static function isAuthenticated($app) { $post = $app->request->post(); if (!v::key('apiKey', v::stringType())->validate($post) || !v::key('apiToken', v::stringType())->validate($post)) { return array('authenticated' => false, 'msg' => 'Unauthenticated: Invalid request. Check your parameters and try again.'); } $user = AuthData::selectUserByIdentifierToken($post['apiKey']); if (!$user) { // Validate existing user return array('authenticated' => false, 'msg' => 'Unauthenticated: No User'); } else { if (!password_verify($post['apiToken'], $user->apiToken)) { // Validate Password return array('authenticated' => false, 'msg' => 'Unauthenticated: Invalid Cookie'); } } // Go now. Be free little brother. if (isset($user->apiKey)) { unset($user->apiKey); } if (isset($user->apiToken)) { unset($user->apiToken); } return array('authenticated' => true, 'user' => $user); }
private static function authorizeApiToken($app) { if (!v::key('apiKey', v::stringType())->validate($app->request->post()) || !v::key('apiToken', v::stringType())->validate($app->request->post())) { return false; } $user = AuthData::selectUserByIdentifierToken($app->request->post('apiKey')); if (!$user) { return "user"; } if (!password_verify($app->request->post('apiToken'), $user->apiToken)) { return "password"; } // Go now. Be free little brother. return $user->id; }