FGFS-4.1/phpvms
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Change header from Authorization to X-API-KEY to avoid Apache issues

Browse Source
This commit is contained in:
Nabeel Shahzad 2017-12-30 13:31:11 -06:00
parent 41227d3fdb
commit 5e32bcc52d
3 changed files with 12 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
app/Console/Commands/TestApi.php
View File

@ -19,10 +19,12 @@ class TestApi extends BaseCommand
$this->httpClient = new Client([ $this->httpClient = new Client([
'headers' => [ 'headers' => [
'Authorization' => $this->argument('apikey'), 'Authorization' => $this->argument('apikey'),
'Content-type' => 'application/json',
'X-API-Key' => $this->argument('apikey'),
] ]
]); ]);
$result = $this->httpClient->get($this->argument('url')); $result = $this->httpClient->get($this->argument('url'));
print_r(\GuzzleHttp\json_decode($result->getBody())); echo $result->getBody();
} }
} }

10
app/Http/Middleware/ApiAuth.php
View File

@ -22,13 +22,15 @@ class ApiAuth
public function handle($request, Closure $next) public function handle($request, Closure $next)
{ {
// Check if Authorization header is in place // Check if Authorization header is in place
$auth = $request->header('Authorization', null); $api_key = $request->header('x-api-key', null);
if($auth === null) { if($api_key === null) {
return $this->unauthorized('Authorization header missing'); $api_key = $request->header('Authorization', null);
if ($api_key === null) {
return $this->unauthorized('X-API-KEY header missing');
}
} }
// Try to find the user via API key. Cache this lookup // Try to find the user via API key. Cache this lookup
$api_key = $request->header('Authorization');
$user = User::where('api_key', $api_key)->first(); $user = User::where('api_key', $api_key)->first();
if($user === null) { if($user === null) {
return $this->unauthorized('User not found with key "'.$api_key.'"'); return $this->unauthorized('User not found with key "'.$api_key.'"');

6
tests/ApiTest.php
View File

@ -37,15 +37,15 @@ class ApiTest extends TestCase
->assertStatus(200) ->assertStatus(200)
->assertJson(['icao' => $airport->icao], true); ->assertJson(['icao' => $airport->icao], true);
$this->withHeaders(['authorization' => 'testadminapikey'])->get($uri) $this->withHeaders(['x-api-key' => 'testadminapikey'])->get($uri)
->assertStatus(200) ->assertStatus(200)
->assertJson(['icao' => $airport->icao], true); ->assertJson(['icao' => $airport->icao], true);
$this->withHeaders(['AUTHORIZATION' => 'testadminapikey'])->get($uri) $this->withHeaders(['x-API-key' => 'testadminapikey'])->get($uri)
->assertStatus(200) ->assertStatus(200)
->assertJson(['icao' => $airport->icao], true); ->assertJson(['icao' => $airport->icao], true);
$this->withHeaders(['AuThOrIzAtIoN' => 'testadminapikey'])->get($uri) $this->withHeaders(['X-API-KEY' => 'testadminapikey'])->get($uri)
->assertStatus(200) ->assertStatus(200)
->assertJson(['icao' => $airport->icao], true); ->assertJson(['icao' => $airport->icao], true);
} }