class DisallowJwtAuthRequests in JSON Web Token Authentication (JWT) 8
Same name and namespace in other branches
- 8.0 src/PageCache/DisallowJwtAuthRequests.php \Drupal\jwt\PageCache\DisallowJwtAuthRequests
Cache policy for pages served from JWT auth.
This policy disallows caching of requests that use jwt_auth for security reasons. Otherwise responses for authenticated requests can get into the page cache and could be delivered to unprivileged users.
Hierarchy
- class \Drupal\jwt\PageCache\DisallowJwtAuthRequests implements RequestPolicyInterface
Expanded class hierarchy of DisallowJwtAuthRequests
1 string reference to 'DisallowJwtAuthRequests'
1 service uses DisallowJwtAuthRequests
File
- src/
PageCache/ DisallowJwtAuthRequests.php, line 16
Namespace
Drupal\jwt\PageCacheView source
class DisallowJwtAuthRequests implements RequestPolicyInterface {
/**
* {@inheritdoc}
*/
public function check(Request $request) {
if (JwtAuth::getJwtFromRequest($request)) {
return self::DENY;
}
return NULL;
}
}
Members
Name | Modifiers | Type | Description | Overrides |
---|---|---|---|---|
DisallowJwtAuthRequests:: |
public | function |
Determines whether delivery of a cached page should be attempted. Overrides RequestPolicyInterface:: |
|
RequestPolicyInterface:: |
constant | Allow delivery of cached pages. | ||
RequestPolicyInterface:: |
constant | Deny delivery of cached pages. |