nas
/
todo_api
Watch 2
Star 1
Fork 0
Code Issues 1 Pull Requests 0 Releases 0 Wiki Activity
Browse Source

Add current user endpoint to db authentication (#724)

Roland Boon 3 years ago
parent
87d01fc976
commit
c3337d890b
No account linked to committer's email address
4 changed files with 23 additions and 2 deletions
Split View Show Diff Stats
  1. 3
    2
      README.md
  2. 6
    0
      api.php
  3. 6
    0
      src/Tqdev/PhpCrudApi/Middleware/DbAuthMiddleware.php
  4. 8
    0
      tests/functional/002_auth/003_db_auth.log

+ 3
- 2
README.md View File 

@@ -705,12 +705,13 @@ Below you find more information on each of the authentication types.
705 705
706 706 
 #### Database authentication
707 707
708 
-The database authentication middleware defines two new routes:
708 
+The database authentication middleware defines three new routes:
709 709
710 710 
     method path       - parameters               - description
711 
-    ----------------------------------------------------------------------------------------
711 
+    ---------------------------------------------------------------------------------------------------
712 712 
     POST   /login     - username + password      - logs a user in by username and password
713 713 
     POST   /logout    -                          - logs out the currently logged in user
714 
+    GET    /me        -                          - returns the user as which you're currently logged in
714 715
715 716 
 A user can be logged in by sending it's username and password to the login endpoint (in JSON format).
716 717 
 The authenticated user (with all it's properties) will be stored in the `$_SESSION['user']` variable.

+ 6
- 0
api.php View File 

@@ -7601,6 +7601,12 @@ namespace Tqdev\PhpCrudApi\Middleware {
7601 7601 
                 }
7602 7602 
                 return $this->responder->error(ErrorCode::AUTHENTICATION_REQUIRED, '');
7603 7603 
             }
7604 
+            if ($method == 'GET' && $path == 'me') {
7605 
+              if (isset($_SESSION['user'])) {
7606 
+                  return $this->responder->success($_SESSION['user']);
7607 
+              }
7608 
+              return $this->responder->error(ErrorCode::AUTHENTICATION_REQUIRED, '');
7609 
+            }
7604 7610 
             if (!isset($_SESSION['user']) || !$_SESSION['user']) {
7605 7611 
                 $authenticationMode = $this->getProperty('mode', 'required');
7606 7612 
                 if ($authenticationMode == 'required') {

+ 6
- 0
src/Tqdev/PhpCrudApi/Middleware/DbAuthMiddleware.php View File 

@@ -85,6 +85,12 @@ class DbAuthMiddleware extends Middleware
85 85 
             }
86 86 
             return $this->responder->error(ErrorCode::AUTHENTICATION_REQUIRED, '');
87 87 
         }
88 
+        if ($method == 'GET' && $path == 'me') {
89 
+            if (isset($_SESSION['user'])) {
90 
+                return $this->responder->success($_SESSION['user']);
91 
+            }
92 
+            return $this->responder->error(ErrorCode::AUTHENTICATION_REQUIRED, '');
93 
+        }
88 94 
         if (!isset($_SESSION['user']) || !$_SESSION['user']) {
89 95 
             $authenticationMode = $this->getProperty('mode', 'required');
90 96 
             if ($authenticationMode == 'required') {

+ 8
- 0
tests/functional/002_auth/003_db_auth.log View File 

@@ -16,6 +16,14 @@ Content-Type: application/json; charset=utf-8
16 16 
 Content-Type: application/json; charset=utf-8
17 17 
 Content-Length: 27
18 18
19 
+{"id":2,"username":"user2"}
20 
+===
21 
+GET /me
22 
+===
23 
+200
24 
+Content-Type: application/json; charset=utf-8
25 
+Content-Length: 27
26 
+
19 27 
 {"id":2,"username":"user2"}
20 28 
 ===
21 29 
 GET /records/invisibles/e42c77c6-06a4-4502-816c-d112c7142e6d

Write Preview
Loading…
Cancel
Save