Fatal编程技术网
  • php/
  • Php OAuth令牌中间件Slim版本3暂停或退出

Php OAuth令牌中间件Slim版本3暂停或退出

php oauth

Php OAuth令牌中间件Slim版本3暂停或退出,php,oauth,access-token,middleware,slim-3,Php,Oauth,Access Token,Middleware,Slim 3,我正在尝试开发一种简单的身份验证方法。如果用户拥有正确的访问令牌,则应用程序将继续运行,否则将以401(未经授权)状态代码退出 我有这样的想法: public function __invoke($req, $res, $next) { $authHeader = $this->headers['Authorization']; //grabbing the token $auth = new AuthService($this->dbconfig); $vali

我正在尝试开发一种简单的身份验证方法。如果用户拥有正确的访问令牌,则应用程序将继续运行,否则将以401(未经授权)状态代码退出

我有这样的想法:

public function __invoke($req, $res, $next) {
   $authHeader = $this->headers['Authorization']; //grabbing the token
   $auth = new AuthService($this->dbconfig); 
   $validated = $auth->verifyOAuth($authHeader); //Verifying Token against DB
   if ($validated){
       return $response = $next($request, $response)
                        ->withStatus(200);//OK
   }else{
       return $response->withStatus(403);//Forbidden
   }

}
api.php

...
$headers = getallheaders();
$auth = new OAuth2Auth($headers, $authconfig);
$app->add($auth, $dbconfig);

$app->post('/user', function($req, $res, $args) {
   //MY CODE ONLY FOR LOGGED IN USERS
});

public function __construct($headers, $dbconfig) {
    $this->whiteList = array('\/auth');
    $this->config = $dbconfig;
    $this->headers = $headers;
}

public function __invoke($req, $res, $next) {
   $authHeader = $this->headers['Authorization']; //grabbing the token
   $auth = new AuthService($this->dbconfig); 
   $validated = $auth->verifyOAuth($authHeader); //Verifying Token against DB
   if ($validated){
       $response = $next($request, $response);
   }else{
       //EXIT, STOP or HALT
   }
   return $response;
}
OAuth2Auth.php

...
$headers = getallheaders();
$auth = new OAuth2Auth($headers, $authconfig);
$app->add($auth, $dbconfig);

$app->post('/user', function($req, $res, $args) {
   //MY CODE ONLY FOR LOGGED IN USERS
});

public function __construct($headers, $dbconfig) {
    $this->whiteList = array('\/auth');
    $this->config = $dbconfig;
    $this->headers = $headers;
}

public function __invoke($req, $res, $next) {
   $authHeader = $this->headers['Authorization']; //grabbing the token
   $auth = new AuthService($this->dbconfig); 
   $validated = $auth->verifyOAuth($authHeader); //Verifying Token against DB
   if ($validated){
       $response = $next($request, $response);
   }else{
       //EXIT, STOP or HALT
   }
   return $response;
}
我尝试了多次解决方案,以避免中间件继续执行,但没有任何效果。应用程序始终运行$app->post('/user'…)中的内容。我已经为Slim v2找到了多种解决方案,但到目前为止还没有为Slim v3找到任何解决方案。谢谢。

看起来Slim v3处理的中间件与v2稍有不同。答案是创建我自己的$response,如下所示:

public function __invoke($req, $res, $next) {
   $authHeader = $this->headers['Authorization']; //grabbing the token
   $auth = new AuthService($this->dbconfig); 
   $validated = $auth->verifyOAuth($authHeader); //Verifying Token against DB
   if ($validated){
       return $response = $next($request, $response)
                        ->withStatus(200);//OK
   }else{
       return $response->withStatus(403);//Forbidden
   }

}
这对我有帮助