agent foundation

This commit is contained in:
2026-03-06 00:44:52 +01:00
parent 9819cba733
commit 9a08f96c11
199 changed files with 8522 additions and 1880 deletions

View File

@@ -9,8 +9,11 @@ use MintyPHP\Service\Access\AuthorizationService;
use MintyPHP\Service\Auth\AuthService;
use MintyPHP\Service\Tenant\TenantService;
// Session-based web auth guard. Enforces login and RBAC for page actions.
// For API token authentication, see ApiAuth instead.
class Guard
{
// Re-check tenant assignment at most once per minute to pick up permission changes without re-login.
private const TENANT_REFRESH_INTERVAL = 60;
/** @var (callable(): AuthService)|null */
private static $authServiceResolver = null;
@@ -56,7 +59,7 @@ class Guard
return;
}
// Current tenant was deleted, refresh session data
// Current tenant was deleted reload session so the user is switched to another active tenant or logged out.
$userId = (int) ($_SESSION['user']['id'] ?? 0);
if ($userId > 0) {
self::authService()->loadTenantDataIntoSession($userId);
@@ -106,6 +109,7 @@ class Guard
...$context,
]);
if (!$decision->isAllowed()) {
// JSON requests get a 403/404 response body; browser requests get a redirect to the forbidden page.
if (Request::wantsJson()) {
http_response_code($decision->status());
header('Content-Type: application/json; charset=utf-8');