1
|
|
|
<?php |
2
|
|
|
|
3
|
|
|
/** |
4
|
|
|
* Authentication mechanism using a BasicAuth request. |
5
|
|
|
* |
6
|
|
|
* @author Andre Lohmann <[email protected]> |
7
|
|
|
*/ |
8
|
|
|
class HttpAuth extends Object implements IAuth { |
|
|
|
|
9
|
|
|
|
10
|
|
|
public static function authenticate($email, $password) { |
11
|
|
|
$authenticator = Injector::inst()->get('ApiMemberAuthenticator'); |
12
|
|
|
if($user = $authenticator->authenticate(['Password' => $password, 'Email' => $email])) { |
13
|
|
|
return self::createSession($user); |
14
|
|
|
} |
15
|
|
|
} |
16
|
|
|
|
17
|
|
|
/** |
18
|
|
|
* @param Member $user |
19
|
|
|
* @return ApiSession |
20
|
|
|
*/ |
21
|
|
View Code Duplication |
public static function createSession($user) { |
|
|
|
|
22
|
|
|
$user->logIn(); |
23
|
|
|
/** @var Member $user */ |
24
|
|
|
$user = DataObject::get(Config::inst()->get('BaseRestController', 'Owner'))->byID($user->ID); |
25
|
|
|
|
26
|
|
|
// create session |
27
|
|
|
$session = ApiSession::create(); |
28
|
|
|
$session->User = $user; |
29
|
|
|
$session->Token = AuthFactory::generate_token($user); |
30
|
|
|
|
31
|
|
|
return $session; |
32
|
|
|
} |
33
|
|
|
|
34
|
|
View Code Duplication |
public static function delete($request) { |
|
|
|
|
35
|
|
|
$owner = self::current($request); |
36
|
|
|
if(!$owner) { |
37
|
|
|
throw new RestUserException("No session found", 404, 404); |
38
|
|
|
} |
39
|
|
|
$owner->logOut(); |
40
|
|
|
return true; |
41
|
|
|
} |
42
|
|
|
|
43
|
|
|
|
44
|
|
|
/** |
45
|
|
|
* @param SS_HTTPRequest $request |
46
|
|
|
* @return Member |
|
|
|
|
47
|
|
|
*/ |
48
|
|
|
public static function current($request) { |
49
|
|
|
$member = self::getBasicAuthMember(); |
50
|
|
|
return ($member instanceof Member) ? DataObject::get(Config::inst()->get('BaseRestController', 'Owner'))->byID($member->ID) : null; |
51
|
|
|
} |
52
|
|
|
|
53
|
|
|
/** |
54
|
|
|
* @return Member |
|
|
|
|
55
|
|
|
*/ |
56
|
|
|
protected static function getBasicAuthMember(){ |
57
|
|
|
$realm = Config::inst()->get('HttpAuth', 'Realm'); |
58
|
|
|
$permissionCode = Config::inst()->get('HttpAuth', 'PermissionCode'); |
59
|
|
|
$isRunningTests = (class_exists('SapphireTest', false) && SapphireTest::is_running_test()); |
60
|
|
|
$tryUsingSessionLogin = $isRunningTests || Config::inst()->get('HttpAuth', 'TryUsingSessionLogin'); |
61
|
|
|
|
62
|
|
|
try{ |
63
|
|
|
$member = BasicAuth::requireLogin($realm, $permissionCode, $tryUsingSessionLogin); |
64
|
|
|
return $member; |
65
|
|
|
} catch (Exception $ex) { |
66
|
|
|
return null; |
67
|
|
|
} |
68
|
|
|
} |
69
|
|
|
|
70
|
|
|
} |
71
|
|
|
|
You can fix this by adding a namespace to your class:
When choosing a vendor namespace, try to pick something that is not too generic to avoid conflicts with other libraries.