Skip to content

Commit 4e0ab9a

Browse files
mevdscheemevdschee
committed
Added dbAuth middleware
1 parent 6593d38 commit 4e0ab9a

File tree

2 files changed

+11
-7
lines changed

2 files changed

+11
-7
lines changed

api.php

Lines changed: 11 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -5235,8 +5235,14 @@ public function process(ServerRequestInterface $request, RequestHandlerInterface
52355235
$passwordColumnName = $this->getProperty('passwordColumn', 'password');
52365236
$passwordColumn = $table->getColumn($passwordColumnName);
52375237
$condition = new ColumnCondition($usernameColumn, 'eq', $username);
5238-
$columnNames = $table->getColumnNames();
5239-
$users = $this->db->selectAll($table, $columnNames, $condition, [], 0, -1);
5238+
$returnedColumns = $this->getProperty('returnedColumns', '');
5239+
if (!$returnedColumns) {
5240+
$columnNames = $table->getColumnNames();
5241+
} else {
5242+
$columnNames = array_map('trim', explode(',', $returnedColumns));
5243+
$columnNames[] = $passwordColumnName;
5244+
}
5245+
$users = $this->db->selectAll($table, $columnNames, $condition, [], 0, 1);
52405246
foreach ($users as $user) {
52415247
if (password_verify($password, $user[$passwordColumnName]) == 1) {
52425248
if (!headers_sent()) {
@@ -5253,7 +5259,9 @@ public function process(ServerRequestInterface $request, RequestHandlerInterface
52535259
if (isset($_SESSION['user'])) {
52545260
$user = $_SESSION['user'];
52555261
unset($_SESSION['user']);
5256-
session_destroy();
5262+
if (session_status() != PHP_SESSION_NONE) {
5263+
session_destroy();
5264+
}
52575265
return $this->responder->success($user);
52585266
}
52595267
return $this->responder->error(ErrorCode::AUTHENTICATION_REQUIRED, '');

src/index.php

Lines changed: 0 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -10,10 +10,6 @@
1010
'username' => 'php-crud-api',
1111
'password' => 'php-crud-api',
1212
'database' => 'php-crud-api',
13-
'middlewares' => 'dbAuth,authorization',
14-
'authorization.tableHandler' => function ($operation, $tableName) {
15-
return $tableName != 'users';
16-
},
1713
]);
1814
$request = RequestFactory::fromGlobals();
1915
$api = new Api($config);

0 commit comments

Comments
 (0)