Add login template and refactor

wcpos · Jul 1, 2023 · 70e9d28 · 70e9d28
1 parent 6e93c31
commit 70e9d28
Show file tree

Hide file tree

Showing 24 changed files with 905 additions and 824 deletions.
diff --git a/includes/API.php b/includes/API.php
@@ -10,6 +10,7 @@
 
 namespace WCPOS\WooCommercePOS;
 
+use WCPOS\WooCommercePOS\Services\Auth;
 use WP_HTTP_Response;
 use WP_REST_Request;
 use WP_REST_Response;
@@ -23,10 +24,26 @@ class API {
 	 * @var array
 	 */
 	protected $controllers = array();
-	private $wc_rest_api_handler;
 
+    /**
+     * @var
+     */
+    protected $wc_rest_api_handler;
+
+    /**
+     * @var
+     */
+    protected $auth_service;
+
+    /**
+     * @var bool
+     */
+    protected $is_auth_checked = false;
+
+
+    public function __construct() {
+        $this->auth_service = new Auth();
 
-	public function __construct() {
 		// Init and register routes for the WCPOS REST API
 		$this->controllers = array(
 			'auth'     => new API\Auth(),
@@ -45,6 +62,7 @@ public function __construct() {
 
 		// Adds authentication to for JWT bearer tokens
 		add_filter( 'determine_current_user', array( $this, 'determine_current_user' ) );
+        add_filter( 'rest_authentication_errors', array( $this, 'rest_authentication_errors' ), 50, 1 );
 
 		// Adds uuid for the WordPress install
 		add_filter( 'rest_index', array( $this, 'rest_index' ), 10, 1 );
@@ -107,27 +125,62 @@ public function rest_pre_serve_request( bool $served, WP_HTTP_Response $result,
 	 * @return false|int|void
 	 */
 	public function determine_current_user( $user_id ) {
+        $this->is_auth_checked = true;
 		if ( ! empty( $user_id ) ) {
 			return $user_id;
 		}
 
-		// extract Bearer token from Authorization Header
-		list($token) = sscanf( $this->get_auth_header(), 'Bearer %s' );
-
-		if ( $token ) {
-			$decoded_token = $this->controllers['auth']->validate_token( $token, false );
-
-			if ( empty( $decoded_token ) || is_wp_error( $decoded_token ) ) {
-				return $user_id;
-			}
-			$user = ! empty( $decoded_token->data->user->id ) ? $decoded_token->data->user->id : $user_id;
-
-			return absint( $user );
-		}
-
-		return $user_id;
+		return $this->authenticate( $user_id );
 	}
 
+    /**
+     * It's possible that the determine_current_user filter above is not called
+     * https://github.com/woocommerce/woocommerce/issues/26847
+     *
+     * We need to make sure our
+     */
+    public function rest_authentication_errors( $errors ) {
+        // Pass through other errors
+        if ( ! empty( $error ) ) {
+            return $error;
+        }
+
+        // check if determine_current_user has been called
+        if ( ! $this->is_auth_checked ) {
+            // Authentication hasn't occurred during `determine_current_user`, so check auth.
+            $user_id = $this->authenticate( false );
+            if ( $user_id ) {
+                wp_set_current_user( $user_id );
+                return true;
+            }
+        }
+
+        return $errors;
+    }
+
+    /**
+     * @param int|false $user_id User ID if one has been determined, false otherwise.
+     *
+     * @return integer
+     */
+    private function authenticate( $user_id ) {
+        // extract Bearer token from Authorization Header
+        list($token) = sscanf( $this->get_auth_header(), 'Bearer %s' );
+
+        if ( $token ) {
+            $decoded_token = $this->auth_service->validate_token( $token );
+
+            if ( empty( $decoded_token ) || is_wp_error( $decoded_token ) ) {
+                return $user_id;
+            }
+            $user = ! empty( $decoded_token->data->user->id ) ? $decoded_token->data->user->id : $user_id;
+
+            return absint( $user );
+        }
+
+        return $user_id;
+    }
+
 	/**
 	 * @return false|string
 	 */
@@ -147,6 +200,7 @@ public function get_auth_header() {
 	 * Add uuid to the WP REST API index.
 	 *
 	 * @param WP_REST_Response $response Response data
+     *
 	 * @return WP_REST_Response
 	 */
 	public function rest_index( WP_REST_Response $response ): WP_REST_Response {

diff --git a/includes/API/Controller.php → includes/API/Abstracts/Controller.php b/includes/API/Controller.php → includes/API/Abstracts/Controller.php
@@ -12,22 +12,20 @@
  * @see     https://developer.wordpress.org/rest-api/extending-the-rest-api/controller-classes/
  */
 
-namespace WCPOS\WooCommercePOS\API;
-
-use const WCPOS\WooCommercePOS\SHORT_NAME;
+namespace WCPOS\WooCommercePOS\API\Abstracts;
 
 use WP_REST_Controller;
+use function defined;
+use const WCPOS\WooCommercePOS\SHORT_NAME;
 
-if ( ! \defined( 'ABSPATH' ) ) {
+if ( ! defined( 'ABSPATH' ) ) {
 	exit;
 }
 
 /**
  * Abstract Rest Controller Class.
  *
  * @extends  WP_REST_Controller
- *
- * @version  2.6.0
  */
 abstract class Controller extends WP_REST_Controller {
 	/**

diff --git a/includes/API/Abstracts/WC_Rest_API_Modifier.php b/includes/API/Abstracts/WC_Rest_API_Modifier.php
@@ -55,13 +55,13 @@ protected function parse_meta_data( WC_Data $object ): array {
      * This is just a helper function to try and alert us to these large responses
      *
      * @param WP_REST_Response $response
-     * @param WC_Data $object
+     * @param int $id
      */
-    protected function log_large_rest_response( WP_REST_Response $response, WC_Data $object ) {
+    protected function log_large_rest_response( WP_REST_Response $response, int $id ) {
         $response_size = strlen( serialize( $response->data ) );
         $max_response_size = 100000;
         if ( $response_size > $max_response_size ) {
-            Logger::log( "Object ID {$object->get_id()} has a response size of {$response_size} bytes, exceeding the limit of {$max_response_size} bytes." );
+            Logger::log( "ID {$id} has a response size of {$response_size} bytes, exceeding the limit of {$max_response_size} bytes." );
         }
     }
 }