/**
* @param Request $request
* @throws Exception
*/
public static function route(Request $request)
{
$controller = ucfirst($request->getController()) . 'Controller';
$method = $request->getMethod();
$controllerFile = BASE_PATH . 'controllers/' . $controller . '.php';
$controllerName = 'App\\Controllers\\' . $controller;
if (is_readable($controllerFile)) {
$controller = new $controllerName();
if (!is_callable(array($controller, $method))) {
throw new Exception("No {$method} Method");
}
call_user_func_array(array($controller, $method), $request->getArgs());
} else {
throw new Exception('404 - ' . $request->getController() . ' not found');
}
}
public function isAuthorizedForRoute(Request $request, Route $route, $params)
{
if (is_null($route->tokenLevel) || count($route->tokenLevel) == 0) {
return true;
}
$authorization = explode(' ', $request->headers['AUTHORIZATION']);
if (count($authorization) != 2 || strlen($authorization[1]) != 32) {
return JsonErrorResponse::fromKey(JsonErrorResponse::INVALID_TOKEN);
}
$value = $authorization[1];
$token = $this->getTokenRepository()->getToken($value);
if (is_null($token)) {
return JsonErrorResponse::fromKey(JsonErrorResponse::INVALID_TOKEN);
}
if ($token->ip !== $request->getClientIp()) {
return JsonErrorResponse::fromKey(JsonErrorResponse::INVALID_TOKEN);
}
if ($token->scope === 'level1' && !is_null($token->customerId) && isset($params['id']) && $params['id'] != $token->customerId) {
return JsonErrorResponse::fromKey(JsonErrorResponse::UNAUTHORIZED_REQUEST);
}
if (in_array($token->scope, $route->tokenLevel)) {
return true;
}
return JsonErrorResponse::fromKey(JsonErrorResponse::UNAUTHORIZED_REQUEST);
}
protected function dispatch(Request $request)
{
$method = $request->getMethod();
$pathInfo = substr($request->getPathInfo(), strlen($this->basePath));
return $this->handleDispatcherResponse($this->getDispatcher()->dispatch($method, $pathInfo), $request);
}
