예제 #1
0
 /**
  * Setup Middleware ApiKey
  * request is available if api-key exists
  * header must be contains
  * WWW-Authorization : base64(username/password)
  * API-Token : Token
  */
 public function call()
 {
     $unprotectedURIs = ['login', 'create-api-token', 'register'];
     $request = $this->app->request();
     $headers = $request->headers;
     $response = $this->app->response();
     $apiKey = $headers->get('API-Token');
     $authorization = $headers->get('WWW-Authorization');
     $currentRoute = $this->app->request()->getPathInfo();
     foreach ($unprotectedURIs as $value) {
         if (strpos($currentRoute, $value) !== false) {
             $this->next->call();
             return;
         }
     }
     $session = new APITokenAuth($this->app);
     // go ahead if the sessionid is valid
     if ($session->isApiKeyUserPassValid($apiKey, $authorization)) {
         $this->next->call();
         return;
     }
     $response['Content-type'] = 'application/json';
     $response->setBody(json_encode(['errmsg' => 'Authentication invalid']));
     $response->status(401);
     return;
 }
 /**
  * Setup Middleware ApiKey
  * request is available if api-key exists
  * header must be contains
  * WWW-Authorization : base64(username/password)
  * API-Token : Token
  */
 public function call()
 {
     $request = $this->app->request();
     $headers = $request->headers;
     $response = $this->app->response();
     $apiKey = $headers->get('API-Token');
     $authorization = $headers->get('WWW-Authorization');
     $session = new APITokenAuth($this->app);
     if ($this->unprotectedURIs) {
         $this->next->call();
         return;
     }
     // go ahead if the sessionid is valid
     if ($session->isApiKeyUserPassValid($apiKey, $authorization)) {
         $this->next->call();
         return;
     }
     $response['Content-type'] = 'application/json';
     $response->setBody(json_encode(['errmsg' => 'Authentication invalid']));
     $response->status(401);
     return;
 }