In PHP 7.X I was able to send extra data from my filter to the Controller:
My app uses bearer token authentication via this Filter. If the token is valid I return the original request and include the user's id:
<?php
namespace App\Filters;
use CodeIgniter\API\ResponseTrait;
use CodeIgniter\Filters\FilterInterface;
use CodeIgniter\HTTP\RequestInterface;
use CodeIgniter\HTTP\ResponseInterface;
use Config\Services;
class AuthFilter implements FilterInterface {
use ResponseTrait;
public function before(RequestInterface $request, $arguments = null) {
if ($request->hasHeader('Authorization')) {
helper('my_cors_helper');
$frontendBaseUrl = checkFrontendBaseUrl();
$token = "";
$token = str_replace(['Bearer ', 'bearer '], "", $request->header('Authorization')->getValue());
$userModel = new \App\Models\UserModel();
$user = $userModel->where('token', $token)->first();
if (!$user) {
return Services::response()
->setHeader("Access-Control-Allow-Origin", $frontendBaseUrl)
->setHeader("Access-Control-Allow-Methods", "GET, PUT, POST, DELETE, PATCH, OPTIONS")
->setJSON([ 'message' => "Access denied", "type"=> "ACCESS_DENIDED"])
->setStatusCode(ResponseInterface::HTTP_UNAUTHORIZED);
}
$userModel->update($user['id'], ['last_activity' => date('Y-m-d H:i:s')]);
$request->user_id = $user['id'];
return $request;
} else {
return Services::response()
->setHeader("Access-Control-Allow-Origin", $frontendBaseUrl)
->setHeader("Access-Control-Allow-Methods", "GET, PUT, POST, DELETE, PATCH, OPTIONS")
->setJSON([ 'message' => "Access denied", "type"=> "ACCESS_DENIDED"])
->setStatusCode(ResponseInterface::HTTP_UNAUTHORIZED);
}
}
public function after(RequestInterface $request, ResponseInterface $response, $arguments = null) {
}
}
After switching to PHP 8.1, I'm unable to set the user's id:
$request->user_id = $user['id'];
Because "Creation of dynamic property is deprecated in PHP 8.1"
As a quick fix I modified the Codeigniter\HTTP\Request class - I've introduced a public $user_id property.
I don't like modifying a file inside the Vendor folder, because it is not how you should do it.
What is the correct way please?
In PHP 7.X I was able to send extra data from my filter to the Controller:
My app uses bearer token authentication via this Filter. If the token is valid I return the original request and include the user's id:
<?php
namespace App\Filters;
use CodeIgniter\API\ResponseTrait;
use CodeIgniter\Filters\FilterInterface;
use CodeIgniter\HTTP\RequestInterface;
use CodeIgniter\HTTP\ResponseInterface;
use Config\Services;
class AuthFilter implements FilterInterface {
use ResponseTrait;
public function before(RequestInterface $request, $arguments = null) {
if ($request->hasHeader('Authorization')) {
helper('my_cors_helper');
$frontendBaseUrl = checkFrontendBaseUrl();
$token = "";
$token = str_replace(['Bearer ', 'bearer '], "", $request->header('Authorization')->getValue());
$userModel = new \App\Models\UserModel();
$user = $userModel->where('token', $token)->first();
if (!$user) {
return Services::response()
->setHeader("Access-Control-Allow-Origin", $frontendBaseUrl)
->setHeader("Access-Control-Allow-Methods", "GET, PUT, POST, DELETE, PATCH, OPTIONS")
->setJSON([ 'message' => "Access denied", "type"=> "ACCESS_DENIDED"])
->setStatusCode(ResponseInterface::HTTP_UNAUTHORIZED);
}
$userModel->update($user['id'], ['last_activity' => date('Y-m-d H:i:s')]);
$request->user_id = $user['id'];
return $request;
} else {
return Services::response()
->setHeader("Access-Control-Allow-Origin", $frontendBaseUrl)
->setHeader("Access-Control-Allow-Methods", "GET, PUT, POST, DELETE, PATCH, OPTIONS")
->setJSON([ 'message' => "Access denied", "type"=> "ACCESS_DENIDED"])
->setStatusCode(ResponseInterface::HTTP_UNAUTHORIZED);
}
}
public function after(RequestInterface $request, ResponseInterface $response, $arguments = null) {
}
}
After switching to PHP 8.1, I'm unable to set the user's id:
$request->user_id = $user['id'];
Because "Creation of dynamic property is deprecated in PHP 8.1"
As a quick fix I modified the Codeigniter\HTTP\Request class - I've introduced a public $user_id property.
I don't like modifying a file inside the Vendor folder, because it is not how you should do it.
What is the correct way please?
Share Improve this question edited Nov 19, 2024 at 10:59 DarkBee 15.5k8 gold badges72 silver badges118 bronze badges asked Nov 18, 2024 at 16:42 DusanDusan 3,4986 gold badges31 silver badges54 bronze badges 6- Are you using the latest version of CI? – Barmar Commented Nov 18, 2024 at 17:05
- No, my version is 4.2.10. Could that be the issue? – Dusan Commented Nov 18, 2024 at 17:23
- Possibly, that's 2 years old. – Barmar Commented Nov 18, 2024 at 17:29
- github/bcit-ci/CodeIgniter/pull/6193 – Barmar Commented Nov 18, 2024 at 17:33
- Updating the codeigniter to the latest version helped me, but I can still see the warnings in the writeble/debugbar log files. I'm trying to solve it the right way – Dusan Commented Nov 18, 2024 at 18:13
1 Answer
Reset to default 1One way to don't get deprecation warnings is to extend the the IncomingRequest class:
<?php
namespace App\HTTP;
use CodeIgniter\HTTP\IncomingRequest;
class MyRequest extends IncomingRequest {
public $user_id;
}
And then set up the custom request in Config\Services.php:
<?php
namespace Config;
use App\HTTP\MyRequest;
use CodeIgniter\Config\BaseService;
use CodeIgniter\HTTP\UserAgent;
class Services extends BaseService {
public static function request(App $config = null, bool $getShared = true) {
if ($getShared) {
return static::getSharedInstance('request', $config);
}
$uri = static::uri();
$userAgent = new UserAgent();
$config = $config ?? config('App');
return new MyRequest($config, $uri, 'php://input', $userAgent);
}
}