Tried it, still the same. The redirect is not occurring. A page gets rendered with my header and footer (provided by middleware) but the url doesn’t reflect the redirection and the “dashboard” content is not displayed. - I can confirm this by looking directly at the html source -it’s a header / footer and nothing else
I moved all my code into one index file which I’m going to paste here, along with the two middleware classes I’m using to verify a logged in user and to add a header/footer to each page. Hopefully this helps someone see my errors.
my controller: index.php:
<?php
//load application settings
require 'config.php';
use \Psr\Http\Message\ServerRequestInterface as Request;
use \Psr\Http\Message\ResponseInterface as Response;
use Slim\Views\PhpRenderer;
$config['displayErrorDetails'] = true;
$config['addContentLengthHeader'] = false;
$config['db']['host'] = "127.0.0.1";
$config['db']['user'] = "root";
$config['db']['pass'] = "";
$config['db']['dbname'] = "assessment";
// Create the Slim application using our container.
$app = new \Slim\App(["settings" => $config]);
$container = $app->getContainer();
//database
$container['db'] = function($c){
//setup NOTORM
$db = $c['settings']['db'];
$pdo = new PDO("mysql:host=" . $db['host'] . ";dbname=" . $db['dbname'], $db['user'], $db['pass']);
$db = new NotORM($pdo);
$db->debug = true;
return $db;
};
$container['pdo'] = function ($c) {
//setup PDO
$db = $c['settings']['db'];
$pdo = new PDO("mysql:host=" . $db['host'] . ";dbname=" . $db['dbname'], $db['user'], $db['pass']);
$pdo->setAttribute(s::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$pdo->setAttribute(PDO::ATTR_DEFAULT_FETCH_MODE, PDO::FETCH_ASSOC);
return $pdo;
};
$container['view'] = new PhpRenderer(BASE_PATH . "/views/page/");
$container['elem'] = new PhpRenderer(BASE_PATH . "/views/elem/");
//middleware
require 'models/Header_footer.php';
$container['Header_footer'] = function ($c) { ;
$header_footer = new \App\Middleware\Header_footer($c['elem']);
return $header_footer;
};
require 'models/Auth.php';
$container['Auth'] = function ($c) {
$auth = new \App\Middleware\Auth;
$auth->set($c);
return $auth;
};
//POST routes
$app->post("/login", 'Auth:login')->add('Header_footer');
//GET routes
$app->get('/', function ($request,$response,$args) {
return $this->view->render($response, "login.html", ['msg'=>'please login']);
})->add('Header_footer');
$app->get("/login", 'Auth:show_login')->add('Header_footer')->setName('login');
$app->get('/logout', function ($request,$response,$args) {
// remove all session variables
session_unset();
// destroy the session
session_destroy();
$_SESSION=[];
return $this->view->render($response, '/login.html', ['msg'=>'You are logged out.']);
})->add('Header_footer');
$app->get('/dashboard', function ($request,$response,$args) {
return $this->view->render($response, "dashboard.html", []);
})->add('Header_footer')->add('Auth')->setName('dashboard');
$app->run();
My header/footer class (middleware):
<?php
namespace App\Middleware;
use Psr\Http\Message\ServerRequestInterface as Request;
use Psr\Http\Message\ResponseInterface as Response;
class Header_footer{
/**
* Authentication middleware invokable class
*
* @param \Psr\Http\Message\ServerRequestInterface $request PSR7 request
* @param \Psr\Http\Message\ResponseInterface $response PSR7 response
* @param callable $next Next middleware
*
* @return \Psr\Http\Message\ResponseInterface
**/
public function __construct($elem)
{
$this->elem = $elem;
}
public function __invoke(Request $request, Response $response, $next){
$renderer = $this->elem;
$renderer->render($response, 'header.php');
$next($request, $response);
$renderer->render($response, 'footer.php');
return $response;
}
}
My Verification class (middleware):
class Auth{
protected $view;
protected $elem;
protected $db;
protected $router;
public function __invoke(Request $request, Response $response, $next){
// this part runs before it hits the app
if(isset($_SESSION['tid'])){
// we're good here, pass along to the next middleware or the app
$response = $next($request, $response);
}else{
// nope, stop executing any future middeware and the app and just redirect the user here
return $response->withRedirect($this->router->pathFor('login'), 403);
}
// now you are sending along the request to the next middleware, or app if this is the last middleware
// ! //$response = $next($request, $response); <-- this line doubles up my webpage ??? wierd
// Now this is after the middleware chain has hit the app and is on its way back out through the middleware
return $response;
}
public function set($c){
//set container objects
$this->view = $c['view'];
$this->elem = $c['elem'];
$this->db = $c['db'];
$this->router = $c['router'];
}
public function login(Request $request, Response $response, $next){
//handle login request and redirect if ok, render msg if not ok
$data = $request->getParams();
$teacher=$this->db->teacher
->where('admin', 1)
->where('first_name', trim($data['first_name']))
->where('last_name', trim($data['last_name']))
->where('password', sha1($data['password']))
->fetch();
if($teacher){
//set session hash-id
$_SESSION['tid'] = $teacher['tid'];
//load teacher_obj :NOTE: admins are teachers with special permissions
//$response = $next($request, $response);
return $response->withRedirect($this->router->pathFor('dashboard'));
}else{
// $response = $next($request, $response);
return $this->view->render($response, "login.html", ['msg'=>'Wrong password and/or user name.']);
}
}
public function show_login(Request $request, Response $response, $next){
//display login page
return $this->view->render($response, "login.html", ['msg'=>'']);
}
}