Merge pull request #10200 from annando/api-login
API: New function to fetch current user id
This commit is contained in:
commit
1f4a528cdf
2 changed files with 27 additions and 1 deletions
|
@ -175,6 +175,7 @@ function api_register_func($path, $func, $auth = false, $method = API_METHOD_ANY
|
||||||
* Simple Auth allow username in form of <pre>user@server</pre>, ignoring server part
|
* Simple Auth allow username in form of <pre>user@server</pre>, ignoring server part
|
||||||
*
|
*
|
||||||
* @param App $a App
|
* @param App $a App
|
||||||
|
* @param bool $do_login try to log in when not logged in, otherwise quit silently
|
||||||
* @throws ForbiddenException
|
* @throws ForbiddenException
|
||||||
* @throws InternalServerErrorException
|
* @throws InternalServerErrorException
|
||||||
* @throws UnauthorizedException
|
* @throws UnauthorizedException
|
||||||
|
@ -185,8 +186,10 @@ function api_register_func($path, $func, $auth = false, $method = API_METHOD_ANY
|
||||||
* 'authenticated' => return status,
|
* 'authenticated' => return status,
|
||||||
* 'user_record' => return authenticated user record
|
* 'user_record' => return authenticated user record
|
||||||
*/
|
*/
|
||||||
function api_login(App $a)
|
function api_login(App $a, bool $do_login = true)
|
||||||
{
|
{
|
||||||
|
$_SESSION["allow_api"] = false;
|
||||||
|
|
||||||
// workaround for HTTP-auth in CGI mode
|
// workaround for HTTP-auth in CGI mode
|
||||||
if (!empty($_SERVER['REDIRECT_REMOTE_USER'])) {
|
if (!empty($_SERVER['REDIRECT_REMOTE_USER'])) {
|
||||||
$userpass = base64_decode(substr($_SERVER["REDIRECT_REMOTE_USER"], 6));
|
$userpass = base64_decode(substr($_SERVER["REDIRECT_REMOTE_USER"], 6));
|
||||||
|
@ -216,6 +219,10 @@ function api_login(App $a)
|
||||||
Logger::warning(API_LOG_PREFIX . 'OAuth error', ['module' => 'api', 'action' => 'login', 'exception' => $e->getMessage()]);
|
Logger::warning(API_LOG_PREFIX . 'OAuth error', ['module' => 'api', 'action' => 'login', 'exception' => $e->getMessage()]);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (!$do_login) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
Logger::debug(API_LOG_PREFIX . 'failed', ['module' => 'api', 'action' => 'login', 'parameters' => $_SERVER]);
|
Logger::debug(API_LOG_PREFIX . 'failed', ['module' => 'api', 'action' => 'login', 'parameters' => $_SERVER]);
|
||||||
header('WWW-Authenticate: Basic realm="Friendica"');
|
header('WWW-Authenticate: Basic realm="Friendica"');
|
||||||
throw new UnauthorizedException("This API requires login");
|
throw new UnauthorizedException("This API requires login");
|
||||||
|
@ -257,6 +264,9 @@ function api_login(App $a)
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!DBA::isResult($record)) {
|
if (!DBA::isResult($record)) {
|
||||||
|
if (!$do_login) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
Logger::debug(API_LOG_PREFIX . 'failed', ['module' => 'api', 'action' => 'login', 'parameters' => $_SERVER]);
|
Logger::debug(API_LOG_PREFIX . 'failed', ['module' => 'api', 'action' => 'login', 'parameters' => $_SERVER]);
|
||||||
header('WWW-Authenticate: Basic realm="Friendica"');
|
header('WWW-Authenticate: Basic realm="Friendica"');
|
||||||
//header('HTTP/1.0 401 Unauthorized');
|
//header('HTTP/1.0 401 Unauthorized');
|
||||||
|
|
|
@ -91,6 +91,22 @@ class BaseApi extends BaseModule
|
||||||
return (bool)self::$current_user_id;
|
return (bool)self::$current_user_id;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Get current user id, returns 0 if not logged in
|
||||||
|
*
|
||||||
|
* @return int User ID
|
||||||
|
*/
|
||||||
|
protected static function getCurrentUserID()
|
||||||
|
{
|
||||||
|
if (is_null(self::$current_user_id)) {
|
||||||
|
api_login(DI::app(), false);
|
||||||
|
|
||||||
|
self::$current_user_id = api_user();
|
||||||
|
}
|
||||||
|
|
||||||
|
return (int)self::$current_user_id;
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Get user info array.
|
* Get user info array.
|
||||||
*
|
*
|
||||||
|
|
Loading…
Reference in a new issue