/**
* Returns details about currently logged session, if any
* @return array
*/
public function action_current()
{
$user_type = \Input::param('user_type') ?: 'Admin\\Model_User';
$scope = \Input::param('scope') ?: 'api';
if (\CMF\Auth::logged_in(null, $user_type)) {
// Find the logged in user and get an API key for it
$user = \CMF\Auth::current_user();
$key = $this->getKey($user, $user_type, $scope);
$user_data = $user->toArray();
unset($user_data['encrypted_password']);
return array('user' => $user_data, 'api_key' => $key->toArray());
}
throw new \HttpException('No valid session was found', \HttpException::NOT_FOUND);
}
public function authorise()
{
// If there's a valid session already, allow access
$user_type = \Input::param('user_type') ?: 'Admin\\Model_User';
if (\CMF\Auth::logged_in(null, $user_type)) {
return;
}
$auth = explode(' ', \Input::headers('Authorization', ' '));
$sent_key = \Arr::get($auth, 1);
// Try and find a valid key
$key = \CMF\Model\User\Apikey::select('item')->where('item.access_token = :key')->andWhere('item.expires_at > :now')->setParameter('key', $sent_key)->setParameter('now', new \DateTime())->getQuery()->getResult();
// Check the scope of the key, if one was found
if (count($key)) {
$key = $key[0];
if ($key->scope == 'api') {
return;
}
}
throw new \HttpException('Login Required', \HttpException::UNAUTHORIZED);
}
