Esempio n. 1
0
<?php

require_once __DIR__ . '/../common/php/constants/global_defines.php';
require_once PHP_CLASSES_DIR . 'net/CurlRequest.php';
require_once PHP_CLASSES_DIR . 'net/ApiController.php';
// Parses API URL and redirects the request to the proper interface
// Get request data, including cookies
$str_ServerName = $_SERVER['HTTP_HOST'];
$str_RequestURL = $_SERVER['REQUEST_URI'];
$str_RequestMethod = $_SERVER['REQUEST_METHOD'];
// If the cookies are not set, the request is automatically aborted
if (isset($_COOKIE['GawainSessionID']) && isset($_COOKIE['GawainUser'])) {
    $str_SessionID = $_COOKIE['GawainSessionID'];
    $str_User = $_COOKIE['GawainUser'];
    // If the user authentication is not valid, the request is automatically aborted
    $obj_UserAuthManager = new UserAuthManager();
    if (!$obj_UserAuthManager->isAuthenticated($str_User, $str_SessionID)) {
        header('Gawain-Response: Unauthorized', 0, 401);
        exit;
    }
} else {
    header('Gawain-Response: Unauthorized', 0, 401);
    exit;
}
/*$str_SessionID = 'AAA';
$str_User = '******';*/
// Parse the URL with regex to get entity, ID and method
$rgx_UrlPattern = '/(.+)\\/rest-api\\/(\\w+)\\/?(\\d*)\\/?(\\w*)/';
preg_match($rgx_UrlPattern, $str_RequestURL, $arr_ParsedPath);
$str_ServerURL = $arr_ParsedPath[1];
$str_Entity = $arr_ParsedPath[2];
Esempio n. 2
0
 /** Checks if the user credentials are correct
  * 
  * @param boolean $bool_SendHeader
  * @return boolean
  */
 public static function checkPermissions($bool_SendHeader = FALSE)
 {
     // If the cookies are not set, the request is automatically aborted
     if (isset($_COOKIE['GawainSessionID']) && isset($_COOKIE['GawainUser'])) {
         $str_SessionID = $_COOKIE['GawainSessionID'];
         $str_User = $_COOKIE['GawainUser'];
         // If the user authentication is not valid, the request is automatically aborted
         $obj_UserAuthManager = new UserAuthManager();
         if (!$obj_UserAuthManager->isAuthenticated($str_User, $str_SessionID)) {
             if ($bool_SendHeader) {
                 header('Gawain-Response: Unauthorized', 0, 401);
             }
             return FALSE;
         } else {
             return TRUE;
         }
     } else {
         if ($bool_SendHeader) {
             header('Gawain-Response: Unauthorized', 0, 401);
         }
         return FALSE;
     }
 }