GEWIS · tomudding · Sep 20, 2024
diff --git a/docker/web/development/php.ini b/docker/web/development/php.ini
@@ -39,7 +39,7 @@ assert.exception = 1
 zend.assertions = 1
 
 [opcache]
-opcache.enable = 1
+opcache.enable = 0
 opcache.memory_consumption = 256
 opcache.interned_strings_buffer = 16
 opcache.max_accelerated_files = 10000
@@ -67,6 +67,9 @@ session.gc_divisor = 100
 session.gc_maxlifetime = 43200
 
 [XDebug]
+xdebug.remote_autostart=0
+xdebug.remote_enable=0
+xdebug.profiler_enable=0
 xdebug.max_nesting_level = 256
 xdebug.mode = develop,coverage,debug
 xdebug.client_host = host.docker.internal

diff --git a/module/Activity/config/module.config.php b/module/Activity/config/module.config.php
@@ -23,6 +23,7 @@
 use Doctrine\ORM\Mapping\Driver\AttributeDriver;
 use Laminas\Router\Http\Literal;
 use Laminas\Router\Http\Segment;
+use User\Listener\Authentication;
 
 return [
     'router' => [
@@ -449,6 +450,7 @@
                     'defaults' => [
                         'controller' => ApiController::class,
                         'action' => 'list',
+                        'auth_type' => Authentication::AUTH_API,
                     ],
                 ],
                 'may_terminate' => false,

diff --git a/module/Application/config/module.config.php b/module/Application/config/module.config.php
@@ -97,12 +97,14 @@
         'template_map' => [
             'layout/layout' => __DIR__ . '/../view/layout/layout.phtml',
             'application/index/teapot' => __DIR__ . '/../view/error/418.phtml',
-            'error/404' => __DIR__ . '/../view/error/404.phtml',
+            'error/401' => __DIR__ . '/../view/error/401.phtml',
             'error/403' => __DIR__ . '/../view/error/403.phtml',
+            'error/404' => __DIR__ . '/../view/error/404.phtml',
             'error/418' => __DIR__ . '/../view/error/418.phtml',
             'error/500' => __DIR__ . '/../view/error/500.phtml',
-            'error/debug/404' => __DIR__ . '/../view/error/debug/404.phtml',
+            'error/debug/401' => __DIR__ . '/../view/error/debug/401.phtml',
             'error/debug/403' => __DIR__ . '/../view/error/debug/403.phtml',
+            'error/debug/404' => __DIR__ . '/../view/error/debug/404.phtml',
             'error/debug/500' => __DIR__ . '/../view/error/debug/500.phtml',
             'paginator/default' => __DIR__ . '/../view/partial/paginator.phtml',
         ],

diff --git a/module/Application/src/Model/Enums/ApiResponseStatuses.php b/module/Application/src/Model/Enums/ApiResponseStatuses.php
@@ -0,0 +1,23 @@
+<?php
+
+declare(strict_types=1);
+
+namespace Application\Model\Enums;
+
+/**
+ * Enum for the different statuses an API response can have.
+ */
+enum ApiResponseStatuses: string
+{
+    // For 2xx codes
+    case Success = 'success';
+
+    // For 403 HTTP code
+    case Forbidden = 'forbidden';
+
+    // For 404 HTTP code
+    case NotFound = 'notfound';
+
+    // For 5xx HTTP codes
+    case Error = 'error';
+}
diff --git a/module/Application/src/Module.php b/module/Application/src/Module.php
@@ -66,7 +66,7 @@ public function onBootstrap(MvcEvent $e): void
         $moduleRouteListener->attach($eventManager);
 
         // Attach listener for locale determination through the `LanguageAwareTreeRouteStack`.
-        $eventManager->attach(MvcEvent::EVENT_ROUTE, [$this, 'onRoute']);
+        $eventManager->attach(MvcEvent::EVENT_ROUTE, [$this, 'onRoute'], 100);
 
         $eventManager->attach(MvcEvent::EVENT_DISPATCH_ERROR, [$this, 'logError']);
         $eventManager->attach(MvCEvent::EVENT_RENDER_ERROR, [$this, 'logError']);

diff --git a/module/Application/view/error/401.phtml b/module/Application/view/error/401.phtml
@@ -0,0 +1,22 @@
+<?php
+
+declare(strict_types=1);
+
+use Application\View\HelperTrait;
+use Laminas\View\Renderer\PhpRenderer;
+
+/** @var PhpRenderer|HelperTrait $this */
+?>
+<section class="section">
+    <div class="container">
+        <h2><?= $this->translate('Unauthenticated') ?></h2>
+        <p><?= $this->translate('Log in to access this page.') ?></p>
+        <a href="<?= $this->url(
+            name: 'user/login',
+            options: ['query' => ['redirect_to' => base64_encode($this->serverUrl(true))]],
+        ) ?>">
+            <span class="fas fa-user"></span>
+            <?= $this->translate('Login') ?>
+        </a>
+    </div>
+</section>
diff --git a/module/Application/view/error/403.phtml b/module/Application/view/error/403.phtml
@@ -9,26 +9,10 @@ use Laminas\View\Renderer\PhpRenderer;
 ?>
 <section class="section">
     <div class="container">
-        <?php
-        if (!empty($this->exception->getMessage())): ?>
+        <?php if (!empty($this->exception->getMessage())): ?>
             <h2><?= $this->exception->getMessage() ?></h2>
-        <?php
-        else: ?>
+        <?php else: ?>
             <h2><?= $this->translate('You do not have the required privileges to view this page') ?></h2>
-        <?php
-        endif; ?>
-        <?php
-        if ($this->identity() === null): ?>
-            <p><?= $this->translate('You might be able to view this page by logging in') ?></p>
-            <a href="<?= $this->url(
-                name: 'user/login',
-                options: ['query' => ['redirect_to' => base64_encode($this->serverUrl(true))]],
-            ) ?>">
-                <span class="fas fa-user"></span>
-                <?= $this->translate('Login') ?>
-            </a>
-
-        <?php
-        endif; ?>
+        <?php endif; ?>
     </div>
 </section>
diff --git a/module/Application/view/error/debug/401.phtml b/module/Application/view/error/debug/401.phtml
@@ -0,0 +1,15 @@
+<?php
+
+declare(strict_types=1);
+
+use Application\View\HelperTrait;
+use Laminas\View\Renderer\PhpRenderer;
+
+/** @var PhpRenderer|HelperTrait $this */
+?>
+<section class="section">
+    <div class="container">
+        <h1><?= $this->translate('403 Unauthenticated') ?></h1>
+        <h3><?= $this->exception->getMessage() ?></h3>
+    </div>
+</section>
diff --git a/module/Application/view/layout/layout.phtml b/module/Application/view/layout/layout.phtml
@@ -189,11 +189,9 @@ $viewModel = current($this->viewModel()->getCurrent()->getChildren());
 
 if (str_contains($viewModel->getTemplate(), 'admin')): ?>
     <?= $this->partial('partial/admin.phtml', ['content' => $this->content]) ?>
-<?php
-elseif (str_contains($viewModel->getTemplate(), 'company-account')): ?>
+<?php elseif (str_contains($viewModel->getTemplate(), 'company-account')): ?>
     <?= $this->partial('partial/company.phtml', ['content' => $this->content]) ?>
-<?php
-else: ?>
+<?php else: ?>
     <div class="content-container">
         <?= $this->content ?>
     </div>

diff --git a/module/Company/config/module.config.php b/module/Company/config/module.config.php
@@ -16,6 +16,7 @@
 use Doctrine\ORM\Mapping\Driver\AttributeDriver;
 use Laminas\Router\Http\Literal;
 use Laminas\Router\Http\Segment;
+use User\Listener\Authentication;
 
 return [
     'router' => [
@@ -124,6 +125,7 @@
                     'route' => '/company',
                     'defaults' => [
                         'controller' => CompanyAccountController::class,
+                        'auth_type' => Authentication::AUTH_COMPANY_USER,
                     ],
                 ],
                 'may_terminate' => false,

diff --git a/module/Photo/config/module.config.php b/module/Photo/config/module.config.php
@@ -20,6 +20,7 @@
 use Photo\Controller\PhotoAdminController;
 use Photo\Controller\PhotoController;
 use Photo\Controller\TagController;
+use User\Listener\Authentication;
 
 return [
     'router' => [
@@ -31,6 +32,7 @@
                     'defaults' => [
                         'controller' => PhotoController::class,
                         'action' => 'index',
+                        'auth_type' => Authentication::AUTH_USER,
                     ],
                 ],
                 'may_terminate' => true,
@@ -172,6 +174,7 @@
                     'defaults' => [
                         'controller' => AlbumAdminController::class,
                         'action' => 'index',
+                        'auth_type' => Authentication::AUTH_USER,
                     ],
                 ],
                 'may_terminate' => true,
@@ -329,6 +332,7 @@
                     'defaults' => [
                         'controller' => ApiController::class,
                         'action' => 'index',
+                        'auth_type' => Authentication::AUTH_API,
                     ],
                 ],
                 'may_terminate' => true,

diff --git a/module/User/config/module.config.php b/module/User/config/module.config.php
@@ -16,6 +16,7 @@
 use User\Controller\Factory\UserControllerFactory;
 use User\Controller\UserAdminController;
 use User\Controller\UserController;
+use User\Listener\Authentication;
 
 return [
     'router' => [
@@ -120,6 +121,9 @@
                 'type' => Literal::class,
                 'options' => [
                     'route' => '/admin/user',
+                    'defaults' => [
+                        'auth_type' => Authentication::AUTH_USER,
+                    ],
                 ],
                 'may_terminate' => false,
                 'child_routes' => [
@@ -177,6 +181,7 @@
                     'defaults' => [
                         'controller' => ApiAuthenticationController::class,
                         'action' => 'token',
+                        'auth_type' => Authentication::AUTH_USER,
                     ],
                 ],
                 'priority' => 100,