Corrected API authorization procedure.

This commit is contained in:
Alex Tselegidis 2016-07-09 12:24:52 +02:00
parent 57f5f70448
commit 512d56b7ea
3 changed files with 81 additions and 10 deletions

View file

@ -38,11 +38,16 @@ class API_V1_Controller extends CI_Controller {
return $this->_requestAuthentication(); return $this->_requestAuthentication();
} }
parent::__construct();
try {
$username = new NonEmptyString($_SERVER['PHP_AUTH_USER']); $username = new NonEmptyString($_SERVER['PHP_AUTH_USER']);
$password = new NonEmptyString($_SERVER['PHP_AUTH_PW']); $password = new NonEmptyString($_SERVER['PHP_AUTH_PW']);
$authorization = new \EA\Engine\Api\V1\Authorization($this); $authorization = new \EA\Engine\Api\V1\Authorization($this);
$authorization->basic($username, $password); $authorization->basic($username, $password);
parent::__construct(); } catch(\Exception $exception) {
$this->_handleException($exception);
}
} }
/** /**
@ -53,6 +58,29 @@ class API_V1_Controller extends CI_Controller {
header('HTTP/1.0 401 Unauthorized'); header('HTTP/1.0 401 Unauthorized');
echo 'You are not authorized to use the API.'; echo 'You are not authorized to use the API.';
} }
/**
* Outputs the required headers and messages for exception handling.
*
* Call this method from catch blocks of child controller callbacks.
*
* @param \Exception $exception Thrown exception to be outputed.
*/
protected function _handleException(\Exception $exception) {
$error = [
'code' => $exception->getCode() ?: 500,
'message'=> $exception->getMessage(),
];
$header = $exception instanceof \EA\Engine\Api\V1\Exception
? $exception->getCode() . ' ' . $exception->getHeader()
: '500 Internal Server Error';
header('HTTP/1.0 ' . $header);
header('Content-Type: application/json');
echo json_encode($error, JSON_UNESCAPED_SLASHES|JSON_PRETTY_PRINT);
}
} }
/* End of file API_V1_Controller.php */ /* End of file API_V1_Controller.php */

View file

@ -11,8 +11,45 @@
* @since v1.2.0 * @since v1.2.0
* ---------------------------------------------------------------------------- */ * ---------------------------------------------------------------------------- */
namespace \EA\Engine\Api\V1; namespace EA\Engine\Api\V1;
use \EA\Engine\Types\NonEmptyString;
/**
* API v1 Authorization Class
*
* This class will handle the authorization procedure.
*/
class Authorization { class Authorization {
/**
* Framework Instance
*
* @var CI_Controller
*/
protected $framework;
/**
* Class Constructor
*
* @param \CI_Controller $framework
*/
public function __construct(\CI_Controller $framework) {
$this->framework = $framework;
}
/**
* Perform Basic Authentication
*
* @param NonEmptyString $username Admin Username
* @param NonEmptyString $password Admin Password
*
* @throws \EA\Engine\Api\V1\Exception Throws 401-Unauthorized exception if the authentication fails.
*/
public function basic(NonEmptyString $username, NonEmptyString $password) {
$this->framework->load->model('user_model');
if (!$this->framework->user_model->check_login($username->get(), $password->get())) {
throw new Exception('The provided credentials do not match any admin user!', 401, 'Unauthorized');
}
}
} }

View file

@ -11,10 +11,16 @@
* @since v1.2.0 * @since v1.2.0
* ---------------------------------------------------------------------------- */ * ---------------------------------------------------------------------------- */
namespace \EA\Engine\Api\V1; namespace EA\Engine\Api\V1;
use PHPUnit\Framework\TestCase; use \EA\Engine\Types\NonEmptyString;
class AuthorizationTest extends \TestCase {
class AuthorizationTest extends \PHPUnit_Framework_TestCase {
public function testBasicMethodPerformsBasicAuthentication() {
$this->markTestIncomplete();
}
public function testBasicMethodReturnsForbiddenResponse() {
$this->markTestIncomplete();
}
} }