Commit 1b4497fa authored by Jacob Priddy's avatar Jacob Priddy 👌

authentication and authorization are different lmao

parent d3ea6714
......@@ -7,6 +7,7 @@ use Illuminate\Http\Request;
use Illuminate\Http\JsonResponse;
use Source\Exceptions\EntityExistsException;
use Illuminate\Auth\AuthenticationException;
use Source\Exceptions\AuthorizationException;
use Source\Exceptions\EntityNotFoundException;
use Illuminate\Validation\ValidationException;
use Illuminate\Foundation\Exceptions\Handler as ExceptionHandler;
......@@ -54,6 +55,14 @@ class Handler extends ExceptionHandler {
return $this->respondWithError($exception->getMessage(), $exception->getCode());
}
if ($exception instanceof \Source\Exceptions\AuthenticationException) {
return response()->json(['message' => $exception->getMessage()], 401);
}
if ($exception instanceof AuthorizationException) {
return response()->json(['message' => $exception->getMessage()], 403);
}
return parent::render($request, $exception);
}
......
......@@ -8,7 +8,7 @@ use Illuminate\Http\JsonResponse;
use Illuminate\Http\RedirectResponse;
use Illuminate\Support\Facades\Cookie;
use Illuminate\Auth\AuthenticationException;
use Source\Exceptions\AuthorizationException;
use Source\Exceptions\AuthenticationException;
use Source\Exceptions\EntityNotFoundException;
use Source\UseCases\Users\Authenticate\APIPresenter;
use Source\UseCases\Users\Authenticate\AuthenticateUseCase;
......@@ -35,7 +35,7 @@ class AuthController extends ApiController {
try {
$authenticateUseCase->attempt($presenter, $this->request->all());
} catch (AuthorizationException $e) {
} catch (AuthenticationException $e) {
throw new AuthenticationException();
}
......
<?php
namespace Source\Exceptions;
use Exception;
use Throwable;
class AuthenticationException extends Exception {
public function __construct($message = 'Unauthenticated', $code = 401, Throwable $previous = null) {
parent::__construct($message, $code, $previous);
}
}
......@@ -8,7 +8,7 @@ use Exception;
use Throwable;
class AuthorizationException extends Exception {
public function __construct($message = 'Unauthorized', $code = 0, Throwable $previous = null) {
public function __construct($message = 'Unauthorized', $code = 403, Throwable $previous = null) {
parent::__construct($message, $code, $previous);
}
}
......@@ -9,7 +9,7 @@ use Illuminate\Support\Str;
use Source\Gateways\Saml\SamlRepository;
use Source\Gateways\Users\UsersRepository;
use Source\Gateways\Tokens\TokensRepository;
use Source\Exceptions\AuthorizationException;
use Source\Exceptions\AuthenticationException;
class Authenticate implements AuthenticateUseCase {
protected UsersRepository $users;
......@@ -32,13 +32,13 @@ class Authenticate implements AuthenticateUseCase {
$password = $credentials['password'] ?? null;
if (!$email || !$password) {
throw new AuthorizationException();
throw new AuthenticationException();
}
$user = $this->users->findByCredentials(strtolower($email), $password);
if (!$user) {
throw new AuthorizationException();
throw new AuthenticationException();
}
$token = $this->tokens->create(
......
......@@ -4,7 +4,7 @@
namespace Source\UseCases\Users\Authenticate;
use Source\Exceptions\AuthorizationException;
use Source\Exceptions\AuthenticationException;
use Source\Exceptions\EntityNotFoundException;
interface AuthenticateUseCase {
......@@ -13,7 +13,7 @@ interface AuthenticateUseCase {
*
* @param Presenter $presenter
* @param array $credentials
* @throws AuthorizationException
* @throws AuthenticationException
* @throws EntityNotFoundException
*/
public function attempt(Presenter $presenter, array $credentials): void;
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment