From 2ecb79a2fa3c277de585e863132b31669302cecd Mon Sep 17 00:00:00 2001 From: Marcin Kurczewski Date: Thu, 4 Sep 2014 19:21:18 +0200 Subject: [PATCH] Added passive authorization --- public_html/js/Api.js | 5 +++- src/Dispatcher.php | 11 ++++++++ src/Helpers/HttpHelper.php | 11 ++++++++ src/Services/AuthService.php | 2 +- tests/DispatcherTest.php | 55 +++++++++++++++++------------------- 5 files changed, 53 insertions(+), 31 deletions(-) diff --git a/public_html/js/Api.js b/public_html/js/Api.js index 5635cef7..e1f42257 100644 --- a/public_html/js/Api.js +++ b/public_html/js/Api.js @@ -1,6 +1,6 @@ var App = App || {}; -App.API = function(promise) { +App.API = function(promise, appState) { var baseUrl = '/api/'; @@ -26,6 +26,9 @@ App.API = function(promise) { return promise.make(function(resolve, reject) { $.ajax({ + headers: { + 'X-Authorization-Token': appState.get('loginToken') || '', + }, success: function(data, textStatus, xhr) { resolve({ status: xhr.status, diff --git a/src/Dispatcher.php b/src/Dispatcher.php index 08af74f2..06d019fa 100644 --- a/src/Dispatcher.php +++ b/src/Dispatcher.php @@ -4,10 +4,12 @@ namespace Szurubooru; final class Dispatcher { private $router; + private $authService; public function __construct( \Szurubooru\Router $router, \Szurubooru\Helpers\HttpHelper $httpHelper, + \Szurubooru\Services\AuthService $authService, \Szurubooru\ControllerRepository $controllerRepository) { $this->router = $router; @@ -15,6 +17,7 @@ final class Dispatcher //if script fails prematurely, mark it as fail from advance $this->httpHelper->setResponseCode(500); + $this->authService = $authService; foreach ($controllerRepository->getControllers() as $controller) $controller->registerRoutes($router); @@ -26,6 +29,7 @@ final class Dispatcher try { $code = 200; + $this->authorizeFromRequestHeader(); $json = (array) $this->router->handle( $this->httpHelper->getRequestMethod(), $this->httpHelper->getRequestUri()); @@ -47,4 +51,11 @@ final class Dispatcher return $json; } + + private function authorizeFromRequestHeader() + { + $loginToken = $this->httpHelper->getRequestHeader('X-Authorization-Token'); + if ($loginToken) + $this->authService->loginFromToken($loginToken); + } } diff --git a/src/Helpers/HttpHelper.php b/src/Helpers/HttpHelper.php index 517fb17c..d89338c3 100644 --- a/src/Helpers/HttpHelper.php +++ b/src/Helpers/HttpHelper.php @@ -23,6 +23,17 @@ class HttpHelper $this->output(json_encode((array) $data)); } + public function getRequestHeaders() + { + return getallheaders(); + } + + public function getRequestHeader($key) + { + $headers = $this->getRequestHeaders(); + return isset($headers[$key]) ? $headers[$key] : null; + } + public function getRequestMethod() { return $_SERVER['REQUEST_METHOD']; diff --git a/src/Services/AuthService.php b/src/Services/AuthService.php index 6ee03495..a0b50f67 100644 --- a/src/Services/AuthService.php +++ b/src/Services/AuthService.php @@ -1,7 +1,7 @@ routerMock = $this->mock(\Szurubooru\Router::class); + $this->httpHelperMock = $this->mock(\Szurubooru\Helpers\HttpHelper::class); + $this->authServiceMock = $this->mock(\Szurubooru\Services\AuthService::class); + $this->controllerRepositoryMock = $this->mock(\Szurubooru\ControllerRepository::class); + } + public function testDispatchingArrays() { $expected = ['test' => 'toy']; - $httpHelperMock = $this->getHttpHelperMock(); - $httpHelperMock + $this->httpHelperMock ->expects($this->exactly(2)) ->method('setResponseCode') ->withConsecutive([$this->equalTo(500)], [$this->equalTo(200)]); + $this->routerMock->expects($this->once())->method('handle')->willReturn($expected); + $this->controllerRepositoryMock->method('getControllers')->willReturn([]); - $routerMock = $this->getRouterMock(); - $routerMock->expects($this->once())->method('handle')->willReturn($expected); - - $controllerRepositoryMock = $this->getControllerRepositoryMock(); - $controllerRepositoryMock->method('getControllers')->willReturn([]); - - $dispatcher = new \Szurubooru\Dispatcher($routerMock, $httpHelperMock, $controllerRepositoryMock); + $dispatcher = $this->getDispatcher(); $actual = $dispatcher->run(); unset($actual['__time']); @@ -32,33 +40,22 @@ final class DispatcherTest extends \Szurubooru\Tests\AbstractTestCase $classData->bunny = 5; $expected = ['bunny' => 5]; - $httpHelperMock = $this->getHttpHelperMock(); + $this->routerMock->expects($this->once())->method('handle')->willReturn($classData); + $this->controllerRepositoryMock->method('getControllers')->willReturn([]); - $routerMock = $this->getRouterMock(); - $routerMock->expects($this->once())->method('handle')->willReturn($classData); - - $controllerRepositoryMock = $this->getControllerRepositoryMock(); - $controllerRepositoryMock->method('getControllers')->willReturn([]); - - $dispatcher = new \Szurubooru\Dispatcher($routerMock, $httpHelperMock, $controllerRepositoryMock); + $dispatcher = $this->getDispatcher(); $actual = $dispatcher->run(); unset($actual['__time']); $this->assertEquals($expected, $actual); } - private function getHttpHelperMock() + private function getDispatcher() { - return $this->getMockBuilder(\Szurubooru\Helpers\HttpHelper::class)->disableOriginalConstructor()->getMock(); - } - - private function getRouterMock() - { - return $this->getMockBuilder(\Szurubooru\Router::class)->disableOriginalConstructor()->getMock(); - } - - private function getControllerRepositoryMock() - { - return $this->getMockBuilder(\Szurubooru\ControllerRepository::class)->disableOriginalConstructor()->getMock(); + return new \Szurubooru\Dispatcher( + $this->routerMock, + $this->httpHelperMock, + $this->authServiceMock, + $this->controllerRepositoryMock); } }