/**
* Adding Middle Layer to authenticate every request
* Checking if the request has valid api key in the 'Authorization' header
*/
function authenticate(\Slim\Route $route)
{
// Getting request headers
$headers = apache_request_headers();
$response = array();
$app = \Slim\Slim::getInstance();
// Verifying Authorization Header
if (isset($headers['Authorization'])) {
$db = new DbHandlerAccount();
// get the api key
$api_key = $headers['Authorization'];
// validating api key
if (!$db->isValidApiKey($api_key)) {
// api key is not present in users table
$response["error"] = true;
$response["message"] = "Access Denied. Invalid Api key";
echoRespnse(401, $response);
$app->stop();
} else {
global $user_id;
// get user primary key id
$user = $db->getUserId($api_key);
if ($user != NULL) {
$user_id = $user["id"];
}
}
} else {
// api key is missing in header
$response["error"] = true;
$response["message"] = "Api key is misssing";
echoRespnse(400, $response);
$app->stop();
}
}
echoRespnse(400, $response);
}
});
/**
* User Edit
* url - /User/edit
* method - POST
* params - email, password
*/
$app->put('/user/edit', 'authenticate', function () use($app) {
// check for required params
verifyRequiredParams(array('name', 'password'));
global $user_id;
$name = $app->request->put('name');
$password = $app->request->put('password');
$db = new DbHandlerAccount();
$response = array();
// updating task
$result = $db->editUser($user_id, $name, $password);
if ($result) {
// task updated successfully
$response["error"] = false;
$response["message"] = "User updated successfully";
echoRespnse(200, $response);
} else {
// task failed to update
$response["error"] = true;
$response["message"] = "User failed to update. Please try again!";
echoRespnse(400, $response);
}
});
