Skip to content
docsv0.1.0

LiveRequestEvent

PRE event: an HTTP live interaction has passed every security gate (method, CSRF, state-envelope signature/nonce verification, contract-based authorization) and is about to be dispatched to the component's own `handle()`. Dispatched by {@see \Milpa\Live\Http\LiveEndpoint::handle()} as `live.request`, ALWAYS alongside a {@see \Milpa\Events\InterceptionSlot}. **Security anchor (non-negotiable).** This event is dispatched strictly AFTER CSRF verification, state-envelope signature/nonce verification, and {@see \Milpa\Live\Contracts\Security\InteractionAuthorizerInterface::authorize()} have ALL already run and ALL already passed — never before. A listener subscribed to `live.request` only ever gets a turn once every gate has said yes; a short-circuit here can never be mistaken for an authorization bypass. See {@see \Milpa\Live\Http\LiveEndpoint::handle()} for the exact placement.

LiveRequestEvent::__construct()

public function __construct(Milpa\Live\ValueObjects\InteractionRequest $interaction, ?Milpa\Live\ValueObjects\SecurityPrincipal $principal = null):

Parameters

Parameters of __construct()
NameTypeDescription
$interactionMilpa\Live\ValueObjects\InteractionRequest
$principal?Milpa\Live\ValueObjects\SecurityPrincipal