-
pippuccio76
Senior Member
-
Posts: 524
Threads: 222
Joined: Jun 2017
Reputation:
2
i , in ci 3 in a construct method or in every method of a controller except for login i do :
PHP Code: if(!isset($_SESSION['user_id'])) { redirect('user/login','refresh'); die(); }
How can i do the same using filter ?
-
InsiteFX
Super Moderator
-
Posts: 6,640
Threads: 337
Joined: Oct 2014
Reputation:
243
It would be something like this not tested.
PHP Code: <?php namespace Your\Name\Space;
use CodeIgniter\HTTP\RequestInterface; use CodeIgniter\HTTP\ResponseInterface; use CodeIgniter\Filters\FilterInterface;
class YourFilterName implements FilterInterface { /** * Do whatever processing this filter needs to do. * By default it should not return anything during * normal execution. However, when an abnormal state * is found, it should return an instance of * CodeIgniter\HTTP\Response. If it does, script * execution will end and that Response will be * sent back to the client, allowing for error pages, * redirects, etc. * * @param \CodeIgniter\HTTP\RequestInterface $request * @param array|null $params * * @return mixed */ public function before(RequestInterface $request, $params = null) { // if no user is logged in then send them to the login form if (! isset($_SESSION['user_id'])) { session()->set('redirect_url', current_url()); return redirect('login'); } }
//--------------------------------------------------------------------
/** * Allows After filters to inspect and modify the response * object as needed. This method does not allow any way * to stop execution of other after filters, short of * throwing an Exception or Error. * * @param \CodeIgniter\HTTP\RequestInterface $request * @param \CodeIgniter\HTTP\ResponseInterface $response * @param array|null $arguments * * @return void */ public function after(RequestInterface $request, ResponseInterface $response, $arguments = null) {
}
//--------------------------------------------------------------------
} // End of YourFilterName Class.
/** * ----------------------------------------------------------------------- * Filename: YourFilterName.php * Location: ./app/Filters/YourFilterName.php * ----------------------------------------------------------------------- */
Put your own namespace and class names in.
What did you Try? What did you Get? What did you Expect?
Joined CodeIgniter Community 2009. ( Skype: insitfx )
-
pippuccio76
Senior Member
-
Posts: 524
Threads: 222
Joined: Jun 2017
Reputation:
2
08-25-2020, 07:03 AM
(This post was last modified: 08-25-2020, 07:06 AM by pippuccio76.)
(08-25-2020, 03:42 AM)InsiteFX Wrote: It would be something like this not tested.
PHP Code: <?php namespace Your\Name\Space;
use CodeIgniter\HTTP\RequestInterface; use CodeIgniter\HTTP\ResponseInterface; use CodeIgniter\Filters\FilterInterface;
class YourFilterName implements FilterInterface { /** * Do whatever processing this filter needs to do. * By default it should not return anything during * normal execution. However, when an abnormal state * is found, it should return an instance of * CodeIgniter\HTTP\Response. If it does, script * execution will end and that Response will be * sent back to the client, allowing for error pages, * redirects, etc. * * @param \CodeIgniter\HTTP\RequestInterface $request * @param array|null $params * * @return mixed */ public function before(RequestInterface $request, $params = null) { // if no user is logged in then send them to the login form if (! isset($_SESSION['user_id'])) { session()->set('redirect_url', current_url()); return redirect('login'); } }
//--------------------------------------------------------------------
/** * Allows After filters to inspect and modify the response * object as needed. This method does not allow any way * to stop execution of other after filters, short of * throwing an Exception or Error. * * @param \CodeIgniter\HTTP\RequestInterface $request * @param \CodeIgniter\HTTP\ResponseInterface $response * @param array|null $arguments * * @return void */ public function after(RequestInterface $request, ResponseInterface $response, $arguments = null) {
}
//--------------------------------------------------------------------
} // End of YourFilterName Class.
/** * ----------------------------------------------------------------------- * Filename: YourFilterName.php * Location: ./app/Filters/YourFilterName.php * ----------------------------------------------------------------------- */
Put your own namespace and class names in.
Why this : session()->set('redirect_url', current_url()); ?
Now how can use it in route for every controller ? for example for User controller must be for every method except login
-
InsiteFX
Super Moderator
-
Posts: 6,640
Threads: 337
Joined: Oct 2014
Reputation:
243
PHP Code: .app/Config/Filters.php
// Add to the aliases section. 'login' => \YourNameSpace\YourFolder\Filters\YourFilterName::class,
// Or restrict your entire site by adding the LoginFilter to the $globals array: public $globals = [ 'before' => [ //'honeypot' // 'csrf', 'login', ], 'after' => [ 'toolbar', //'honeypot' ], ];
Restricting a single route:
// Any single route can be restricted by adding the filter option to the last parameter in any of the route definition methods: $routes->get('admin/users', 'UserController::index', ['filter' => 'permission:manage-user']);
Restricting Route Groups:
// In the same way, entire groups of routes can be restricted within the group() method: $routes->group('admin', ['filter' => 'role:admin,superadmin'], function($routes) { ... });
A lot of this is from Myth/Auth, I suggest that you download it and go through the code.
Myth:Auth
What did you Try? What did you Get? What did you Expect?
Joined CodeIgniter Community 2009. ( Skype: insitfx )
-
pippuccio76
Senior Member
-
Posts: 524
Threads: 222
Joined: Jun 2017
Reputation:
2
i create two filter : usersFiltersAuth and usersFiltersNoAuth
if i use filter in sigle route as:
$routes->get('/login', 'User::login',['filter'=>'usersFiltersNoAuth']);
$routes->get('/registration', 'User::registration',['filter'=>'usersFiltersNoAuth']);
$routes->get('/logout', 'User::logout');
work fine .
How can i do for an entire controller ?
$routes->group('/user',['filter'=>'usersFiltersAuth'],function($routes){
});
Dont' work and i must except /user/login and /user/registration
-
InsiteFX
Super Moderator
-
Posts: 6,640
Threads: 337
Joined: Oct 2014
Reputation:
243
Did you try to add the user to the filter?
PHP Code: $routes->group('user',['filter'=>'user:usersFiltersAuth'],function($routes){
What did you Try? What did you Get? What did you Expect?
Joined CodeIgniter Community 2009. ( Skype: insitfx )
-
pippuccio76
Senior Member
-
Posts: 524
Threads: 222
Joined: Jun 2017
Reputation:
2
(08-26-2020, 10:09 AM)InsiteFX Wrote: Did you try to add the user to the filter?
PHP Code: $routes->group('user',['filter'=>'user:usersFiltersAuth'],function($routes){
doesn't work or i dont understand :
$routes->group('user',['filter'=>'user:usersFiltersAuth'],function($routes){
});
the violet user is the name of controller ?How can i do exception for some method ?
-
Chroma
Member
-
Posts: 116
Threads: 7
Joined: Nov 2014
Reputation:
1
When I was doing this, I had an exclusion list that would be checked first, if the controller/method was in the exclusion list, the filter was finished and processing stopped.
Something like this...
PHP Code: $current = (string)current_url(true)->setHost('')->setScheme('')->stripQuery('token');
// the array must be all methods that do NOT require being checked if (in_array((string)$current, ['/controller/method1', '/controller/method2'])) { return; }
You can of course add as many controller/method items to the exclusion array.
Put any must do filter code after this snippet. It will then exit if necessary or allow the processing as necessary.
-
pippuccio76
Senior Member
-
Posts: 524
Threads: 222
Joined: Jun 2017
Reputation:
2
08-28-2020, 01:42 AM
(This post was last modified: 08-28-2020, 01:52 AM by pippuccio76.)
(08-27-2020, 04:18 AM)Chroma Wrote: When I was doing this, I had an exclusion list that would be checked first, if the controller/method was in the exclusion list, the filter was finished and processing stopped.
Something like this...
PHP Code: $current = (string)current_url(true)->setHost('')->setScheme('')->stripQuery('token');
// the array must be all methods that do NOT require being checked if (in_array((string)$current, ['/controller/method1', '/controller/method2'])) { return; }
Put any must do filter code after this snippet. It will then exit if necessary or allow the processing as necessary.
You can of course add as many controller/method items to the exclusion array.
Codeigniter 4 have except to remove some uri to filter , i want know how use it ,principally i want know how use filter for every method of a controller without write a row for every method (if it's possible) than i want exclude the filter for some method ....
-
pippuccio76
Senior Member
-
Posts: 524
Threads: 222
Joined: Jun 2017
Reputation:
2
08-28-2020, 03:56 AM
(This post was last modified: 08-28-2020, 03:57 AM by pippuccio76.)
I don't know how doesn't work :
Route
PHP Code: $routes->add('/user/login', 'User::login',['filter'=>'usersFiltersNoAuth']); $routes->add('/login', 'User::login',['filter'=>'usersFiltersNoAuth']); $routes->add('/user/registration', 'User::registration',['filter'=>'usersFiltersNoAuth']); $routes->add('/logout', 'User::logout'); $routes->add('/user/changeEmail', 'User::changeEmail',['filter'=>'usersFiltersAuth']); $routes->add('/user/changePassword', 'User::changePassword',['filter'=>'usersFiltersAuth']);
Filter class :
PHP Code: class UsersFiltersNoAuth implements FilterInterface { /** * Do whatever processing this filter needs to do. * By default it should not return anything during * normal execution. However, when an abnormal state * is found, it should return an instance of * CodeIgniter\HTTP\Response. If it does, script * execution will end and that Response will be * sent back to the client, allowing for error pages, * redirects, etc. * * @param \CodeIgniter\HTTP\RequestInterface $request * @param array|null $params * * @return mixed */ public function before(RequestInterface $request, $params = null) { // if no user is logged in then send them to the login form if (isset($_SESSION['user_id'])) { return redirect()->to('/user/index'); } }
//--------------------------------------------------------------------
/** * Allows After filters to inspect and modify the response * object as needed. This method does not allow any way * to stop execution of other after filters, short of * throwing an Exception or Error. * * @param \CodeIgniter\HTTP\RequestInterface $request * @param \CodeIgniter\HTTP\ResponseInterface $response * @param array|null $arguments * * @return void */ public function after(RequestInterface $request, ResponseInterface $response, $arguments = null) {
}
//--------------------------------------------------------------------
} // End of YourFilterName Class.
PHP Code: class UsersFiltersAuth implements FilterInterface { /** * Do whatever processing this filter needs to do. * By default it should not return anything during * normal execution. However, when an abnormal state * is found, it should return an instance of * CodeIgniter\HTTP\Response. If it does, script * execution will end and that Response will be * sent back to the client, allowing for error pages, * redirects, etc. * * @param \CodeIgniter\HTTP\RequestInterface $request * @param array|null $params * * @return mixed */ public function before(RequestInterface $request, $params = null) { // if no user is logged in then send them to the login form if (!isset($_SESSION['user_id'])) { session()->set('redirect_url', current_url()); return redirect()->to('/login'); } }
//--------------------------------------------------------------------
/** * Allows After filters to inspect and modify the response * object as needed. This method does not allow any way * to stop execution of other after filters, short of * throwing an Exception or Error. * * @param \CodeIgniter\HTTP\RequestInterface $request * @param \CodeIgniter\HTTP\ResponseInterface $response * @param array|null $arguments * * @return void */ public function after(RequestInterface $request, ResponseInterface $response, $arguments = null) {
}
//--------------------------------------------------------------------
} // End of YourFilterName Class.
if i try to go to /user/chengeEmail or /user/changePassword when ($_SESSION['user_id] is set) i am redirect to /user/index why ?
|