The API_V1_Controller will request authentication.
This commit is contained in:
parent
5362c30784
commit
57f5f70448
1 changed files with 41 additions and 1 deletions
|
@ -11,8 +11,48 @@
|
|||
* @since v1.2.0
|
||||
* ---------------------------------------------------------------------------- */
|
||||
|
||||
class API_V1_Controller extends CI_Controller {
|
||||
use \EA\Engine\Types\NonEmptyString;
|
||||
|
||||
/**
|
||||
* API V1 Controller
|
||||
*
|
||||
* Parent controller class for the API v1 resources. Extend this class instead of the CI_Controller
|
||||
* and call the parent constructor.
|
||||
*
|
||||
* @package Controllers
|
||||
* @subpackage API
|
||||
*/
|
||||
class API_V1_Controller extends CI_Controller {
|
||||
/**
|
||||
* Class Constructor
|
||||
*
|
||||
* This constructor will handle the common operations of each API call.
|
||||
*
|
||||
* Important: Do not forget to call the this constructor from the child classes.
|
||||
*
|
||||
* Notice: At the time being only the basic authentication is supported. Make sure
|
||||
* that you use the API through SSL/TLS for security.
|
||||
*/
|
||||
public function __construct() {
|
||||
if (!isset($_SERVER['PHP_AUTH_USER'])) {
|
||||
return $this->_requestAuthentication();
|
||||
}
|
||||
|
||||
$username = new NonEmptyString($_SERVER['PHP_AUTH_USER']);
|
||||
$password = new NonEmptyString($_SERVER['PHP_AUTH_PW']);
|
||||
$authorization = new \EA\Engine\Api\V1\Authorization($this);
|
||||
$authorization->basic($username, $password);
|
||||
parent::__construct();
|
||||
}
|
||||
|
||||
/**
|
||||
* Sets request authentication headers.
|
||||
*/
|
||||
protected function _requestAuthentication() {
|
||||
header('WWW-Authenticate: Basic realm="Easy!Appointments"');
|
||||
header('HTTP/1.0 401 Unauthorized');
|
||||
echo 'You are not authorized to use the API.';
|
||||
}
|
||||
}
|
||||
|
||||
/* End of file API_V1_Controller.php */
|
||||
|
|
Loading…
Reference in a new issue