reAuth implemented

src/Tqdev/PhpCrudApi/Api.php

@@ -1,4 +1,5 @@
 <?php
+
 namespace Tqdev\PhpCrudApi;
 
 use Psr\Http\Message\ResponseInterface;
@@ -24,6 +25,7 @@ use Tqdev\PhpCrudApi\Middleware\FirewallMiddleware;
 use Tqdev\PhpCrudApi\Middleware\IpAddressMiddleware;
 use Tqdev\PhpCrudApi\Middleware\JoinLimitsMiddleware;
 use Tqdev\PhpCrudApi\Middleware\JwtAuthMiddleware;
+use Tqdev\PhpCrudApi\Middleware\ReAuthMiddleware;
 use Tqdev\PhpCrudApi\Middleware\MultiTenancyMiddleware;
 use Tqdev\PhpCrudApi\Middleware\PageLimitsMiddleware;
 use Tqdev\PhpCrudApi\Middleware\Router\SimpleRouter;
@@ -73,6 +75,9 @@ class Api implements RequestHandlerInterface
                 case 'dbAuth':
                     new DbAuthMiddleware($router, $responder, $properties, $reflection, $db);
                     break;
+                case 'reAuth':
+                    new ReAuthMiddleware($router, $responder, $properties, $reflection, $db);
+                    break;
                 case 'validation':
                     new ValidationMiddleware($router, $responder, $properties, $reflection);
                     break;

src/Tqdev/PhpCrudApi/Column/ReflectionService.php

@@ -1,4 +1,5 @@
 <?php
+
 namespace Tqdev\PhpCrudApi\Column;
 
 use Tqdev\PhpCrudApi\Cache\Cache;
@@ -19,10 +20,18 @@ class ReflectionService
         $this->db = $db;
         $this->cache = $cache;
         $this->ttl = $ttl;
-        $this->database = $this->loadDatabase(true);
+        $this->database = null;
         $this->tables = [];
     }
 
+    private function database(): ReflectedDatabase
+    {
+        if (!$this->database) {
+            $this->database = $this->loadDatabase(true);
+        }
+        return $this->database;
+    }
+
     private function loadDatabase(bool $useCache): ReflectedDatabase
     {
         $data = $useCache ? $this->cache->get('ReflectedDatabase') : '';
@@ -42,7 +51,7 @@ class ReflectionService
         if ($data != '') {
             $table = ReflectedTable::fromJson(json_decode(gzuncompress($data)));
         } else {
-            $tableType = $this->database->getType($tableName);
+            $tableType = $this->database()->getType($tableName);
             $table = ReflectedTable::fromReflection($this->db->reflection(), $tableName, $tableType);
             $data = gzcompress(json_encode($table, JSON_UNESCAPED_UNICODE));
             $this->cache->set("ReflectedTable($tableName)", $data, $this->ttl);
@@ -62,12 +71,12 @@ class ReflectionService
 
     public function hasTable(string $tableName): bool
     {
-        return $this->database->hasTable($tableName);
+        return $this->database()->hasTable($tableName);
     }
 
     public function getType(string $tableName): string
     {
-        return $this->database->getType($tableName);
+        return $this->database()->getType($tableName);
     }
 
     public function getTable(string $tableName): ReflectedTable
@@ -80,18 +89,17 @@ class ReflectionService
 
     public function getTableNames(): array
     {
-        return $this->database->getTableNames();
+        return $this->database()->getTableNames();
     }
 
     public function getDatabaseName(): string
     {
-        return $this->database->getName();
+        return $this->database()->getName();
     }
 
     public function removeTable(string $tableName): bool
     {
         unset($this->tables[$tableName]);
-        return $this->database->removeTable($tableName);
+        return $this->database()->removeTable($tableName);
     }
-
 }

src/Tqdev/PhpCrudApi/Database/GenericDB.php

@@ -1,4 +1,5 @@
 <?php
+
 namespace Tqdev\PhpCrudApi\Database;
 
 use Tqdev\PhpCrudApi\Column\Reflection\ReflectedTable;
@@ -20,25 +21,30 @@ class GenericDB
     private function getDsn(string $address, int $port, string $database): string
     {
         switch ($this->driver) {
-            case 'mysql':return "$this->driver:host=$address;port=$port;dbname=$database;charset=utf8mb4";
-            case 'pgsql':return "$this->driver:host=$address port=$port dbname=$database options='--client_encoding=UTF8'";
-            case 'sqlsrv':return "$this->driver:Server=$address,$port;Database=$database";
+            case 'mysql':
+                return "$this->driver:host=$address;port=$port;dbname=$database;charset=utf8mb4";
+            case 'pgsql':
+                return "$this->driver:host=$address port=$port dbname=$database options='--client_encoding=UTF8'";
+            case 'sqlsrv':
+                return "$this->driver:Server=$address,$port;Database=$database";
         }
     }
 
     private function getCommands(): array
     {
         switch ($this->driver) {
-            case 'mysql':return [
+            case 'mysql':
+                return [
                     'SET SESSION sql_warnings=1;',
                     'SET NAMES utf8mb4;',
                     'SET SESSION sql_mode = "ANSI,TRADITIONAL";',
                 ];
-            case 'pgsql':return [
+            case 'pgsql':
+                return [
                     "SET NAMES 'UTF8';",
                 ];
-            case 'sqlsrv':return [
-                ];
+            case 'sqlsrv':
+                return [];
         }
     }
 
@@ -49,16 +55,19 @@ class GenericDB
             \PDO::ATTR_DEFAULT_FETCH_MODE => \PDO::FETCH_ASSOC,
         );
         switch ($this->driver) {
-            case 'mysql':return $options + [
+            case 'mysql':
+                return $options + [
                     \PDO::ATTR_EMULATE_PREPARES => false,
                     \PDO::MYSQL_ATTR_FOUND_ROWS => true,
                     \PDO::ATTR_PERSISTENT => true,
                 ];
-            case 'pgsql':return $options + [
+            case 'pgsql':
+                return $options + [
                     \PDO::ATTR_EMULATE_PREPARES => false,
                     \PDO::ATTR_PERSISTENT => true,
                 ];
-            case 'sqlsrv':return $options + [
+            case 'sqlsrv':
+                return $options + [
                     \PDO::SQLSRV_ATTR_DIRECT_QUERY => false,
                     \PDO::SQLSRV_ATTR_FETCHES_NUMERIC_TYPE => true,
                 ];
@@ -74,7 +83,7 @@ class GenericDB
         $this->pdo = new LazyPdo($dsn, $username, $password, $options);
         $commands = $this->getCommands();
         foreach ($commands as $command) {
-            $this->pdo->query($command);
+            $this->pdo->addInitCommand($command);
         }
         $this->reflection = new GenericReflection($this->pdo, $driver, $database);
         $this->definition = new GenericDefinition($this->pdo, $driver, $database);

src/Tqdev/PhpCrudApi/Database/LazyPdo.php

@@ -1,4 +1,5 @@
 <?php
+
 namespace Tqdev\PhpCrudApi\Database;
 
 class LazyPdo extends \PDO
@@ -6,7 +7,8 @@ class LazyPdo extends \PDO
     private $dsn;
     private $user;
     private $password;
-    private $options = array();
+    private $options;
+    private $commands;
 
     private $pdo = null;
 
@@ -16,28 +18,37 @@ class LazyPdo extends \PDO
         $this->user = $user;
         $this->password = $password;
         $this->options = $options;
+        $this->commands = array();
         // explicitly NOT calling super::__construct
     }
 
+    public function addInitCommand(string $command)/*: void*/
+    {
+        $this->commands[] = $command;
+    }
+
     private function pdo()
     {
         if (!$this->pdo) {
             $this->pdo = new \PDO($this->dsn, $this->user, $this->password, $this->options);
+            foreach ($this->commands as $command) {
+                $this->pdo->query($command);
+            }
         }
         return $this->pdo;
     }
 
-    public function reauthenticate(/*?string*/ $user, /*?string*/ $password): bool
+    public function reauthenticate(/*?string*/$user, /*?string*/ $password): bool
     {
         $this->user = $user;
         $this->password = $password;
         if ($this->pdo) {
-            $this->pdo = new \PDO($this->dsn, $this->user, $this->password, $this->options);
-            return false; 
+            $this->pdo = null;
+            return false;
         }
         return true;
     }
-    
+
     public function inTransaction(): bool
     {
         // Do not call parent method if there is no pdo object
@@ -46,7 +57,7 @@ class LazyPdo extends \PDO
 
     public function setAttribute($attribute, $value): bool
     {
-        if ($this->pdo) { 
+        if ($this->pdo) {
             return $this->pdo()->setAttribute($attribute, $value);
         }
         $this->options[$attribute] = $value;
@@ -107,4 +118,4 @@ class LazyPdo extends \PDO
     {
         return call_user_func_array(array($this->pdo(), 'query'), func_get_args());
     }
-}
+}

src/Tqdev/PhpCrudApi/Middleware/DbAuthMiddleware.php

@@ -1,4 +1,5 @@
 <?php
+
 namespace Tqdev\PhpCrudApi\Middleware;
 
 use Psr\Http\Message\ResponseInterface;

src/Tqdev/PhpCrudApi/Middleware/ReauthMiddleware.php

@@ -1,34 +0,0 @@
-<?php
-namespace Tqdev\PhpCrudApi\Middleware;
-
-use Psr\Http\Message\ResponseInterface;
-use Psr\Http\Message\ServerRequestInterface;
-use Psr\Http\Server\RequestHandlerInterface;
-use Tqdev\PhpCrudApi\Column\ReflectionService;
-use Tqdev\PhpCrudApi\Controller\Responder;
-use Tqdev\PhpCrudApi\Database\GenericDB;
-use Tqdev\PhpCrudApi\Middleware\Base\Middleware;
-use Tqdev\PhpCrudApi\Middleware\Router\Router;
-use Tqdev\PhpCrudApi\Record\Condition\ColumnCondition;
-use Tqdev\PhpCrudApi\Record\ErrorCode;
-use Tqdev\PhpCrudApi\Record\OrderingInfo;
-use Tqdev\PhpCrudApi\RequestUtils;
-
-class ReauthMiddleware extends Middleware
-{
-    private $reflection;
-    private $db;
-
-    public function __construct(Router $router, Responder $responder, array $properties, ReflectionService $reflection, GenericDB $db)
-    {
-        parent::__construct($router, $responder, $properties);
-        $this->reflection = $reflection;
-        $this->db = $db;
-    }
-
-    public function process(ServerRequestInterface $request, RequestHandlerInterface $next): ResponseInterface
-    {
-        if (isset($_SESSION['username']))
-        return $next->handle($request);
-    }
-}

test.php

@@ -1,4 +1,5 @@
 <?php
+
 use Tqdev\PhpCrudApi\Api;
 use Tqdev\PhpCrudApi\Config;
 use Tqdev\PhpCrudApi\Database\GenericDB;
@@ -76,6 +77,23 @@ function runTest(Config $config, string $file, string $category): int
     return $success;
 }
 
+function getUsername(Config $config)
+{
+    if (!isset($config->getMiddlewares()['reAuth']['usernameHandler'])) {
+        return $config->getUsername();
+    }
+    return $config->getMiddlewares()['reAuth']['usernameHandler']();
+}
+
+function getPassword(Config $config)
+{
+    if (!isset($config->getMiddlewares()['reAuth']['passwordHandler'])) {
+        return $config->getPassword();
+    }
+    return $config->getMiddlewares()['reAuth']['passwordHandler']();
+}
+
+
 function loadFixture(string $dir, Config $config)
 {
     $driver = $config->getDriver();
@@ -86,8 +104,8 @@ function loadFixture(string $dir, Config $config)
         $config->getAddress(),
         $config->getPort(),
         $config->getDatabase(),
-        $config->getUsername(),
-        $config->getPassword()
+        getUsername($config),
+        getPassword($config)
     );
     $pdo = $db->pdo();
     $file = preg_replace('/--.*$/m', '', $file);

tests/config/base.php

@@ -1,10 +1,10 @@
 <?php
 $settings = [
     'database' => 'php-crud-api',
-    'username' => 'php-crud-api',
-    'password' => 'php-crud-api',
+    'username' => 'incorrect_username',
+    'password' => 'incorrect_password',
     'controllers' => 'records,columns,cache,openapi,geojson',
-    'middlewares' => 'cors,dbAuth,jwtAuth,basicAuth,authorization,validation,ipAddress,sanitation,multiTenancy,pageLimits,joinLimits,customization',
+    'middlewares' => 'cors,reAuth,dbAuth,jwtAuth,basicAuth,authorization,validation,ipAddress,sanitation,multiTenancy,pageLimits,joinLimits,customization',
     'dbAuth.mode' => 'optional',
     'dbAuth.returnedColumns' => 'id,username,password',
     'jwtAuth.mode' => 'optional',
@@ -12,6 +12,12 @@ $settings = [
     'jwtAuth.secret' => 'axpIrCGNGqxzx2R9dtXLIPUSqPo778uhb8CA0F4Hx',
     'basicAuth.mode' => 'optional',
     'basicAuth.passwordFile' => __DIR__ . DIRECTORY_SEPARATOR . '.htpasswd',
+    'reAuth.usernameHandler' => function () {
+        return 'php-crud-api';
+    },
+    'reAuth.passwordHandler' => function () {
+        return 'php-crud-api';
+    },
     'authorization.tableHandler' => function ($operation, $tableName) {
         return !($tableName == 'invisibles' && !isset($_SESSION['claims']['name']) && empty($_SESSION['username']) && empty($_SESSION['user']));
     },