Add http authorization for all url except api.ping

ooghry · Aug 9, 2016 · 6c64ae3 · 6c64ae3
1 parent 11178af
commit 6c64ae3
Show file tree

Hide file tree

Showing 4 changed files with 70 additions and 2 deletions.
diff --git a/config/autoload/dependencies.global.php b/config/autoload/dependencies.global.php
@@ -19,6 +19,7 @@
         'factories' => [
             Application::class => ApplicationFactory::class,
             Helper\UrlHelper::class => Helper\UrlHelperFactory::class,
+            App\Middleware\AuthMiddleware::class => App\Middleware\AuthMiddlewareFactory::class,
         ],
     ],
 ];
diff --git a/config/autoload/middleware-pipeline.global.php b/config/autoload/middleware-pipeline.global.php
@@ -7,7 +7,7 @@
         'factories' => [
             Helper\ServerUrlMiddleware::class => Helper\ServerUrlMiddlewareFactory::class,
             Helper\UrlHelperMiddleware::class => Helper\UrlHelperMiddlewareFactory::class,
-        ],
+        ]
     ],
     // This can be used to seed pre- and/or post-routing middleware
     'middleware_pipeline' => [
@@ -40,6 +40,7 @@
                 // - pre-conditions
                 // - modifications to outgoing responses
                 Helper\ServerUrlMiddleware::class,
+                App\Middleware\AuthMiddleware::class,
             ],
             'priority' => 10000,
         ],
@@ -62,7 +63,7 @@
             'middleware' => [
                 // Add error middleware here.
             ],
-            'error'    => true,
+            'error' => true,
             'priority' => -10000,
         ],
     ],

diff --git a/src/App/Middleware/AuthMiddleware.php b/src/App/Middleware/AuthMiddleware.php
@@ -0,0 +1,49 @@
+<?php
+
+
+namespace App\Middleware;
+
+use Psr\Http\Message\ResponseInterface;
+use Psr\Http\Message\ServerRequestInterface;
+use Zend\Expressive\Helper\UrlHelper;
+
+class AuthMiddleware
+{
+    private $helper;
+
+    public function __construct(UrlHelper $helper)
+    {
+        $this->helper=$helper;
+    }
+
+    public function __invoke(ServerRequestInterface $request, ResponseInterface $response, callable $next = null)
+    {
+        if($this->helper->generate('api.ping')!=$request->getUri()->getPath()) {
+            $auth = $this->parseAuth($request->getHeaderLine('Authorization'));
+            if (!$auth or !$this->checkUserPass($auth['user'], $auth['pass'])) {
+                return $response
+                    ->withHeader('WWW-Authenticate', 'Basic realm=""')
+                    ->withStatus(401);
+            }
+        }
+        $response = $next($request, $response);
+        return $response;
+    }
+
+    private function parseAuth($header)
+    {
+        if (strpos($header, 'Basic') !== 0) {
+            return false;
+        }
+        $header = explode(':', base64_decode(substr($header, 6)));
+        return [
+            'user' => $header[0],
+            'pass' => isset($header[1]) ?? $header[1],
+        ];
+    }
+
+    private function checkUserPass($user,$pass)
+    {
+        return ($user=='myuser' and $pass=='mypass');
+    }
+}
diff --git a/src/App/Middleware/AuthMiddlewareFactory.php b/src/App/Middleware/AuthMiddlewareFactory.php
@@ -0,0 +1,17 @@
+<?php
+
+
+namespace App\Middleware;
+
+use Interop\Container\ContainerInterface;
+use Zend\Expressive\Router\RouterInterface;
+use Zend\Expressive\Helper\UrlHelper;
+
+class AuthMiddlewareFactory
+{
+    public function __invoke(ContainerInterface $container, $requestedName, array $options = null)
+    {
+        $helper=new UrlHelper($container->get(RouterInterface::class));
+        return new AuthMiddleware($helper);
+    }
+}