter; use CSRF\Filters\CsrfFilter;
class Filters extends BaseConfig { /** * Configures aliases for Filter classes to * make reading things nicer and simpler. * * @var array */ public $aliases = [ //'csrf' => CSRF::class, 'toolbar' => DebugToolbar::class, 'honeypot' => Honeypot::class, 'csrf' => CsrfFilter::class, 'cors' => CorsFilter::class, 'auth' => AuthFilter::class, 'jwt' => JwtFilter::class, 'url' => UrlFilter::class, 'throttle' => ThrottleFilter::class
];
/** * List of filter aliases that are always * applied before and after every request. * * @var array */ public $globals = [ 'before' => [ // 'honeypot', // 'csrf', 'cors', 'url', // 'csrf', ], 'after' => [ 'toolbar', // 'csrf', // 'honeypot', ], ];
/** * List of filter aliases that works on a * particular HTTP method (GET, POST, etc.). * * Example: * 'post' => ['csrf', 'throttle'] * * @var array */ public $methods = [
// 'get' => ['csrf'], // 'post' => ['csrf'], // 'put' => ['csrf'], // 'delete' => ['csrf']
];
/** * List of filter aliases that should run on any * before or after URI patterns. * * Example: * 'isLoggedIn' => ['before' => ['account/*', 'profiles/*']] * * @var array */ public $filters = [ 'auth' => ['before' => 'api*'], 'jwt' => ['before' => 'api*',],
]; }
this jwt and auth filter filter
Quote:PHP Code: <?php namespace CoreAuth\Filters;
use CoreAuth\Enums\FilterErrorType; use CodeIgniter\HTTP\RequestInterface; use CodeIgniter\HTTP\Response; use CodeIgniter\HTTP\ResponseInterface; use CodeIgniter\Filters\FilterInterface; use CodeIgniter\Config\Services;
class JwtFilter implements FilterInterface {
public function before(RequestInterface $request, $arguments = null) {
$authHeader = $request->getServer('HTTP_AUTHORIZATION');
$ruleRoute = \CoreAuth\Config\Services::ruleRoute(); if ($ruleRoute->ignoreRoute()) { return; }
helper('jwt'); try { $token = isJWT($authHeader);
validateJWT($token, \CoreAuth\Config\Services::jwtSecretKey());
} catch (\Exception $e) {
return Services::response()->setJSON(['success' => false, 'type' => FilterErrorType::Jwt, 'error' => lang('Authenticate.filter.jwt')])->setContentType('application/json') ->setStatusCode(Response::HTTP_UNAUTHORIZED, lang('Authenticate.filter.jwt'));
} }
//--------------------------------------------------------------------
public function after(RequestInterface $request, ResponseInterface $response, $arguments = null) { // Do something here } }
you can apply multiple filters with my code
you can apply multiple filters with my code
RE: Multiple filters on routes - MGatner - 06-17-2021
I too would like to see some enhancements for Filters applications. A long-standing request is to be able to pass parameters to the global applied in **app/Config/Filters.php**.
For now how I work around multiple filters is I create one filter that calls all the others I want, or apply them via wildcards in the Config file.
RE: Multiple filters on routes - paliz - 06-17-2021
Thank this need to be improvement
Any way my solution work well for me
RE: Multiple filters on routes - kenjis - 01-21-2023
See https://codeigniter4.github.io/userguide/installation/upgrade_415.html#upgrade-415-multiple-filters-for-a-route
|