Incoviba/oficial
1
0
Fork 0
Code Issues Pull Requests 2 Releases Wiki Activity

FIX: API not added by git

Browse Source
This commit is contained in:
Juan Pablo Vial
2024-07-26 23:57:04 -04:00
parent 93a15ef1e4
commit e93149456a
1 changed files with 24 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

29
app/src/Middleware/API.php
View File

@ -10,7 +10,8 @@ use Incoviba\Service;
class API
{
public function __construct(protected ResponseFactoryInterface $responseFactory, protected Service\Login $loginService,
public function __construct(protected ResponseFactoryInterface $responseFactory,
protected Service\Login $loginService,
protected string $key) {}
public function __invoke(ServerRequestInterface $request, RequestHandlerInterface $handler): ResponseInterface
@ -20,6 +21,9 @@ class API
} catch (MissingAuthorizationHeader $exception) {
return $this->responseFactory->createResponse(401);
}
if ($this->validateSimpleKey($request, $key)) {
return $handler->handle($request);
}
if ($this->validate($request, $key)) {
return $handler->handle($request);
}
@ -37,23 +41,38 @@ class API
}
protected function validate(ServerRequestInterface $request, $incoming_key): bool
{
$selector = null;
$token = null;
if (str_contains($incoming_key, $this->loginService->getSeparator())) {
list($incoming_key, $selector, $token) = explode($this->loginService->getSeparator(), $incoming_key);
if (!$this->loginService->isIn()) {
list($incoming_key, $selector, $token) = explode($this->loginService->getSeparator(), $incoming_key, 3);
if (!$this->loginService->isIn($selector, $token)) {
return false;
}
}
if (!$this->loginService->isIn() and !$this->validPermitted($request)) {
if (!$this->loginService->isIn($selector, $token) and !$this->validPermitted($request)) {
return false;
}
return $incoming_key === md5($this->key);
}
protected function validateSimpleKey(ServerRequestInterface $request, $incoming_key): bool
{
return $incoming_key === md5($this->key) and $this->noComplexKeyNeeded($request);
}
protected function noComplexKeyNeeded(ServerRequestInterface $request): bool
{
$uri = $request->getUri();
$validPaths = [
'/api/login',
'/api/login/',
];
return in_array($uri->getPath(), $validPaths);
}
protected function validPermitted(ServerRequestInterface $request): bool
{
$uri = $request->getUri();
$validPaths = [
'/api',
'/api/'
'/api/',
];
return in_array($uri->getPath(), $validPaths);
}