I am creating API using Slim Framework. I need to filter requests required authentication and route them to the specific auth handler. Or it would be better to say that I need to filter URI that don't require auth (public information).
I have created following middleware skileton
class TokenAuth extends \Slim\Middleware {
private $auth;
public function __construct($userEmail,$accesToken,$appSecret) {
}
/**
* Deny Access
*
*/
public function deny_access() {
$res = $this->app->response();
$res->status(401);
}
public function authenticate($token) {
....
}
/**
* Call
*
*/
public function call() {
//Get the token sent from jquery
$tokenAuth = $app->request->headers->get('Authorization');
//Check if our token is valid
if ($this->authenticate($tokenAuth)) {
....
} else {
$this->deny_access();
}
}
}
In this case I cannot access any URI without token, how to solve this problem, allowing access to the public resources.
I would be grateful for any help. Thx in advance.
You have mainly two ways of doing it :
Global middleware
One way consist in adding an OAuth middleware to your API so you can check if user is authenticated or not and setup a flag, then inside each route you can do a simple check if user is authenticated or not.
Then your MyOAuthMiddleware :
Now you can check in all your routes :
Specific route middleware
You can follow Slim documentation and choose to add your Middleware directly on each declaration :