public function routerShutdown(\Yaf\Request_Abstract $request, \Yaf\Response_Abstract $response) { if ($request->controller == 'Api' && \Core\KEY::get('_IS_AUTHORIZED')) { $_REQUEST = \Core\KEY::get('_REQUEST'); $_APP = \Core\KEY::get('_APP'); //AUTHORIZE START --> //授权, with service, method, token if ($_APP != FALSE && \Process\AuthorizeModel::authorize($_REQUEST['api']['service'], $_REQUEST['api']['method'], $_APP['role'])) { //授权成功 \Core\KEY::set('_IS_AUTHORIZED', TRUE); } else { throw new \Exception('PERMISSION_DENIED'); } //AUTHORIZE END <-- } }
public function routerShutdown(\Yaf\Request_Abstract $request, \Yaf\Response_Abstract $response) { if ($request->controller == 'Api') { $_REQUEST = \Core\KEY::get('_REQUEST'); \Core\KEY::set('_IS_AUTHORIZED', FALSE); //AUTHENTICATE START --> //应用认证,appkey,appsecret,ip,count from authorize_config.ini $_APP = \Process\AuthorizeModel::authenticate($_REQUEST['access-token'], $_REQUEST['client-ip']); if (empty($_APP) || $_APP == FALSE) { throw new \Exception('AUTHENTICATE_FAILURE'); } else { \Core\KEY::set('_IS_AUTHORIZED', TRUE); \Core\KEY::set('_APP', $_APP); } //AUTHENTICATE END <-- } }