tinyqc/app/Filters/AuthFilter.php

<?php

namespace App\Filters;

use CodeIgniter\Filters\FilterInterface;
use CodeIgniter\HTTP\RequestInterface;
use CodeIgniter\HTTP\ResponseInterface;
use Config\Services;
use App\Models\Auth\UsersModel;

class AuthFilter implements FilterInterface
{
    public function before(RequestInterface $request, $arguments = null)
    {
        $session = Services::session();
        $uri = service('uri');
        $currentPath = $uri->getPath();

        // Skip auth filter for login/logout routes
        $excludedPaths = ['login', 'logout'];
        if (in_array($currentPath, $excludedPaths)) {
            return;
        }

        // Check if user is logged in
        if (!$session->get('isLoggedIn')) {
            // Check for remember token
            $rememberToken = $_COOKIE['remember_token'] ?? null;
            if ($rememberToken) {
                $usersModel = new UsersModel();
                $user = $usersModel->findByRememberToken($rememberToken);

                if ($user) {
                    // Auto-login with remember token
                    $session->set([
                        'isLoggedIn' => true,
                        'userId' => $user['user_id'],
                        'username' => $user['username']
                    ]);
                    return;
                }
            }

            return redirect()->to('/login');
        }
    }

    public function after(RequestInterface $request, ResponseInterface $response, $arguments = null)
    {
        // Do nothing
    }
}
feat: Add user authentication system and secure all routes - Implement AuthController with login/logout functionality - Create UsersModel with bcrypt password hashing - Add AuthFilter to protect all application routes - Create login page with error handling - Add users database migration with email/username fields - Rename ResultComments to TestComments for consistency - Update all routes to require authentication filter - Enhance EntryApiController with comment deletion and better error handling - Update seeder to include demo users and improved test data - Fix BaseController to handle auth sessions properly - Update entry views (daily/monthly) with new API endpoints - Update layout with logout button and user info display - Refactor control test index view for better organization 2026-02-09 11:12:12 +07:00			`<?php`

			`namespace App\Filters;`

			`use CodeIgniter\Filters\FilterInterface;`
			`use CodeIgniter\HTTP\RequestInterface;`
			`use CodeIgniter\HTTP\ResponseInterface;`
			`use Config\Services;`
			`use App\Models\Auth\UsersModel;`

			`class AuthFilter implements FilterInterface`
			`{`
			`public function before(RequestInterface $request, $arguments = null)`
			`{`
			`$session = Services::session();`
			`$uri = service('uri');`
			`$currentPath = $uri->getPath();`

			`// Skip auth filter for login/logout routes`
			`$excludedPaths = ['login', 'logout'];`
			`if (in_array($currentPath, $excludedPaths)) {`
			`return;`
			`}`

			`// Check if user is logged in`
			`if (!$session->get('isLoggedIn')) {`
			`// Check for remember token`
			`$rememberToken = $_COOKIE['remember_token'] ?? null;`
			`if ($rememberToken) {`
			`$usersModel = new UsersModel();`
			`$user = $usersModel->findByRememberToken($rememberToken);`

			`if ($user) {`
			`// Auto-login with remember token`
			`$session->set([`
			`'isLoggedIn' => true,`
			`'userId' => $user['user_id'],`
			`'username' => $user['username']`
			`]);`
			`return;`
			`}`
			`}`

			`return redirect()->to('/login');`
			`}`
			`}`

			`public function after(RequestInterface $request, ResponseInterface $response, $arguments = null)`
			`{`
			`// Do nothing`
			`}`
			`}`