style: auto-fix 1340 phpcs PSR-12 violations via phpcbf; exclude MissingNamespace and SideEffects

middleware/AuthMiddleware.php

@@ -1,14 +1,18 @@
 <?php
+
 /**
  * AuthMiddleware - Handles authentication via Authelia forward auth headers
  */
+
 require_once dirname(__DIR__) . '/models/UserModel.php';
 
-class AuthMiddleware {
+class AuthMiddleware
+{
     private $userModel;
     private $conn;
 
-    public function __construct($conn) {
+    public function __construct($conn)
+    {
         $this->conn = $conn;
         $this->userModel = new UserModel($conn);
     }
@@ -19,7 +23,8 @@ class AuthMiddleware {
      * @param string $event Event type (e.g., 'auth_required', 'access_denied', 'session_expired')
      * @param array $context Additional context data
      */
-    private function logSecurityEvent(string $event, array $context = []): void {
+    private function logSecurityEvent(string $event, array $context = []): void
+    {
         $logData = [
             'event' => $event,
             'ip' => $_SERVER['REMOTE_ADDR'] ?? 'unknown',
@@ -52,7 +57,8 @@ class AuthMiddleware {
      * @return array User data array
      * @throws Exception if authentication fails
      */
-    public function authenticate() {
+    public function authenticate()
+    {
         // Start session if not already started with secure settings
         if (session_status() === PHP_SESSION_NONE) {
             // Configure secure session settings
@@ -136,7 +142,8 @@ class AuthMiddleware {
      * @param string $header Header name
      * @return string|null Header value or null if not set
      */
-    private function getHeader($header) {
+    private function getHeader($header)
+    {
         if (isset($_SERVER[$header])) {
             return $_SERVER[$header];
         }
@@ -149,7 +156,8 @@ class AuthMiddleware {
      * @param string $groups Comma-separated group names
      * @return bool True if user has access
      */
-    private function checkGroupAccess($groups) {
+    private function checkGroupAccess($groups)
+    {
         if (empty($groups)) {
             return false;
         }
@@ -158,7 +166,9 @@ class AuthMiddleware {
         // Filter to safe characters only to prevent header injection attacks
         $userGroups = array_filter(
             array_map('trim', explode(',', strtolower($groups))),
-            function($g) { return preg_match('/^[a-z0-9_\-]+$/', $g); }
+            function ($g) {
+                return preg_match('/^[a-z0-9_\-]+$/', $g);
+            }
         );
         $requiredGroups = ['admin', 'employee'];
 
@@ -168,7 +178,8 @@ class AuthMiddleware {
     /**
      * Redirect to Authelia login
      */
-    private function redirectToAuth() {
+    private function redirectToAuth()
+    {
         // Log unauthenticated access attempt
         $this->logSecurityEvent('auth_required', [
             'reason' => 'no_auth_headers'
@@ -237,7 +248,8 @@ class AuthMiddleware {
      * @param string $username Username
      * @param string $groups User groups
      */
-    private function showAccessDenied($username, $groups) {
+    private function showAccessDenied($username, $groups)
+    {
         // Log access denied event with user details
         $this->logSecurityEvent('access_denied', [
             'username' => $username,
@@ -308,7 +320,8 @@ class AuthMiddleware {
      *
      * @return array|null User data or null if not authenticated
      */
-    public static function getCurrentUser() {
+    public static function getCurrentUser()
+    {
         if (session_status() === PHP_SESSION_NONE) {
             session_start();
         }
@@ -319,7 +332,8 @@ class AuthMiddleware {
     /**
      * Logout current user
      */
-    public static function logout() {
+    public static function logout()
+    {
         if (session_status() === PHP_SESSION_NONE) {
             session_start();
         }