$routeName = $app->router()->getCurrentRoute()->getName();
if (!in_array($routeName, $authAndNonceRouteWhitelist)) {
/** Enforce required authentication. */
if (!Auth::loggedIn()) {
$app->halt(401, "You must be logged in to access the API.");
}
/** Enforce required request nonces. */
if (!$requestNonceProvider->requestHasValidNonce()) {
if ('development' !== DIRECTUS_ENV) {
$app->halt(401, "Invalid request (nonce).");
}
}
/** Include new request nonces in the response headers */
$response = $app->response();
$newNonces = $requestNonceProvider->getNewNoncesThisRequest();
$nonce_options = $requestNonceProvider->getOptions();
$response[$nonce_options['nonce_response_header']] = implode($newNonces, ",");
}
});
/**
* Bootstrap Providers
*/
/**
* @var \Zend\Db\Adapter
*/
$ZendDb = Bootstrap::get('ZendDb');
/**
* @var \Directus\Acl
*/
$acl = Bootstrap::get('acl');
/**
function getNonces()
{
$requestNonceProvider = new RequestNonceProvider();
$nonces = array_merge($requestNonceProvider->getOptions(), array('pool' => $requestNonceProvider->getAllNonces()));
return $nonces;
}
