SergiX44/XBackBone

View on GitHub
app/Middleware/AdminMiddleware.php

Summary

Maintainability
A
0 mins
Test Coverage
<?php

namespace App\Middleware;

use Psr\Http\Message\ResponseInterface;
use Psr\Http\Message\ServerRequestInterface as Request;
use Psr\Http\Server\RequestHandlerInterface as RequestHandler;
use Slim\Exception\HttpUnauthorizedException;

class AdminMiddleware extends Middleware
{
    /**
     * @param Request        $request
     * @param RequestHandler $handler
     *
     * @throws HttpUnauthorizedException
     *
     * @return ResponseInterface
     */
    public function __invoke(Request $request, RequestHandler $handler): ResponseInterface
    {
        if (!$this->database->query('SELECT `id`, `is_admin` FROM `users` WHERE `id` = ? LIMIT 1', [$this->session->get('user_id')])->fetch()->is_admin) {
            $this->session->set('admin', false);

            throw new HttpUnauthorizedException($request);
        }

        return $handler->handle($request);
    }
}