Slim PHP: Only catch valid routes with middleware
I\'m writing a REST API with Slim. I have written a small middleware to protect the resources so only authenticated users will be able to access them:
-
Not exactly what you asking for, but personnaly when i need to check authentification on some routes i do it like this.
config:
$config = array( ..., 'user.secured.urls' => array( array('path' => '/user'), array('path' => '/user/'), array('path' => '/user/.+'), array('path' => '/api/user/.+') ), ... );middleware:
/** * Uses 'slim.before.router' to check for authentication when visitor attempts * to access a secured URI. */ public function call() { $app = $this->app; $req = $app->request(); $auth = $this->auth; $config = $this->config; $checkAuth = function () use ($app, $auth, $req, $config) { // User restriction $userSecuredUrls = isset($config['user.secured.urls']) ? $config['user.secured.urls'] : array(); foreach ($userSecuredUrls as $url) { $urlPattern = '@^' . $url['path'] . '$@'; if (preg_match($urlPattern, $req->getPathInfo()) === 1 && $auth->hasIdentity() === false) { $errorData = array('status' => 401,'error' => 'Permission Denied'); $app->render('error.php', $errorData, 401); $app->stop(); } } }; $app->hook('slim.before.router', $checkAuth); $this->next->call(); }but if almost all your routes need authentification maybe not the best solution.
great example: http://www.slideshare.net/jeremykendall/keeping-it-small-slim-php
加载中...
- 热议问题