Kilian/PHP-Course
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

CORS Unauth repsonse

Browse Source
This commit is contained in:
Kilian Hofmann 2024-07-25 22:19:38 +02:00
parent 202e89382a
commit 2091bdb4e3
3 changed files with 42 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
exam/classes/Auth/AdminAuth.php
View File

@ -16,17 +16,35 @@ class AdminAuth implements IMiddleware
// No token // No token
if ($token === null) { if ($token === null) {
Response::response()->httpCode(401)->json(["code" => "Unauthorized", "message" => "Not Authorized"]); Response::response()
->header("Cache-control: no-cache")
->header("Access-Control-Allow-Origin: *")
->header("Access-Control-Allow-Methods: *")
->header("Access-Control-Allow-Headers: *")
->httpCode(401)
->json(["code" => "Unauthorized", "message" => "Not Authorized"]);
} }
try { try {
$user = User::getByToken($token); $user = User::getByToken($token);
if (!$user->getIsAdmin()) { if (!$user->getIsAdmin()) {
Response::response()->httpCode(401)->json(["code" => "Unauthorized", "message" => "Not Authorized"]); Response::response()
->header("Cache-control: no-cache")
->header("Access-Control-Allow-Origin: *")
->header("Access-Control-Allow-Methods: *")
->header("Access-Control-Allow-Headers: *")
->httpCode(401)
->json(["code" => "Unauthorized", "message" => "Not Authorized"]);
} }
} catch (Exception $err) { } catch (Exception $err) {
// No user with this token exists // No user with this token exists
Response::response()->httpCode(401)->json(["code" => "Unauthorized", "message" => "Not Authorized"]); Response::response()
->header("Cache-control: no-cache")
->header("Access-Control-Allow-Origin: *")
->header("Access-Control-Allow-Methods: *")
->header("Access-Control-Allow-Headers: *")
->httpCode(401)
->json(["code" => "Unauthorized", "message" => "Not Authorized"]);
} }
} }
} }

16
exam/classes/Auth/Auth.php
View File

@ -16,14 +16,26 @@ class Auth implements IMiddleware
// No token // No token
if ($token === null) { if ($token === null) {
Response::response()->httpCode(401)->json(["code" => "Unauthorized", "message" => "Not Authorized"]); Response::response()
->header("Cache-control: no-cache")
->header("Access-Control-Allow-Origin: *")
->header("Access-Control-Allow-Methods: *")
->header("Access-Control-Allow-Headers: *")
->httpCode(401)
->json(["code" => "Unauthorized", "message" => "Not Authorized"]);
} }
try { try {
User::getByToken($token); User::getByToken($token);
} catch (Exception $err) { } catch (Exception $err) {
// No user with this token exists // No user with this token exists
Response::response()->httpCode(401)->json(["code" => "Unauthorized", "message" => "Not Authorized"]); Response::response()
->header("Cache-control: no-cache")
->header("Access-Control-Allow-Origin: *")
->header("Access-Control-Allow-Methods: *")
->header("Access-Control-Allow-Headers: *")
->httpCode(401)
->json(["code" => "Unauthorized", "message" => "Not Authorized"]);
} }
} }
} }

8
exam/classes/Auth/OptAuth.php
View File

@ -23,7 +23,13 @@ class OptAuth implements IMiddleware
User::getByToken($token); User::getByToken($token);
} catch (Exception $err) { } catch (Exception $err) {
// No user with this token exists // No user with this token exists
Response::response()->httpCode(401)->json(["code" => "Unauthorized", "message" => "Not Authorized"]); Response::response()
->header("Cache-control: no-cache")
->header("Access-Control-Allow-Origin: *")
->header("Access-Control-Allow-Methods: *")
->header("Access-Control-Allow-Headers: *")
->httpCode(401)
->json(["code" => "Unauthorized", "message" => "Not Authorized"]);
} }
} }
} }