22527357078

Committed 28 Feb 2026 07:22PM UTC coverage: 63.267% (+0.7%) from 62.568%

Build # 22527357078

Build Type

push

github

Committed by

daycry

Commit Message

Remove PHP 8.1 from PHPUnit CI matrix

Update .github/workflows/phpunit.yml to drop PHP 8.1 from the test matrix. CI will now run PHPUnit only on PHP 8.2 and 8.3, reducing the matrix to current supported versions.

Coverage Stats

3064 of 4843 relevant lines covered (63.27%)

41.52 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

68.97

/src/Filters/AuthFilter.php

<?php

declare(strict_types=1);

/**
 * This file is part of Daycry Auth.
 *
 * (c) Daycry <daycry9@proton.me>
 *
 * For the full copyright and license information, please view
 * the LICENSE file that was distributed with this source code.
 */

namespace Daycry\Auth\Filters;

use CodeIgniter\Filters\FilterInterface;
use CodeIgniter\HTTP\IncomingRequest;
use CodeIgniter\HTTP\RequestInterface;
use CodeIgniter\HTTP\ResponseInterface;
use Config\Services;
use Daycry\Auth\Authentication\Authenticators\Session;
use Daycry\Auth\Config\Auth;
use Daycry\Auth\Interfaces\AuthenticatorInterface;
use Daycry\Auth\Result;

/**
 * Authentication Filter.
 *
 * JSON Web Token authentication for web applications
 * Access Token authentication for web applications
 */
class AuthFilter implements FilterInterface
{
    public function before(RequestInterface $request, $arguments = null)
    {
        helper('checkEndpoint');

        if (! $request instanceof IncomingRequest) {
            return;
        }

        $endpoint = checkEndpoint();

        $alias = $this->determineAuthenticator($arguments, $endpoint);

        /** @var AuthenticatorInterface $authenticator */
        $authenticator = auth($alias)->getAuthenticator();

        /** @var Auth $config */
        $config = config(Auth::class);

        if ($authenticator instanceof Session) {
            return $this->handleSessionAuthentication($authenticator, $config);
        }

        return $this->handleTokenAuthentication($authenticator);
    }

    /**
     * Determine which authenticator to use
     *
     * @param mixed $endpoint
     */
    private function determineAuthenticator(?array $arguments, $endpoint): string
    {
        $alias = $arguments ? $arguments[0] : service('settings')->get('Auth.defaultAuthenticator');

        return ($endpoint && $endpoint->auth) ? $endpoint->auth : $alias;
    }

    /**
     * Handle session-based authentication
     */
    private function handleSessionAuthentication(Session $authenticator, Auth $config)
    {
        if (auth()->loggedIn()) {
            if (setting('Auth.recordActiveDate')) {
                $authenticator->recordActiveDate();
            }

            $user = $authenticator->getUser();

            // Check if user is banned
            if ($user->isBanned()) {
                $error = $user->getBanMessage() ?? lang('Auth.logOutBannedUser');
                $authenticator->logout();

                return redirect()->to($config->logoutRedirect())
                    ->with('error', $error);
            }

            // Check if user needs activation
            if ($user !== null && ! $user->isActivated()) {
                $hasAction = $authenticator->startUpAction('register', $user);
                if ($hasAction) {
                    return redirect()->route('auth-action-show')
                        ->with('error', lang('Auth.activationBlocked'));
                }
            }

            return;
        }

        // Handle pending actions
        if ($authenticator->isPending()) {
            return redirect()->route('auth-action-show')
                ->with('error', $authenticator->getPendingMessage());
        }

        // Save current URL for redirect after login
        if (uri_string() !== route_to('login')) {
            session()->setTempdata('beforeLoginUrl', current_url(), 300);
        }

        return redirect()->route('login');
    }

    /**
     * Handle token-based authentication
     */
    private function handleTokenAuthentication(AuthenticatorInterface $authenticator)
    {
        $result = $authenticator->attempt();

        if (! $result->isOK()) {
            return service('response')
                ->setStatusCode(ResponseInterface::HTTP_UNAUTHORIZED)
                ->setJson(['message' => $result->reason()]);
        }

        if (setting('Auth.recordActiveDate')) {
            $authenticator->recordActiveDate();
        }

        // Handle additional access token validation if enabled
        if (service('settings')->get('Auth.accessTokenEnabled')) {
            return $this->validateAccessToken();
        }
    }

    /**
     * Validate access token when enabled
     */
    private function validateAccessToken()
    {
        $accessToken = (Services::auth(false))->setAuthenticator('access_token')->attempt();

        if (! $accessToken->isOK() && service('settings')->get('Auth.strictApiAndAuth')) {
            return service('response')
                ->setStatusCode(ResponseInterface::HTTP_UNAUTHORIZED)
                ->setJson([
                    'message' => ($accessToken instanceof Result)
                        ? $accessToken->reason()
                        : lang('Auth.badToken'),
                ]);
        }
    }

    /**
     * We don't have anything to do here.
     *
     * @param array|null $arguments
     */
    public function after(RequestInterface $request, ResponseInterface $response, $arguments = null): void
    {
        // Nothing required
    }
}

1	<?php
2
3	declare(strict_types=1);
4
5	/**
6	* This file is part of Daycry Auth.
7	*
8	* (c) Daycry <daycry9@proton.me>
9	*
10	* For the full copyright and license information, please view
11	* the LICENSE file that was distributed with this source code.
12	*/
13
14	namespace Daycry\Auth\Filters;
15
16	use CodeIgniter\Filters\FilterInterface;
17	use CodeIgniter\HTTP\IncomingRequest;
18	use CodeIgniter\HTTP\RequestInterface;
19	use CodeIgniter\HTTP\ResponseInterface;
20	use Config\Services;
21	use Daycry\Auth\Authentication\Authenticators\Session;
22	use Daycry\Auth\Config\Auth;
23	use Daycry\Auth\Interfaces\AuthenticatorInterface;
24	use Daycry\Auth\Result;
25
26	/**
27	* Authentication Filter.
28	*
29	* JSON Web Token authentication for web applications
30	* Access Token authentication for web applications
31	*/
32	class AuthFilter implements FilterInterface
33	{
34	public function before(RequestInterface $request, $arguments = null)	9✔
35	{
36	helper('checkEndpoint');	9✔
37
38	if (! $request instanceof IncomingRequest) {	9✔
39	return;	×
40	}
41
42	$endpoint = checkEndpoint();	9✔
43
44	$alias = $this->determineAuthenticator($arguments, $endpoint);	9✔
45
46	/** @var AuthenticatorInterface $authenticator */
47	$authenticator = auth($alias)->getAuthenticator();	9✔
48
49	/** @var Auth $config */
50	$config = config(Auth::class);	9✔
51
52	if ($authenticator instanceof Session) {	9✔
53	return $this->handleSessionAuthentication($authenticator, $config);	3✔
54	}
55
56	return $this->handleTokenAuthentication($authenticator);	6✔
57	}
58
59	/**
60	* Determine which authenticator to use
61	*
62	* @param mixed $endpoint
63	*/
64	private function determineAuthenticator(?array $arguments, $endpoint): string	9✔
65	{
66	$alias = $arguments ? $arguments[0] : service('settings')->get('Auth.defaultAuthenticator');	9✔
67
68	return ($endpoint && $endpoint->auth) ? $endpoint->auth : $alias;	9✔
69	}
70
71	/**
72	* Handle session-based authentication
73	*/
74	private function handleSessionAuthentication(Session $authenticator, Auth $config)	3✔
75	{
76	if (auth()->loggedIn()) {	3✔
77	if (setting('Auth.recordActiveDate')) {	2✔
78	$authenticator->recordActiveDate();	2✔
79	}
80
81	$user = $authenticator->getUser();	2✔
82
83	// Check if user is banned
84	if ($user->isBanned()) {	2✔
85	$error = $user->getBanMessage() ?? lang('Auth.logOutBannedUser');	1✔
86	$authenticator->logout();	1✔
87
88	return redirect()->to($config->logoutRedirect())	1✔
89	->with('error', $error);	1✔
90	}
91
92	// Check if user needs activation
93	if ($user !== null && ! $user->isActivated()) {	1✔
94	$hasAction = $authenticator->startUpAction('register', $user);	×
95	if ($hasAction) {	×
96	return redirect()->route('auth-action-show')	×
97	->with('error', lang('Auth.activationBlocked'));	×
98	}
99	}
100
101	return;	1✔
102	}
103
104	// Handle pending actions
105	if ($authenticator->isPending()) {	1✔
106	return redirect()->route('auth-action-show')	×
107	->with('error', $authenticator->getPendingMessage());	×
108	}
109
110	// Save current URL for redirect after login
111	if (uri_string() !== route_to('login')) {	1✔
112	session()->setTempdata('beforeLoginUrl', current_url(), 300);	1✔
113	}
114
115	return redirect()->route('login');	1✔
116	}
117
118	/**
119	* Handle token-based authentication
120	*/
121	private function handleTokenAuthentication(AuthenticatorInterface $authenticator)	6✔
122	{
123	$result = $authenticator->attempt();	6✔
124
125	if (! $result->isOK()) {	6✔
126	return service('response')	4✔
127	->setStatusCode(ResponseInterface::HTTP_UNAUTHORIZED)	4✔
128	->setJson(['message' => $result->reason()]);	4✔
129	}
130
131	if (setting('Auth.recordActiveDate')) {	2✔
132	$authenticator->recordActiveDate();	2✔
133	}
134
135	// Handle additional access token validation if enabled
136	if (service('settings')->get('Auth.accessTokenEnabled')) {	2✔
137	return $this->validateAccessToken();	×
138	}
139	}
140
141	/**
142	* Validate access token when enabled
143	*/
144	private function validateAccessToken()	×
145	{
146	$accessToken = (Services::auth(false))->setAuthenticator('access_token')->attempt();	×
147
148	if (! $accessToken->isOK() && service('settings')->get('Auth.strictApiAndAuth')) {	×
149	return service('response')	×
150	->setStatusCode(ResponseInterface::HTTP_UNAUTHORIZED)	×
151	->setJson([	×
152	'message' => ($accessToken instanceof Result)	×
153	? $accessToken->reason()	×
154	: lang('Auth.badToken'),	×
155	]);	×
156	}
157	}
158
159	/**
160	* We don't have anything to do here.
161	*
162	* @param array\|null $arguments
163	*/
164	public function after(RequestInterface $request, ResponseInterface $response, $arguments = null): void	3✔
165	{
166	// Nothing required
167	}	3✔
168	}

daycry / auth / 22527357078

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous