public function routerShutdown(\Yaf\Request_Abstract $request, \Yaf\Response_Abstract $response)
{
if ($request->controller == 'Api' && \Core\KEY::get('_IS_AUTHORIZED')) {
$_REQUEST = \Core\KEY::get('_REQUEST');
$_APP = \Core\KEY::get('_APP');
//AUTHORIZE START -->
//授权, with service, method, token
if ($_APP != FALSE && \Process\AuthorizeModel::authorize($_REQUEST['api']['service'], $_REQUEST['api']['method'], $_APP['role'])) {
//授权成功
\Core\KEY::set('_IS_AUTHORIZED', TRUE);
} else {
throw new \Exception('PERMISSION_DENIED');
}
//AUTHORIZE END <--
}
}
public function routerShutdown(\Yaf\Request_Abstract $request, \Yaf\Response_Abstract $response)
{
if ($request->controller == 'Api') {
$_REQUEST = \Core\KEY::get('_REQUEST');
\Core\KEY::set('_IS_AUTHORIZED', FALSE);
//AUTHENTICATE START -->
//应用认证,appkey,appsecret,ip,count from authorize_config.ini
$_APP = \Process\AuthorizeModel::authenticate($_REQUEST['access-token'], $_REQUEST['client-ip']);
if (empty($_APP) || $_APP == FALSE) {
throw new \Exception('AUTHENTICATE_FAILURE');
} else {
\Core\KEY::set('_IS_AUTHORIZED', TRUE);
\Core\KEY::set('_APP', $_APP);
}
//AUTHENTICATE END <--
}
}
