mirror of
https://github.com/espocrm/espocrm.git
synced 2026-06-28 15:06:06 +00:00
96 lines
2.0 KiB
PHP
96 lines
2.0 KiB
PHP
<?php
|
|
|
|
require_once('bootstrap.php');
|
|
|
|
$app = new \Espo\Core\Application();
|
|
|
|
use \Slim\Slim;
|
|
class Auth extends \Slim\Middleware
|
|
{
|
|
private $entityManager;
|
|
|
|
private $container;
|
|
|
|
public function __construct($entityManager, $container)
|
|
{
|
|
$this->entityManager = $entityManager;
|
|
$this->container = $container;
|
|
}
|
|
|
|
function call()
|
|
{
|
|
$req = $this->app->request();
|
|
$res = $this->app->response();
|
|
|
|
$uri = $req->getResourceUri();
|
|
$httpMethod = $req->getMethod();
|
|
|
|
/**
|
|
* Check if user credentials are required for current route
|
|
*/
|
|
$routes = $this->app->router()->getMatchedRoutes($httpMethod, $uri);
|
|
|
|
if (!empty($routes[0])) {
|
|
$routeConditions = $routes[0]->getConditions();
|
|
if (isset($routeConditions['auth']) && $routeConditions['auth'] === false) {
|
|
//$this->container->setUser(new \Espo\Entities\User());
|
|
$this->next->call();
|
|
return;
|
|
}
|
|
}
|
|
|
|
$authKey = $req->headers('PHP_AUTH_USER');
|
|
$authSec = $req->headers('PHP_AUTH_PW');
|
|
|
|
if ($authKey && $authSec) {
|
|
|
|
$isAuthenticated = false;
|
|
|
|
$username = $authKey;
|
|
$password = $authSec;
|
|
|
|
$user = $this->entityManager->getRepository('User')->findOne(array(
|
|
'whereClause' => array(
|
|
'userName' => $username,
|
|
'password' => md5($password)
|
|
),
|
|
));
|
|
|
|
|
|
if ($user instanceof \Espo\Entities\User) {
|
|
$this->entityManager->setUser($user);
|
|
$this->container->setUser($user);
|
|
$isAuthenticated = true;
|
|
}
|
|
|
|
//$isAuthenticated = true;
|
|
|
|
|
|
if ($isAuthenticated) {
|
|
$this->next->call();
|
|
} else {
|
|
$res->header('WWW-Authenticate', sprintf('Basic realm="%s"', ''));
|
|
$res->status(401);
|
|
}
|
|
} else {
|
|
$res->header('WWW-Authenticate', sprintf('Basic realm="%s"', ''));
|
|
$res->status(401);
|
|
}
|
|
}
|
|
}
|
|
|
|
|
|
$auth = new Auth($app->getContainer()->get('entityManager'), $app->getContainer());
|
|
$app->getSlim()->add($auth);
|
|
|
|
|
|
$app->getSlim()->get('/', function() {
|
|
echo <<<EOT
|
|
<h1>EspoCRM REST API!!!</h1>
|
|
EOT;
|
|
});
|
|
|
|
$app->getSlim()->run();
|
|
|
|
|
|
?>
|