From c40051edf610f08907ae7279a4516f90e5e0d25f Mon Sep 17 00:00:00 2001
From: Damien <damien.burel@maarch.org>
Date: Wed, 24 Oct 2018 09:50:05 +0200
Subject: [PATCH] [REFACTORING] Routes without auth

---
 rest/index.php | 22 +++++++++-------------
 1 file changed, 9 insertions(+), 13 deletions(-)

diff --git a/rest/index.php b/rest/index.php
index f29ef20cfc7..05360b2c87d 100755
--- a/rest/index.php
+++ b/rest/index.php
@@ -28,32 +28,28 @@ require_once("src/core/lang/lang-{$language}.php");
 
 $app = new \Slim\App(['settings' => ['displayErrorDetails' => true, 'determineRouteBeforeAppMiddleware' => true]]);
 
-//route without auth
-$app->get('/jnlpDownload/{jnlpUniqueId}', \ContentManagement\controllers\JnlpController::class . ':donwloadJnlp');
-
 //Authentication
 $app->add(function (\Slim\Http\Request $request, \Slim\Http\Response $response, callable $next) {
+    $routesWithoutAuthentication = ['/jnlpDownload/{jnlpUniqueId}'];
     $route = $request->getAttribute('route');
-    if ($route->getPattern() <> '/jnlpDownload/{jnlpUniqueId}') {
+    $currentRoute = empty($route) ? '' : $route->getPattern();
+
+    if (!in_array($currentRoute, $routesWithoutAuthentication)) {
         $userId = \SrcCore\controllers\AuthenticationController::authentication();
         if (!empty($userId)) {
             $GLOBALS['userId'] = $userId;
-            if (!empty($route)) {
-                $currentRoute = $route->getPattern();
+            if (!empty($currentRoute)) {
                 $r = \SrcCore\controllers\AuthenticationController::isRouteAvailable(['userId' => $userId, 'currentRoute' => $currentRoute]);
                 if (!$r['isRouteAvailable']) {
                     return $response->withStatus(405)->withJson(['errors' => $r['errors']]);
                 }
             }
-            $response = $next($request, $response);
-            return $response;
         } else {
             return $response->withStatus(401)->withJson(['errors' => 'Authentication Failed']);
         }
-    } else {
-        $response = $next($request, $response);
-        return $response;
     }
+    $response = $next($request, $response);
+    return $response;
 });
 
 //Initialize
@@ -177,8 +173,8 @@ $app->get('/home/lastRessources', \Home\controllers\HomeController::class . ':ge
 
 //Jnlp
 $app->post('/jnlp', \ContentManagement\controllers\JnlpController::class . ':generateJnlp');
-
-//$app->get('/jnlp/{jnlpUniqueId}', \ContentManagement\controllers\JnlpController::class . ':renderJnlp');
+$app->get('/jnlpDownload/{jnlpUniqueId}', \ContentManagement\controllers\JnlpController::class . ':donwloadJnlp');
+$app->get('/jnlp/{jnlpUniqueId}', \ContentManagement\controllers\JnlpController::class . ':renderJnlp');
 $app->post('/jnlp/{jnlpUniqueId}', \ContentManagement\controllers\JnlpController::class . ':processJnlp');
 $app->get('/jnlp/lock/{jnlpUniqueId}', \ContentManagement\controllers\JnlpController::class . ':isLockFileExisting');
 
-- 
GitLab