Check if user role has changed while the session is open

2019-01-30 20:59:25 -08:00 · 2019-01-30 20:59:25 -08:00 · 61a55c8888
parent 19ea9ed620
commit 61a55c8888
3 changed files with 12 additions and 2 deletions
--- a/app/Auth/DatabaseAuth.php
+++ b/app/Auth/DatabaseAuth.php
@ -84,7 +84,7 @@ class DatabaseAuth extends Base implements PasswordAuthenticationProviderInterfa
     */
    public function isValidSession()
    {
-        return $this->userModel->isActive($this->userSession->getId());
+        return $this->userModel->isValidSession($this->userSession->getId(), $this->userSession->getRole());
    }

    /**
--- a/app/Middleware/AuthenticationMiddleware.php
+++ b/app/Middleware/AuthenticationMiddleware.php
@ -20,7 +20,8 @@ class AuthenticationMiddleware extends BaseMiddleware
    public function execute()
    {
        if (! $this->authenticationManager->checkCurrentSession()) {
-            throw AccessForbiddenException::getInstance()->withoutLayout();
+            $this->response->redirect($this->helper->url->to('AuthController', 'login'));
+            return;
        }

        if (! $this->isPublicAccess()) {
--- a/app/Model/UserModel.php
+++ b/app/Model/UserModel.php
@ -29,6 +29,15 @@ class UserModel extends Base
     */
    const EVERYBODY_ID = -1;

+    public function isValidSession($userID, $sessionRole)
+    {
+        return $this->db->table(self::TABLE)
+            ->eq('id', $userID)
+            ->eq('is_active', 1)
+            ->eq('role', $sessionRole)
+            ->exists();
+    }
+
    /**
     * Return true if the user exists
     *