<?php require_once __DIR__ . '/../common/php/constants/global_defines.php'; require_once PHP_CLASSES_DIR . 'net/CurlRequest.php'; require_once PHP_CLASSES_DIR . 'net/ApiController.php'; // Parses API URL and redirects the request to the proper interface // Get request data, including cookies $str_ServerName = $_SERVER['HTTP_HOST']; $str_RequestURL = $_SERVER['REQUEST_URI']; $str_RequestMethod = $_SERVER['REQUEST_METHOD']; // If the cookies are not set, the request is automatically aborted if (isset($_COOKIE['GawainSessionID']) && isset($_COOKIE['GawainUser'])) { $str_SessionID = $_COOKIE['GawainSessionID']; $str_User = $_COOKIE['GawainUser']; // If the user authentication is not valid, the request is automatically aborted $obj_UserAuthManager = new UserAuthManager(); if (!$obj_UserAuthManager->isAuthenticated($str_User, $str_SessionID)) { header('Gawain-Response: Unauthorized', 0, 401); exit; } } else { header('Gawain-Response: Unauthorized', 0, 401); exit; } /*$str_SessionID = 'AAA'; $str_User = '******';*/ // Parse the URL with regex to get entity, ID and method $rgx_UrlPattern = '/(.+)\\/rest-api\\/(\\w+)\\/?(\\d*)\\/?(\\w*)/'; preg_match($rgx_UrlPattern, $str_RequestURL, $arr_ParsedPath); $str_ServerURL = $arr_ParsedPath[1]; $str_Entity = $arr_ParsedPath[2];
/** Checks if the user credentials are correct * * @param boolean $bool_SendHeader * @return boolean */ public static function checkPermissions($bool_SendHeader = FALSE) { // If the cookies are not set, the request is automatically aborted if (isset($_COOKIE['GawainSessionID']) && isset($_COOKIE['GawainUser'])) { $str_SessionID = $_COOKIE['GawainSessionID']; $str_User = $_COOKIE['GawainUser']; // If the user authentication is not valid, the request is automatically aborted $obj_UserAuthManager = new UserAuthManager(); if (!$obj_UserAuthManager->isAuthenticated($str_User, $str_SessionID)) { if ($bool_SendHeader) { header('Gawain-Response: Unauthorized', 0, 401); } return FALSE; } else { return TRUE; } } else { if ($bool_SendHeader) { header('Gawain-Response: Unauthorized', 0, 401); } return FALSE; } }