$routeName = $app->router()->getCurrentRoute()->getName(); if (!in_array($routeName, $authAndNonceRouteWhitelist)) { /** Enforce required authentication. */ if (!Auth::loggedIn()) { $app->halt(401, "You must be logged in to access the API."); } /** Enforce required request nonces. */ if (!$requestNonceProvider->requestHasValidNonce()) { if ('development' !== DIRECTUS_ENV) { $app->halt(401, "Invalid request (nonce)."); } } /** Include new request nonces in the response headers */ $response = $app->response(); $newNonces = $requestNonceProvider->getNewNoncesThisRequest(); $nonce_options = $requestNonceProvider->getOptions(); $response[$nonce_options['nonce_response_header']] = implode($newNonces, ","); } }); /** * Bootstrap Providers */ /** * @var \Zend\Db\Adapter */ $ZendDb = Bootstrap::get('ZendDb'); /** * @var \Directus\Acl */ $acl = Bootstrap::get('acl'); /**
function getNonces() { $requestNonceProvider = new RequestNonceProvider(); $nonces = array_merge($requestNonceProvider->getOptions(), array('pool' => $requestNonceProvider->getAllNonces())); return $nonces; }