/** * Check wheter client is authorized and returns Response object with autorization request if not * @return mixed Response object if client is not authorized, otherwise nothing */ private function verifyAuthentication() { $authenticated = false; $headers = getallheaders(); if (isset($headers['Authorization'])) { $token = str_replace('Token ', '', $headers['Authorization']); $authenticated = token::verify($token); } if ($authenticated === false) { $response = new Response(); $response->setStatus(401, 'Unauthorized')->addHeaders('WWW-Authenticate: Token'); return $response; } }