eclipsephp-frontend-panel/src/Http/Middleware/CheckFrontendFeatures.php at 7f4e29cba3213d935f92a7562490158739cb8811 · DataLinx/eclipsephp-frontend-panel · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
<?php

namespace Eclipse\Frontend\Http\Middleware;

use Closure;
use Eclipse\Core\Services\Registry;
use Exception;
use Filament\Facades\Filament;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\DB;
use Symfony\Component\HttpFoundation\Response;

class CheckFrontendFeatures
{
    public function handle(Request $request, Closure $next): Response
    {
        $routeName = $request->route()?->getName();

        if (! $routeName) {
            return $next($request);
        }

        $site = Registry::getSite();

        if (! $site) {
            return $next($request);
        }

        if ($this->isAuthRoute($routeName) && ! $this->getSetting($site->id, 'enable_logins')) {
            abort(404);
        }

        if ($this->isRegisterRoute($routeName) && ! $this->getSetting($site->id, 'allow_registration')) {
            abort(404);
        }

        if (! $this->isAuthRoute($routeName) && ! $this->isRegisterRoute($routeName)) {
            $guestAccess = $this->getSetting($site->id, 'guest_access');
            $enableLogins = $this->getSetting($site->id, 'enable_logins');

            if (! $guestAccess && ! Filament::auth()->check()) {
                if ($enableLogins) {
                    return redirect()->route('filament.frontend.auth.login');
                }

                abort(404);
            }
        }

        return $next($request);
    }

    private function isAuthRoute(string $routeName): bool
    {
        return str_contains($routeName, '.auth.login')
            || str_contains($routeName, '.auth.password-reset');
    }

    private function isRegisterRoute(string $routeName): bool
    {
        return str_contains($routeName, '.auth.register');
    }

    private function getSetting(int $siteId, string $settingName): bool
    {
        try {
            $value = DB::table('settings')
                ->where('group', 'frontend')
                ->where('name', $settingName)
                ->where('site_id', $siteId)
                ->value('payload');

            return $value !== null ? json_decode($value) : true;
        } catch (Exception $e) {
            return true;
        }
    }
}