Added "source" detection
This commit is contained in:
parent
0f0a301280
commit
8bf5dd187b
|
|
@ -77,10 +77,27 @@ class BasicAuth
|
|||
return self::$current_token;
|
||||
}
|
||||
|
||||
$source = $_REQUEST['source'] ?? '';
|
||||
|
||||
// Support for known clients that doesn't send a source name
|
||||
if (empty($source) && !empty($_SERVER['HTTP_USER_AGENT'])) {
|
||||
if(strpos($_SERVER['HTTP_USER_AGENT'], "Twidere") !== false) {
|
||||
$source = 'Twidere';
|
||||
}
|
||||
|
||||
Logger::info('Unrecognized user-agent', ['http_user_agent' => $_SERVER['HTTP_USER_AGENT']]);
|
||||
} else {
|
||||
Logger::info('Empty user-agent');
|
||||
}
|
||||
|
||||
if (empty($source)) {
|
||||
$source = 'api';
|
||||
}
|
||||
|
||||
self::$current_token = [
|
||||
'uid' => self::$current_user_id,
|
||||
'id' => 0,
|
||||
'name' => api_source(),
|
||||
'name' => $source,
|
||||
'website' => '',
|
||||
'created_at' => DBA::NULL_DATETIME,
|
||||
'read' => true,
|
||||
|
|
@ -114,7 +131,7 @@ class BasicAuth
|
|||
}
|
||||
}
|
||||
|
||||
$user = $_SERVER['PHP_AUTH_USER'] ?? '';
|
||||
$user = $_SERVER['PHP_AUTH_USER'] ?? '';
|
||||
$password = $_SERVER['PHP_AUTH_PW'] ?? '';
|
||||
|
||||
// allow "user@server" login (but ignore 'server' part)
|
||||
|
|
@ -155,7 +172,7 @@ class BasicAuth
|
|||
if (!$do_login) {
|
||||
return 0;
|
||||
}
|
||||
Logger::debug('failed', ['module' => 'api', 'action' => 'login', 'parameters' => $_SERVER]);
|
||||
Logger::debug('Access denied', ['parameters' => $_SERVER]);
|
||||
header('WWW-Authenticate: Basic realm="Friendica"');
|
||||
throw new UnauthorizedException("This API requires login");
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in a new issue