authentication and authorization are different lmao

1b4497fa · Jacob Priddy · d3ea6714 · 1b4497fa · 1b4497fa · 1b4497fa
Commit 1b4497fa authored Mar 01, 2020 by Jacob Priddy 👌
6 changed files
--- a/src/web/backend/app/Exceptions/Handler.php
+++ b/src/web/backend/app/Exceptions/Handler.php
@@ -7,6 +7,7 @@ use Illuminate\Http\Request;
 use Illuminate\Http\JsonResponse;
 use Source\Exceptions\EntityExistsException;
 use Illuminate\Auth\AuthenticationException;
+use Source\Exceptions\AuthorizationException;
 use Source\Exceptions\EntityNotFoundException;
 use Illuminate\Validation\ValidationException;
 use Illuminate\Foundation\Exceptions\Handler as ExceptionHandler;
@@ -54,6 +55,14 @@ class Handler extends ExceptionHandler {
            return $this->respondWithError($exception->getMessage(), $exception->getCode());
        }

+        if ($exception instanceof \Source\Exceptions\AuthenticationException) {
+            return response()->json(['message' => $exception->getMessage()], 401);
+        }
+
+        if ($exception instanceof AuthorizationException) {
+            return response()->json(['message' => $exception->getMessage()], 403);
+        }
+
        return parent::render($request, $exception);
    }


--- a/src/web/backend/app/Http/Controllers/AuthController.php
+++ b/src/web/backend/app/Http/Controllers/AuthController.php
@@ -8,7 +8,7 @@ use Illuminate\Http\JsonResponse;
 use Illuminate\Http\RedirectResponse;
 use Illuminate\Support\Facades\Cookie;
 use Illuminate\Auth\AuthenticationException;
-use Source\Exceptions\AuthorizationException;
+use Source\Exceptions\AuthenticationException;
 use Source\Exceptions\EntityNotFoundException;
 use Source\UseCases\Users\Authenticate\APIPresenter;
 use Source\UseCases\Users\Authenticate\AuthenticateUseCase;
@@ -35,7 +35,7 @@ class AuthController extends ApiController {

        try {
            $authenticateUseCase->attempt($presenter, $this->request->all());
-        } catch (AuthorizationException $e) {
+        } catch (AuthenticationException $e) {
            throw new AuthenticationException();
        }


--- a/src/web/backend/src/Exceptions/AuthenticationException.php
+++ b/src/web/backend/src/Exceptions/AuthenticationException.php
+<?php
+
+
+namespace Source\Exceptions;
+
+
+use Exception;
+use Throwable;
+
+class AuthenticationException extends Exception {
+    public function __construct($message = 'Unauthenticated', $code = 401, Throwable $previous = null) {
+        parent::__construct($message, $code, $previous);
+    }
+}
--- a/src/web/backend/src/Exceptions/AuthorizationException.php
+++ b/src/web/backend/src/Exceptions/AuthorizationException.php
@@ -8,7 +8,7 @@ use Exception;
 use Throwable;

 class AuthorizationException extends Exception {
-    public function __construct($message = 'Unauthorized', $code = 0, Throwable $previous = null) {
+    public function __construct($message = 'Unauthorized', $code = 403, Throwable $previous = null) {
        parent::__construct($message, $code, $previous);
    }
 }
--- a/src/web/backend/src/UseCases/Users/Authenticate/Authenticate.php
+++ b/src/web/backend/src/UseCases/Users/Authenticate/Authenticate.php
@@ -9,7 +9,7 @@ use Illuminate\Support\Str;
 use Source\Gateways\Saml\SamlRepository;
 use Source\Gateways\Users\UsersRepository;
 use Source\Gateways\Tokens\TokensRepository;
-use Source\Exceptions\AuthorizationException;
+use Source\Exceptions\AuthenticationException;

 class Authenticate implements AuthenticateUseCase {
    protected UsersRepository $users;
@@ -32,13 +32,13 @@ class Authenticate implements AuthenticateUseCase {
        $password = $credentials['password'] ?? null;

        if (!$email || !$password) {
-            throw new AuthorizationException();
+            throw new AuthenticationException();
        }

        $user = $this->users->findByCredentials(strtolower($email), $password);

        if (!$user) {
-            throw new AuthorizationException();
+            throw new AuthenticationException();
        }

        $token = $this->tokens->create(

--- a/src/web/backend/src/UseCases/Users/Authenticate/AuthenticateUseCase.php
+++ b/src/web/backend/src/UseCases/Users/Authenticate/AuthenticateUseCase.php
@@ -4,7 +4,7 @@
 namespace Source\UseCases\Users\Authenticate;


-use Source\Exceptions\AuthorizationException;
+use Source\Exceptions\AuthenticationException;
 use Source\Exceptions\EntityNotFoundException;

 interface AuthenticateUseCase {
@@ -13,7 +13,7 @@ interface AuthenticateUseCase {
     *
     * @param Presenter $presenter
     * @param array     $credentials
-     * @throws AuthorizationException
+     * @throws AuthenticationException
     * @throws EntityNotFoundException
     */
    public function attempt(Presenter $presenter, array $credentials): void;