forked from mevdschee/php-api-auth
-
Notifications
You must be signed in to change notification settings - Fork 0
/
api.php
34 lines (28 loc) · 991 Bytes
/
api.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
<?php
// uncomment the lines below when running in stand-alone mode:
// for token+session based authentication (see "login_token.html" + "login_token.php"):
// require 'auth.php';
// $auth = new PHP_API_AUTH(array(
// 'secret'=>'someVeryLongPassPhraseChangeMe',
// ));
// if ($auth->executeCommand()) exit(0);
// if (empty($_SESSION['user']) || !$auth->hasValidCsrfToken()) {
// header('HTTP/1.0 401 Unauthorized');
// exit(0);
// }
// for form+session based authentication (see "login.html"):
// require 'auth.php';
// $auth = new PHP_API_AUTH(array(
// 'authenticator'=>function($user,$pass){ if ($user=='admin' && $pass=='admin') $_SESSION['user']=$user; }
// ));
// if ($auth->executeCommand()) exit(0);
// if (empty($_SESSION['user']) || !$auth->hasValidCsrfToken()) {
// header('HTTP/1.0 401 Unauthorized');
// exit(0);
// }
// include your api code here:
//
// see: https://github.com/mevdschee/php-crud-api
//
// placeholder for testing:
// echo 'Access granted!';