Add first draft of the user api

author: Frederic Guillot <fred@kanboard.net> 2015-07-29 17:42:48 -0400
committer: Frederic Guillot <fred@kanboard.net> 2015-07-29 17:42:48 -0400
commit: f595fb2786d884dbaf7ec87d53cee920a0655f0e (patch)
tree: 0da808ef2f679affa51eff80e172787098c13731 /app/Api/Auth.php
parent: 2eeb58ae0321f584652714080649302c3f83a831 (diff)
1 files changed, 40 insertions, 0 deletions
diff --git a/app/Api/Auth.php b/app/Api/Auth.php
new file mode 100644
index 00000000..9d401746
--- /dev/null
+++ b/app/Api/Auth.php
@@ -0,0 +1,40 @@
+<?php
+
+namespace Api;
+
+use JsonRPC\AuthenticationFailure;
+use Symfony\Component\EventDispatcher\Event;
+
+/**
+ * Base class
+ *
+ * @package  api
+ * @author   Frederic Guillot
+ */
+class Auth extends Base
+{
+    /**
+     * Check api credentials
+     *
+     * @access public
+     * @param  string  $username
+     * @param  string  $password
+     * @param  string  $class
+     * @param  string  $method
+     */
+    public function checkCredentials($username, $password, $class, $method)
+    {
+        $this->container['dispatcher']->dispatch('api.bootstrap', new Event);
+
+        if ($username !== 'jsonrpc' && $this->authentication->authenticate($username, $password)) {
+            $this->checkProcedurePermission(true, $method);
+            $this->userSession->refresh($this->user->getByUsername($username));
+        }
+        else if ($username === 'jsonrpc' && $password === $this->config->get('api_token')) {
+            $this->checkProcedurePermission(false, $method);
+        }
+        else {
+            throw new AuthenticationFailure('Wrong credentials');
+        }
+    }
+}
author	Frederic Guillot <fred@kanboard.net>	2015-07-29 17:42:48 -0400
committer	Frederic Guillot <fred@kanboard.net>	2015-07-29 17:42:48 -0400
commit	f595fb2786d884dbaf7ec87d53cee920a0655f0e (patch)
tree	0da808ef2f679affa51eff80e172787098c13731 /app/Api/Auth.php
parent	2eeb58ae0321f584652714080649302c3f83a831 (diff)