Radar middleware response question

63 views
Skip to first unread message

Chris Johnson

unread,
Sep 30, 2015, 7:03:49 PM9/30/15
to The Aura Project for PHP
Why doesn't the following work?  I'm probably doing something completely wrong, but I'm stumped.

<?php

use Radar\Adr\Boot;
use Zend\Diactoros\Response as Response;

require '../vendor/autoload.php';

$boot = new Boot();
$adr = $boot->adr();

/**
 * Middleware
 */

$adr->middle(function ($request, $response, callable $next) {

    $response = $response->withStatus(403, 'You need to login');

    return $response;
});



Rocco Palladino

unread,
Oct 1, 2015, 12:22:55 PM10/1/15
to The Aura Project for PHP
There's nothing wrong with that middleware, but your snippet is missing a couple things to be functional: (1) you need to include the ResponseSender middleware to actually send the http response that your middleware returns; (2) you need to call $adr->run() to get things going. This snippet below fills in the missing pieces:

<?php

use Radar\Adr\Boot;
use Relay\Middleware\ResponseSender;

use Zend\Diactoros\Response as Response;
use Zend\Diactoros\ServerRequestFactory as ServerRequestFactory;


require '../vendor/autoload.php';

$boot = new Boot();
$adr = $boot->adr();


$adr->middle(new ResponseSender());

$adr->middle(function ($request, $response, callable $next) {

    $response = $response->withStatus(403, 'You need to login');

    return $response;
});


$adr->run(ServerRequestFactory::fromGlobals(), new Response());

--rocco
 

Chris Johnson

unread,
Oct 2, 2015, 9:58:03 AM10/2/15
to The Aura Project for PHP
Thank you for the reply.

How do I get the same result as your sample code, when I have routing to multiple Actions and Responders?  It seems as if any of them match, the 403 status will then get overwritten by them.  For example, I have code like this:

$adr->get('foo', '/foo', '\Foo')
    ->responder('\HtmlResponder');
$adr->get('bar', '/bar', '\Bar')
    ->responder('\HtmlResponder');
$adr->get('generic', '{/controller,action,id}', '\Clx\ClientList')
    ->responder('\HtmlResponder');



I want to short-circuit the process with my middleware.  I am attempting to have the middleware check to see if the request contains an authenticated session cookie before sending the request all the way down to the Domain code.

..chris

Paul M. Jones

unread,
Oct 2, 2015, 10:03:56 AM10/2/15
to aur...@googlegroups.com

> On Oct 2, 2015, at 08:58, Chris Johnson <cxjo...@gmail.com> wrote:
>
> How do I get the same result as your sample code, when I have routing to multiple Actions and Responders?

As long as your 403 handler is in the stack *before* the RoutingHandler, it should take precedence over any routing.


--
Paul M. Jones
pmjo...@gmail.com
http://paul-m-jones.com

Modernizing Legacy Applications in PHP
https://leanpub.com/mlaphp

Solving the N+1 Problem in PHP
https://leanpub.com/sn1php


Chris Johnson

unread,
Oct 8, 2015, 10:26:23 AM10/8/15
to The Aura Project for PHP


On Friday, 2 October 2015 09:03:56 UTC-5, pmjones wrote:

> On Oct 2, 2015, at 08:58, Chris Johnson <cxjo...@gmail.com> wrote:
>
> How do I get the same result as your sample code, when I have routing to multiple Actions and Responders?

As long as your 403 handler is in the stack *before* the RoutingHandler, it should take precedence over any routing.



Finally getting back to this.  Thanks for the reply.

I've managed to get my real code to correctly return 403 status, but now I'm stymied as to how to get it to return a reasonable HTML page.  That is, how do I correctly invoke my HTML Responder (from middleware?), when I've short-circuited the process before it gets routed to my Actions? 

My imaginary execution path looks something like this:

HTTP request -> Middleware (checks for valid auth cookie) -> valid == yes -> Router -> Action -> Domain -> Responder

HTTP request -> Middleware (checks for valid auth cookie) -> valid == no -> Responder

Is that doable?  Is it even reasonable?

Rocco Palladino

unread,
Oct 9, 2015, 9:35:28 AM10/9/15
to The Aura Project for PHP

Hi Chris. 


You should be able to invoke your responder right there in the middleware, I think. You’ll need to also create a payload instance, and pass that along when you invoke the responder. Something along these lines should work:


$adr->middle(function ($request, $response, callable $next) {
    if (! /* auth credentials detected */) {
        $payload = new Aura\Payload\Payload();
        $payload = $payload
            ->setStatus($payload::NOT_AUTHENTICATED)
            ->setMessages('You need to login');

        $responder = new Your\HtmlResponder();
        return $responder($request, $response, $payload);
    }

    return $next($request, $response);
});



Note that if your middleware is a class rather than a lambda, you should be able to configure the container to inject the payload and responder instances rather than creating them inline. I do not think this approach is unreasonable, even if it is a departure from the usual way of ADR. What do you think?


--rocco

 

Chris Johnson

unread,
Oct 10, 2015, 12:04:11 AM10/10/15
to aur...@googlegroups.com
Hi Rocco,

Thanks much for the reply.  I'm attempting to get your suggestion to work for me, but something's going awry somewhere -- getting a blank screen (no output).  I need to try debugging it a bit before I may have another intelligent question.

..chris

 

--
You received this message because you are subscribed to a topic in the Google Groups "The Aura Project for PHP" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/auraphp/xbRC8RZQfHk/unsubscribe.
To unsubscribe from this group and all its topics, send an email to auraphp+u...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Reply all
Reply to author
Forward
0 new messages