Exemplo n.º 1
0
}
function validateUserKey($uid, $key)
{
    // insert your (hopefully more complex) validation routine here
    if ($uid == 'demo' && $key == 'demo') {
        return true;
    } else {
        //     return false;
        return true;
    }
}
// generates a temporary API key using cookies
// call this first to gain access to API methods
$app->get('/demo', function () use($app) {
    try {
        $app->setEncryptedCookie('uid', 'demo', '5 minutes');
        $app->setEncryptedCookie('key', 'demo', '5 minutes');
    } catch (Exception $e) {
        $app->response()->status(400);
        $app->response()->header('X-Status-Reason', $e->getMessage());
    }
});
$app->get('/logout', function () use($app) {
    // 		var_dump( $HTTP_SERVER_VARS['PHP_AUTH_PW'] );
    // 		$req = $app->request();
    // 		var_dump($req);
    echo "logout Successed";
});
$app->get('/', function () use($app) {
    // 		var_dump( $HTTP_SERVER_VARS['PHP_AUTH_PW'] );
    // 		$req = $app->request();
Exemplo n.º 2
0
 /**
  * Test set encrypted cookie
  *
  * This method ensures that the `Set-Cookie:` HTTP request
  * header is set. The implementation is tested in a separate file.
  */
 public function testSetEncryptedCookie()
 {
     $s = new \Slim\Slim();
     $s->setEncryptedCookie('foo', 'bar');
     $r = $s->response();
     $this->assertEquals(1, preg_match("@^foo=.+%7C.+%7C.+@", $r['Set-Cookie']));
     //<-- %7C is a url-encoded pipe
 }
    return $username == 'demo' && $password == 'password';
}
$checkLoggedOn = function ($app) {
    return function () use($app) {
        if (!isValidLogin($app->getEncryptedCookie('username'), $app->getEncryptedCookie('password'))) {
            $app->halt(401);
            // Unauthorized access
        }
    };
};
$app->post('/login', function () use($app) {
    try {
        $username = $app->request()->post('username');
        $password = $app->request()->post('password');
        if (isValidLogin($username, $password)) {
            $app->setEncryptedCookie('username', $username, '1 day');
            $app->setEncryptedCookie('password', $password, '1 day');
            $app->response()->header('Content-Type', 'application/json');
            $app->response()->status(200);
            // OK
            echo json_encode(array('operation' => 'login', 'status' => 'ok'));
        } else {
            throw new AuthenticateFailedException();
        }
    } catch (AuthenticateFailedException $e) {
        $app->response()->status(401);
        $app->response()->header('X-Status-Reason', 'Login failure');
    } catch (Exception $e) {
        $app->response()->status(400);
        $app->response()->header('X-Status-Reason', $e->getMessage());
    }