public function checkKeyLevel($api_key, $api_annotation) { $key = ApiKeysModel::findFirst("key = '{$api_key}'"); // check if api key exist and it has sufficent level to access resource if (!$key || $key->getLevel() < $api_annotation->getNamedArgument("level")) { throw new InvalidApiKey("Invalid API key", 403); } return $key; }
private function generateApiKey() { $factory = new \RandomLib\Factory(); $generator = $factory->getGenerator(new \SecurityLib\Strength(\SecurityLib\Strength::MEDIUM)); $key = $generator->generateString(32, "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"); while (true) { $apiKey = ApiKeysModel::findFirst("key = '{$key}'"); if (!$apiKey) { break; } $key = $generator->generateString(32); } return $key; }
public function transform(ApiKeysModel $data) { return ["id" => (int) $data->getApiKeyId(), "key" => $data->getKey(), "level" => $data->getLevel(), "ignore_limit" => $data->getIgnoreLimit(), "created_at" => ["date" => $data->getCreatedAt(), "timezone" => date_default_timezone_get()], "updated_at" => ["date" => $data->getUpdatedAt(), "timezone" => date_default_timezone_get()]]; }