The API_V1_Controller will request authentication.

This commit is contained in:
Alex Tselegidis 2016-07-09 11:17:39 +02:00
parent 5362c30784
commit 57f5f70448

View file

@ -11,8 +11,48 @@
* @since v1.2.0
* ---------------------------------------------------------------------------- */
class API_V1_Controller extends CI_Controller {
use \EA\Engine\Types\NonEmptyString;
/**
* API V1 Controller
*
* Parent controller class for the API v1 resources. Extend this class instead of the CI_Controller
* and call the parent constructor.
*
* @package Controllers
* @subpackage API
*/
class API_V1_Controller extends CI_Controller {
/**
* Class Constructor
*
* This constructor will handle the common operations of each API call.
*
* Important: Do not forget to call the this constructor from the child classes.
*
* Notice: At the time being only the basic authentication is supported. Make sure
* that you use the API through SSL/TLS for security.
*/
public function __construct() {
if (!isset($_SERVER['PHP_AUTH_USER'])) {
return $this->_requestAuthentication();
}
$username = new NonEmptyString($_SERVER['PHP_AUTH_USER']);
$password = new NonEmptyString($_SERVER['PHP_AUTH_PW']);
$authorization = new \EA\Engine\Api\V1\Authorization($this);
$authorization->basic($username, $password);
parent::__construct();
}
/**
* Sets request authentication headers.
*/
protected function _requestAuthentication() {
header('WWW-Authenticate: Basic realm="Easy!Appointments"');
header('HTTP/1.0 401 Unauthorized');
echo 'You are not authorized to use the API.';
}
}
/* End of file API_V1_Controller.php */