Kilian/PHP-Course
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

CORS Unauth repsonse

Browse Source
This commit is contained in:
Kilian Hofmann 2024-07-25 22:19:38 +02:00
parent 202e89382a
commit 2091bdb4e3
3 changed files with 42 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
exam/classes/Auth/AdminAuth.php
View File

@ -16,17 +16,35 @@ class AdminAuth implements IMiddleware
// No token
if ($token === null) {
Response::response()->httpCode(401)->json(["code" => "Unauthorized", "message" => "Not Authorized"]);
Response::response()
->header("Cache-control: no-cache")
->header("Access-Control-Allow-Origin: *")
->header("Access-Control-Allow-Methods: *")
->header("Access-Control-Allow-Headers: *")
->httpCode(401)
->json(["code" => "Unauthorized", "message" => "Not Authorized"]);
}
try {
$user = User::getByToken($token);
if (!$user->getIsAdmin()) {
Response::response()->httpCode(401)->json(["code" => "Unauthorized", "message" => "Not Authorized"]);
Response::response()
->header("Cache-control: no-cache")
->header("Access-Control-Allow-Origin: *")
->header("Access-Control-Allow-Methods: *")
->header("Access-Control-Allow-Headers: *")
->httpCode(401)
->json(["code" => "Unauthorized", "message" => "Not Authorized"]);
}
} catch (Exception $err) {
// No user with this token exists
Response::response()->httpCode(401)->json(["code" => "Unauthorized", "message" => "Not Authorized"]);
Response::response()
->header("Cache-control: no-cache")
->header("Access-Control-Allow-Origin: *")
->header("Access-Control-Allow-Methods: *")
->header("Access-Control-Allow-Headers: *")
->httpCode(401)
->json(["code" => "Unauthorized", "message" => "Not Authorized"]);
}
}
}

16
exam/classes/Auth/Auth.php
View File

@ -16,14 +16,26 @@ class Auth implements IMiddleware
// No token
if ($token === null) {
Response::response()->httpCode(401)->json(["code" => "Unauthorized", "message" => "Not Authorized"]);
Response::response()
->header("Cache-control: no-cache")
->header("Access-Control-Allow-Origin: *")
->header("Access-Control-Allow-Methods: *")
->header("Access-Control-Allow-Headers: *")
->httpCode(401)
->json(["code" => "Unauthorized", "message" => "Not Authorized"]);
}
try {
User::getByToken($token);
} catch (Exception $err) {
// No user with this token exists
Response::response()->httpCode(401)->json(["code" => "Unauthorized", "message" => "Not Authorized"]);
Response::response()
->header("Cache-control: no-cache")
->header("Access-Control-Allow-Origin: *")
->header("Access-Control-Allow-Methods: *")
->header("Access-Control-Allow-Headers: *")
->httpCode(401)
->json(["code" => "Unauthorized", "message" => "Not Authorized"]);
}
}
}

8
exam/classes/Auth/OptAuth.php
View File

@ -23,7 +23,13 @@ class OptAuth implements IMiddleware
User::getByToken($token);
} catch (Exception $err) {
// No user with this token exists
Response::response()->httpCode(401)->json(["code" => "Unauthorized", "message" => "Not Authorized"]);
Response::response()
->header("Cache-control: no-cache")
->header("Access-Control-Allow-Origin: *")
->header("Access-Control-Allow-Methods: *")
->header("Access-Control-Allow-Headers: *")
->httpCode(401)
->json(["code" => "Unauthorized", "message" => "Not Authorized"]);
}
}
}