public function beforeExecuteRoute(Event $event, Dispatcher $dispatcher)
{
try {
// read class annotation
$class_annotation = $this->annotations->get($dispatcher->getHandlerClass())->getClassAnnotations();
$api_annotation = $class_annotation->get("Api");
// read method annotation
$method_annotation = $this->annotations->getMethod($dispatcher->getHandlerClass(), $dispatcher->getActiveMethod());
$engine = new SecurityEngine();
// check API key
$key = $engine->checkKeyLevel($this->request->getHeader("HTTP_X_API_KEY"), $api_annotation);
// check authentication if exist
$engine->checkAuth($method_annotation);
// check IP whitelist
$engine->checkWhitelist($method_annotation);
$hasLimit = $api_annotation->hasNamedArgument("limits") || $method_annotation->has("Limit");
// check limit
if (!$key->getIgnoreLimit() && $hasLimit) {
$engine->checkKeyLimitOnClass($key, $api_annotation->getNamedArgument("limits"));
$engine->checkMethodLimitByKey($key, $method_annotation->get("Limit")->getArguments());
}
// write logs to db
$engine->log($key->getApiKeyId(), $this->request->getClientAddress(), $this->request->getMethod(), $this->request->get("_url"));
} catch (PhalconException $e) {
$this->apiResponse->withError($e->getMessage(), $e->getCode());
return false;
}
return true;
}
