mirror/RSS-Bridge.rss-bridge
1
0
Fork 0
mirror of https://github.com/RSS-Bridge/rss-bridge.git synced 2025-07-22 19:55:02 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

refactor: prepare for introduction of token based authentication (#3921)

Browse source
This commit is contained in:
Dag 2024-01-24 23:06:23 +01:00 committed by GitHub
parent 1262cc982c
commit 06b299e627
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
10 changed files with 240 additions and 291 deletions
Download patch file Download diff file Expand all files Collapse all files

25
actions/SetBridgeCacheAction.php
View file

@ -11,9 +11,30 @@ class SetBridgeCacheAction implements ActionInterface
public function execute(array $request)
{
$authenticationMiddleware = new ApiAuthenticationMiddleware();
$authenticationMiddleware($request);
// Authentication
$accessTokenInConfig = Configuration::getConfig('authentication', 'access_token');
if (!$accessTokenInConfig) {
return new Response('Access token is not set in this instance', 403, ['content-type' => 'text/plain']);
}
if (isset($request['access_token'])) {
$accessTokenGiven = $request['access_token'];
} else {
$header = trim($_SERVER['HTTP_AUTHORIZATION'] ?? '');
$position = strrpos($header, 'Bearer ');
if ($position !== false) {
$accessTokenGiven = substr($header, $position + 7);
} else {
$accessTokenGiven = '';
}
}
if (!$accessTokenGiven) {
return new Response('No access token given', 403, ['content-type' => 'text/plain']);
}
if (! hash_equals($accessTokenInConfig, $accessTokenGiven)) {
return new Response('Incorrect access token', 403, ['content-type' => 'text/plain']);
}
// Begin actual work
$key = $request['key'] ?? null;
if (!$key) {
returnClientError('You must specify key!');