芝麻web文件管理V1.00
编辑当前文件:/home/mgatv524/public_html/avenida/lib/Middleware/ApiAuthenticationOAuth.php
. */ namespace Xibo\Middleware; use League\OAuth2\Server\ResourceServer; use Slim\Middleware; class ApiAuthenticationOAuth extends Middleware { public function call() { $app = $this->app; // oAuth Resource $sessionStorage = new \Xibo\Storage\ApiSessionStorage($app->store); $accessTokenStorage = new \Xibo\Storage\ApiAccessTokenStorage($app->store); $clientStorage = new \Xibo\Storage\ApiClientStorage($app->store); $scopeStorage = new \Xibo\Storage\ApiScopeStorage($app->store); $server = new \League\OAuth2\Server\ResourceServer( $sessionStorage, $accessTokenStorage, $clientStorage, $scopeStorage ); // DI in the server $app->server = $server; $isAuthorised = function() use ($app) { // Validate we are a valid auth /* @var ResourceServer $server */ $server = $this->app->server; $server->isValidRequest(false); /* @var \Xibo\Entity\User $user */ $user = null; // What type of access has been requested? if ($server->getAccessToken()->getSession()->getOwnerType() == 'user') $user = $app->userFactory->getById($server->getAccessToken()->getSession()->getOwnerId()); else $user = $app->userFactory->loadByClientId($server->getAccessToken()->getSession()->getOwnerId()); $user->setChildAclDependencies($app->userGroupFactory, $app->pageFactory); $user->load(); $this->app->user = $user; // Get the current route pattern $resource = $app->router->getCurrentRoute()->getPattern(); // Do they have permission? $this->app->user->routeAuthentication($resource, $app->request()->getMethod(), $server->getAccessToken()->getScopes()); }; $app->hook('slim.before.dispatch', $isAuthorised); // Call the next middleware $this->next->call(); } }