public function __construct($app)
{
$app->post('/rest/logout/', function () use($app) {
$token = $app->request->headers("auth-token");
if (!isset($token) || empty($token)) {
$app->error();
}
AuthRepository::removeToken($token);
});
}
public function call()
{
$app = $this->getApplication();
if ($this->unprotectedUrls) {
foreach ($this->unprotectedUrls as $url => $method) {
if ($app->request->getMethod() == $method && preg_match("/" . $url . "/", $app->request->getPathInfo())) {
$this->next->call();
return;
}
}
}
$headers = array_change_key_case($this->headers, CASE_LOWER);
if (!isset($headers["auth-token"])) {
return $this->status403();
}
$token = $headers["auth-token"];
if (!AuthRepository::checkToken($token)) {
return $this->status403();
}
$this->next->call();
}