setAuth() - Code Metrics - Inspection of "reconf cookie setting" - eliareutlinger/minska-api - Measure and Improve Code Quality continuously with Scrutinizer

Passed

Push — master ( d90896...4dd415 )

by Elia

created 2019-02-17 14:22 UTC

setAuth() A

↳ Parent: Project

Complexity

Conditions	4
Paths	4

Size

Total Lines	17
Code Lines	9

Duplication

Lines	0
Ratio	0 %

Importance

Changes

Metric	Value
cc	4
eloc	9
nc	4
nop	2
dl	0
loc	17
rs	9.9666
c	0
b	0
f	0

<?php

// Application Params
error_reporting(E_ALL);
//error_reporting(0); <-- to deactivate
date_default_timezone_set('Europe/Zurich');

$token_conf = array(
    "secret" => 'lkiuerf@oja78781[ojaklj]JHjksa122:891',
    "algorithm" => array('HS256'),
    "issuer" => 'Official Minska API',
    "issuedAt" => time(),
    "notBefore" => time(),
    "expireDefault" => time() + (604800),
);

function setAuth($token, $expire){

    //$domain = "localhost";
    $domain = ".eliareutlinger.ch";
    $secure = false;
    if(isset($_SERVER['HTTPS'])){
        $secure = true;
    }

    $appCookie = setcookie ("appToken", $token, $expire, "/", $domain, $secure, false);
    $secureCookie = setcookie ("secureToken", $token, $expire, "/", $domain, $secure, true);

    if($appCookie && $secureCookie){
        return true;
    }

    return false;

}

function authenticate() {
    if (isset($_COOKIE["appToken"]) && isset(getallheaders()['Authorization'])) {

        list($type, $data) = explode(" ", getallheaders()['Authorization'], 2);
        if (strcasecmp($type, "Bearer") == 0) {

            if($_COOKIE["appToken"] === $data){
                return $_COOKIE["appToken"];
            } else {
                returnForbidden("Tokens not correct");
            }

        } else {
            returnForbidden("Auth-Token invalid.");
        }

    } else {
        returnForbidden("Required Tokens not found.");
    }

}

function returnSuccess($data = false) {
    http_response_code(200);
    if ($data) {
        echo json_encode(array(
        "status" => "success",
        "message" => "Request successfully handled",
        "content" => $data
        ));
    } else {
        echo json_encode(array(
        "status" => "success",
        "message" => "Request successfully handled (Returning no content)"
        ));
    }
    die();
}

function returnNoData() {
    http_response_code(204);
    echo json_encode(array(
    "status" => "success",
    "message" => "Request successfully handled but no data found"
    ));
    die();
}

function returnForbidden($reason = false) {
    http_response_code(403);
    if ($reason) {
        echo json_encode(array(
        "status" => "unauthorized",
        "message" => "User is not authorized to perform this action",
        "reason" => $reason
        ));
    } else {
        echo json_encode(array(
        "status" => "unauthorized",
        "message" => "User is not authorized to perform this action"
        ));
    }
    die();
}

function returnBadRequest($reason = false) {
    http_response_code(400);
    if ($reason) {
        echo json_encode(array(
        "status" => "failed",
        "message" => "Bad Request: Values are wrong or missing.",
        "reason" => $reason
        ));
    } else {
        echo json_encode(array(
        "status" => "failed",
        "message" => "Bad Request: Values are wrong or missing."
        ));
    }
    die();
}

function returnError($reason = false) {
    http_response_code(500);
    if ($reason) {
        echo json_encode(array(
        "status" => "error",
        "message" => "An internal error occured",
        "reason" => $reason
        ));
    } else {
        echo json_encode(array(
        "status" => "error",
        "message" => "An internal error occured",
        ));
    }
    die();
}


1			<?php
2
3			// Application Params
4			error_reporting(E_ALL);
5			//error_reporting(0); <-- to deactivate
6			date_default_timezone_set('Europe/Zurich');
7
8			$token_conf = array(
9			"secret" => 'lkiuerf@oja78781[ojaklj]JHjksa122:891',
10			"algorithm" => array('HS256'),
11			"issuer" => 'Official Minska API',
12			"issuedAt" => time(),
13			"notBefore" => time(),
14			"expireDefault" => time() + (604800),
15			);
16
17			function setAuth($token, $expire){
18
19			//$domain = "localhost";
20			$domain = ".eliareutlinger.ch";
21			$secure = false;
22			if(isset($_SERVER['HTTPS'])){
23			$secure = true;
24			}
25
26			$appCookie = setcookie ("appToken", $token, $expire, "/", $domain, $secure, false);
27			$secureCookie = setcookie ("secureToken", $token, $expire, "/", $domain, $secure, true);
28
29			if($appCookie && $secureCookie){
30			return true;
31			}
32
33			return false;
34
35			}
36
37			function authenticate() {
38			if (isset($_COOKIE["appToken"]) && isset(getallheaders()['Authorization'])) {
39
40			list($type, $data) = explode(" ", getallheaders()['Authorization'], 2);
41			if (strcasecmp($type, "Bearer") == 0) {
42
43			if($_COOKIE["appToken"] === $data){
44			return $_COOKIE["appToken"];
45			} else {
46			returnForbidden("Tokens not correct");
47			}
48
49			} else {
50			returnForbidden("Auth-Token invalid.");
51			}
52
53			} else {
54			returnForbidden("Required Tokens not found.");
55			}
56
57			}
58
59			function returnSuccess($data = false) {
60			http_response_code(200);
61			if ($data) {
62			echo json_encode(array(
63			"status" => "success",
64			"message" => "Request successfully handled",
65			"content" => $data
66			));
67			} else {
68			echo json_encode(array(
69			"status" => "success",
70			"message" => "Request successfully handled (Returning no content)"
71			));
72			}
73			die();
74			}
75
76			function returnNoData() {
77			http_response_code(204);
78			echo json_encode(array(
79			"status" => "success",
80			"message" => "Request successfully handled but no data found"
81			));
82			die();
83			}
84
85			function returnForbidden($reason = false) {
86			http_response_code(403);
87			if ($reason) {
88			echo json_encode(array(
89			"status" => "unauthorized",
90			"message" => "User is not authorized to perform this action",
91			"reason" => $reason
92			));
93			} else {
94			echo json_encode(array(
95			"status" => "unauthorized",
96			"message" => "User is not authorized to perform this action"
97			));
98			}
99			die();
100			}
101
102			function returnBadRequest($reason = false) {
103			http_response_code(400);
104			if ($reason) {
105			echo json_encode(array(
106			"status" => "failed",
107			"message" => "Bad Request: Values are wrong or missing.",
108			"reason" => $reason
109			));
110			} else {
111			echo json_encode(array(
112			"status" => "failed",
113			"message" => "Bad Request: Values are wrong or missing."
114			));
115			}
116			die();
117			}
118
119			function returnError($reason = false) {
120			http_response_code(500);
121			if ($reason) {
122			echo json_encode(array(
123			"status" => "error",
124			"message" => "An internal error occured",
125			"reason" => $reason
126			));
127			} else {
128			echo json_encode(array(
129			"status" => "error",
130			"message" => "An internal error occured",
131			));
132			}
133			die();
134			}
135

eliareutlinger / minska-api

Push — master ( d90896...4dd415 )

setAuth() A

Complexity

Size

Duplication

Importance

Duplication Side-by-Side

Filter issues like