diff options
author | ramon <ramongomez@us.es> | 2017-11-08 11:58:15 +0000 |
---|---|---|
committer | ramon <ramongomez@us.es> | 2017-11-08 11:58:15 +0000 |
commit | 41c430a39d97215f81cb82032b6402a6473e7d03 (patch) | |
tree | 093d1e0f95649389cc0a869ec8a6547346d60661 /admin/WebConsole/rest | |
parent | 78fc82cf7536dae76e1c3263bfb9e398ee7bbf88 (diff) |
#810: Soportar obtención de cabeceras sin usar Apache y reducir el código.
git-svn-id: https://opengnsys.es/svn/branches/version1.1@5501 a21b9725-9963-47de-94b9-378ad31fedc9
Diffstat (limited to 'admin/WebConsole/rest')
-rw-r--r-- | admin/WebConsole/rest/repository.php | 32 |
1 files changed, 11 insertions, 21 deletions
diff --git a/admin/WebConsole/rest/repository.php b/admin/WebConsole/rest/repository.php index 24372d4c..6e2a3f03 100644 --- a/admin/WebConsole/rest/repository.php +++ b/admin/WebConsole/rest/repository.php @@ -19,28 +19,16 @@ function validateRepositoryApiKey() { $response = array(); $app = \Slim\Slim::getInstance(); - // Read Authorization HTTP header. - $headers = apache_request_headers(); - if (! empty($headers['Authorization'])) { - // Assign user id. that match this key to global variable. - $apikey = htmlspecialchars($headers['Authorization']); - // El repositorio recupera el token desde el fichero de configuracion ogAdmRepo.cfg - $confFile = fopen("../../etc/ogAdmRepo.cfg", "r"); - - // Leemos cada linea hasta encontrar la clave "ApiToken" + // Assign user id. that match this key to global variable. + @$apikey = htmlspecialchars(function_exists('apache_request_headers') ? apache_request_headers()['Authorization'] : $_SERVER['HTTP_AUTHORIZATION']); + if (isset($apikey)) { + // fetch repository token from ogAdmRepo.cfg configuration file. + @$confFile = parse_ini_file('../../etc/ogAdmRepo.cfg', 'r'); if ($confFile) { - $found = false; - while(!feof($confFile)){ - $line = fgets($confFile); - $key = strtok($line,"="); - if($key == "ApiToken"){ - $token = trim(strtok("=")); - if(strcmp($apikey,$token) == 0){ - $found = true; - } - } - } - if (!$found){ + if(@strcmp($apikey, $confFile['ApiToken']) == 0) { + // Credentials OK. + return true; + } else { // Credentials error. $response['message'] = 'Login failed. Incorrect credentials'; jsonResponse(401, $response); @@ -50,11 +38,13 @@ function validateRepositoryApiKey() { // Cannot access configuration file. $response['message'] = "An error occurred, please try again"; jsonResponse(500, $response); + $app->stop(); } } else { // Error: missing API key. $response['message'] = 'Missing Repository API key'; jsonResponse(400, $response); + $app->stop(); } } |