Welcome Guest, Not a member yet? Register   Sign In
Multiple filters on routes
#1

Hi,
When passing the filters to the routes, it would be very useful to be able to pass multiple filters to the routes
At the moment CI4 allows to pass only one filter to the routes or groups.

Code:
$routes->get('adm', 'adm\MessagesAction::messages', ['filter' => 'Auth:admin']);

We should be able to pass multiple filters as follows

Code:
$routes->get('adm', 'adm\MessagesAction::messages', ['filter' => 'Auth:admin', 'Performance']);

or

$routes->get('adm', 'adm\MessagesAction::messages', ['filter' => 'Auth:admin|Performance']);
Reply
#2

Definitely you are making a Critical point. I agree with you.
Reply
#3

(This post was last modified: 06-11-2021, 10:11 AM by paliz.)

i faced issue too but find way to manage it

i have  a few filter 

PHP Code:
public $aliases = [
        //'csrf'    => CSRF::class,
        'toolbar' => DebugToolbar::class,
        'honeypot' => Honeypot::class,
        'csrf' => CsrfFilter::class,
        'cors' => CorsFilter::class,
        'auth' => AuthFilter::class,
        'jwt' => JwtFilter::class,
        'url' => UrlFilter::class,
 

    
]; 

 priporty are  
cros , url , auth ,jwt, csrf 
cros and url csrf filter is global filter but  for other routes
PHP Code:
this code not working beacuse ci4 support single filter at same time for it
$routes
->resource('x',['filter'=>['auth:admin','jwt','csrf']); 
  

the best way handle it do my 
first create service   and set rules in it 

PHP Code:
<?php

namespace CoreAuth\Services;

class 
RuleRoute
{
    public static function getRuleAccess(string $name): ?array
    {
        $listOfRule = array(
            'profile' => null,
            'chatContact' => null,
            'chatRoom' => null,
            'chatRoomMedia' => null,
            'chatPrivate' => null,
            'chatPrivateMedia' => null,
            'dashboard' => null,
            'user' => ['admin'],
            'group' => ['admin'],
            'setting' => ['admin'],
            'visitor' => ['admin'],
            'advertisement' => ['admin'],
            'advertisementMedia' => ['admin'],
            'contact' => ['admin''coworker'],
            'contactMedia' => ['admin''coworker'],
            'newsCategory' => ['admin''coworker'],
            'newsSubCategory' => ['admin''coworker'],
            'newsPost' => ['admin''coworker'],
            'newsComment' => ['admin''coworker'],
            'newsMedia' => ['admin''coworker'],
            'viewOption' => ['admin''coworker'],
            'viewMedia' => ['admin''coworker'],
            'requestCategory' => ['admin''coworker'],
            'requestPost' => ['admin''coworker'],
            'requestReply' => ['admin''coworker'],
        );

        foreach ($listOfRule as $key => $value) {
            if ($key == $name) {
                return $value;
            }
        }
        return null;
    }

    public static function ignoreRoute():bool
    
{
        $listOfIgnore = array('home''test''auth');

        foreach ($listOfIgnore as $item) {
            if (preg_match("~\b" $item "\b~"uri_string())) {
                return true;
            }
        }

        return false;
    }


PHP Code:
<?php namespace CoreAuth\Config;


use 
Config\Services as BaseService;
use 
CoreAuth\Services\RuleRoute;

class 
Services extends BaseService
{



    public static function ruleRoute($getShared true)
    {
        if ($getShared)
        {
            return static::getSharedInstance('ruleRoute');
        }

        return new RuleRoute();
    }

    public static function jwtSecretKey()
    {
        return 'sljjljtgidhvxvxzfdfarwfsdkk_ayuikjukliebmvlhqewhw';
    }


config/filter.php files 
jwt and auth  run after /api* in uri
 
PHP Code:
<?php

namespace Config;

use 
CodeIgniter\Config\BaseConfig;
use 
CodeIgniter\Filters\CSRF;
use 
CodeIgniter\Filters\DebugToolbar;
use 
CodeIgniter\Filters\Honeypot;
use 
CoreAuth\Filters\AuthFilter;
use 
CoreAuth\Filters\JwtFilter;
use 
CoreCommon\Filters\CorsFilter;
use 
CoreCommon\Filters\ThrottleFilter;
use 
CoreCommon\Filters\UrlFilter;
use 
CSRF\Filters\CsrfFilter;


class 
Filters extends BaseConfig
{
    /**
    * Configures aliases for Filter classes to
    * make reading things nicer and simpler.
    *
    * @var array
    */
    public $aliases = [
        //'csrf'    => CSRF::class,
        'toolbar' => DebugToolbar::class,
        'honeypot' => Honeypot::class,
        'csrf' => CsrfFilter::class,
        'cors' => CorsFilter::class,
        'auth' => AuthFilter::class,
        'jwt' => JwtFilter::class,
        'url' => UrlFilter::class,
        'throttle' => ThrottleFilter::class

    ];

    /**
    * List of filter aliases that are always
    * applied before and after every request.
    *
    * @var array
    */
    public $globals = [
        'before' => [
            // 'honeypot',
            // 'csrf',
            'cors',
            'url',
            //  'csrf',
        ],
        'after' => [
            'toolbar',
            //  'csrf',
            // 'honeypot',
        ],
    ];

    /**
    * List of filter aliases that works on a
    * particular HTTP method (GET, POST, etc.).
    *
    * Example:
    * 'post' => ['csrf', 'throttle']
    *
    * @var array
    */
    public $methods = [

        //  'get' => ['csrf'],
        // 'post' => ['csrf'],
        // 'put' => ['csrf'],
        // 'delete' => ['csrf']

    ];

    /**
    * List of filter aliases that should run on any
    * before or after URI patterns.
    *
    * Example:
    * 'isLoggedIn' => ['before' => ['account/*', 'profiles/*']]
    *
    * @var array
    */
    public $filters = [
        'auth' => ['before' => 'api*'],
        'jwt' => ['before' => 'api*',],

    ];


this jwt and auth filter  filter


Quote:
PHP Code:
<?php namespace CoreAuth\Filters;

use 
CoreAuth\Enums\FilterErrorType;
use 
CodeIgniter\HTTP\RequestInterface;
use 
CodeIgniter\HTTP\Response;
use 
CodeIgniter\HTTP\ResponseInterface;
use 
CodeIgniter\Filters\FilterInterface;
use 
CodeIgniter\Config\Services;


class  JwtFilter implements FilterInterface
{

    public function before(RequestInterface $request$arguments null)
    {

        $authHeader $request->getServer('HTTP_AUTHORIZATION');

        $ruleRoute = \CoreAuth\Config\Services::ruleRoute();
        if ($ruleRoute->ignoreRoute()) {
            return;
        }

        helper('jwt');
        try {
            $token isJWT($authHeader);

            validateJWT($token, \CoreAuth\Config\Services::jwtSecretKey());

        } catch (\Exception $e) {


            return Services::response()->setJSON(['success' => false,
                'type' => FilterErrorType::Jwt,
                'error' => lang('Authenticate.filter.jwt')])->setContentType('application/json')
                ->setStatusCode(Response::HTTP_UNAUTHORIZEDlang('Authenticate.filter.jwt'));

        }
    }

    //--------------------------------------------------------------------

    public function after(RequestInterface $requestResponseInterface $response$arguments null)
    {
        // Do something here
    }


you can apply multiple filters with my code

you can apply multiple filters with my code
Enlightenment  Is  Freedom
Reply
#4

I too would like to see some enhancements for Filters applications. A long-standing request is to be able to pass parameters to the global applied in **app/Config/Filters.php**.

For now how I work around multiple filters is I create one filter that calls all the others I want, or apply them via wildcards in the Config file.
Reply
#5

(This post was last modified: 06-17-2021, 12:32 PM by paliz.)

Thank this need to be improvement

Any way my solution work well for me
Enlightenment  Is  Freedom
Reply
#6

See https://codeigniter4.github.io/userguide...or-a-route
Reply




Theme © iAndrew 2016 - Forum software by © MyBB