+<?php
+
+/* vim: set expandtab tabstop=4 shiftwidth=4 softtabstop=4: */
+
+/**
+ * Galette CSRF middleware
+ *
+ * PHP version 5
+ *
+ * Copyright © 2021 The Galette Team
+ *
+ * This file is part of Galette (http://galette.tuxfamily.org).
+ *
+ * Galette is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * Galette is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with Galette. If not, see <http://www.gnu.org/licenses/>.
+ *
+ * @category Core
+ * @package Galette
+ *
+ * @author Johan Cwiklinski <johan@x-tnd.be>
+ * @copyright 2021 The Galette Team
+ * @license http://www.gnu.org/licenses/gpl-3.0.html GPL License 3.0 or (at your option) any later version
+ * @link http://galette.tuxfamily.org
+ * @since Available since 0.9.6dev - 2021-11-08
+ */
+
+namespace Galette\Middleware;
+
+use Psr\Http\Message\ServerRequestInterface as Request;
+use Psr\Http\Message\ResponseInterface as Response;
+use Analog\Analog;
+use DI\Container;
+
+/**
+ * Galette CSRF middleware
+ *
+ * @category Middleware
+ * @name SmartyCsrf
+ * @package Galette
+ * @author Johan Cwiklinski <johan@x-tnd.be>
+ * @copyright 2020 The Galette Team
+ * @license http://www.gnu.org/licenses/gpl-3.0.html GPL License 3.0 or (at your option) any later version
+ * @link http://galette.tuxfamily.org
+ * @since Available since 0.9.4dev - 2020-05-06
+ */
+class SmartyCsrf
+{
+ private $smarty;
+ private $csrf;
+
+ /**
+ * Constructor
+ *
+ * @param Container $container Container instance
+ */
+ public function __construct(Container $container)
+ {
+ $view = $container->get('Slim\Views\Smarty');
+ $this->smarty = $view->getSmarty();
+ $this->csrf = $container->get('csrf');
+ }
+
+ /**
+ * Middleware invokable class
+ *
+ * @param \Psr\Http\Message\ServerRequestInterface $request PSR7 request
+ * @param \Psr\Http\Message\ResponseInterface $response PSR7 response
+ * @param callable $next Next middleware
+ *
+ * @return \Psr\Http\Message\ResponseInterface
+ */
+ public function __invoke(Request $request, Response $response, $next): Response
+ {
+ $nameKey = $this->csrf->getTokenNameKey();
+ $valueKey = $this->csrf->getTokenValueKey();
+ $name = $request->getAttribute($nameKey);
+ $value = $request->getAttribute($valueKey);
+
+ $this->smarty->assign('csrf_name_key', $nameKey);
+ $this->smarty->assign('csrf_value_key', $valueKey);
+ $this->smarty->assign('csrf_name', $name);
+ $this->smarty->assign('csrf_value', $value);
+
+ return $next($request, $response);
+ }
+}