Пример #1
0
 public function __invoke(array $input)
 {
     if (!$this->auth->authorizeEndpoint('ListEmployees')) {
         return $this->auth->errorPayload;
     }
     $employees = User::where(['role' => 'employee'])->get(['id', 'name', 'role', 'email', 'phone', 'created_at', 'updated_at']);
     return (new Payload())->withStatus(Payload::OK)->withOutput($employees->toArray());
 }
Пример #2
0
 public function authorizeEndpoint($required_permission)
 {
     if (isset($_SERVER['PHP_AUTH_USER']) || isset($_SERVER['PHP_AUTH_PW'])) {
         $email = $_SERVER['PHP_AUTH_USER'];
         $provided_password = $_SERVER['PHP_AUTH_PW'];
         $this->User = User::where('email', $email)->first();
         if (!$this->User) {
             $this->errorPayload = self::invalidCredentialsResponse();
             return false;
         }
         if (!$this->User->correctPassword($provided_password)) {
             $this->errorPayload = self::invalidCredentialsResponse();
             return false;
         }
         if ($required_permission && !$this->hasPermission($required_permission)) {
             $this->errorPayload = self::unauthorizedEndpointResponse();
             return false;
         }
     } else {
         $this->errorPayload = self::credentialsRequiredResponse();
         return false;
     }
     return true;
 }