Skip to content
Snippets Groups Projects
Commit 874b04f6 authored by Damien's avatar Damien
Browse files

FEAT #6751 Basic auth for Rest + basic auth for curl calls

parent f7f21c25
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
apps/maarch_entreprise/xml/curlCall.xml
+ 2
0
View file @ 874b04f6
<?xml version="1.0" encoding="utf-8"?>
<ROOT>
<user>super</user>
<password>maaarch</password>
<call>
<id>sendFile</id>
<url></url>
......
core/Models/CurlModel.php
+ 7
0
View file @ 874b04f6
......@@ -22,6 +22,7 @@ class CurlModel
ValidatorModel::notEmpty($aArgs, ['curlCallId']);
ValidatorModel::stringType($aArgs, ['curlCallId']);
ValidatorModel::arrayType($aArgs, ['bodyData']);
ValidatorModel::boolType($aArgs, ['noAuth']);
$curlConfig = CurlModel::getConfigByCallId(['curlCallId' => $aArgs['curlCallId']]);
if (empty($curlConfig)) {
......@@ -36,6 +37,9 @@ class CurlModel
],
CURLOPT_RETURNTRANSFER => true,
];
if (empty($aArgs['noAuth'])) {
$opts[CURLOPT_HTTPHEADER][] = 'Authorization: Basic ' . base64_encode($curlConfig['user']. ':' .$curlConfig['password']);
}
if ($curlConfig['method'] == 'POST' || $curlConfig['method'] == 'PUT') {
if (!empty($curlConfig['data'])) {
......@@ -76,6 +80,9 @@ class CurlModel
$curlConfig = [];
if (file_exists($path)) {
$loadedXml = simplexml_load_file($path);
$curlConfig['user'] = (string)$loadedXml->user;
$curlConfig['password'] = (string)$loadedXml->password;
foreach ($loadedXml->call as $call) {
if ((string)$call->id == $aArgs['curlCallId']) {
$curlConfig['url'] = (string)$call->url;
......
rest/index.php
+ 31
6
View file @ 874b04f6
......@@ -70,13 +70,26 @@ if (empty($_SESSION['user'])) {
//login management
if (empty($_SESSION['user'])) {
require_once('apps/maarch_entreprise/class/class_login.php');
$loginObj = new login();
$loginMethods = $loginObj->build_login_method();
require_once('core/services/Session.php');
$oSessionService = new \Core_Session_Service();
if (!empty($_SERVER['PHP_AUTH_USER']) && !empty($_SERVER['PHP_AUTH_PW'])) {
$_SESSION['error'] = '';
$security = new security();
$pass = $security->getPasswordHash($_SERVER['PHP_AUTH_PW']);
$res = $security->login($_SERVER['PHP_AUTH_USER'], $pass);
$_SESSION['user'] = $res['user'];
if (!empty($res['error'])) {
$_SESSION['error'] = $res['error'];
}
} else {
require_once('apps/maarch_entreprise/class/class_login.php');
$loginObj = new login();
$loginMethods = $loginObj->build_login_method();
require_once('core/services/Session.php');
$oSessionService = new \Core_Session_Service();
$loginObj->execute_login_script($loginMethods, true);
}
$loginObj->execute_login_script($loginMethods, true);
}
if ($_SESSION['error']) {
......@@ -246,3 +259,15 @@ $app->get('/res/listDocs/{clause}/{select}', \Core\Controllers\ResController::cl
$app->run();
if ($_SESSION['user']['UserId'] == 'restUser') {
$name = $_SESSION['sessionName'];
setcookie ($name, "", 1);
setcookie ($name, false);
unset($_COOKIE[$name]);
session_unset();
session_destroy();
unset($_SESSION['sessionName']);
}
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment