堆栈内存溢出
  简体   繁体   English

codeigniter API-如何检查每个POST的特定值

[英]codeigniter API - how can I check every POST for a certain value

 原文  2014-06-19 15:20:58       php/ codeigniter/ post

问题描述

I just asked THIS QUESTION and got a rather obvious and simple answer (over complicating things as always!) 我只是问了这个问题 ,得到了一个非常明显而简单的答案(一如既往地使事情变得复杂!)

The proposed solution says that every time I contact my own API I send over a 'token' - 128 bit say. 提出的解决方案说,每次我联系自己的API时,都会发送一个“令牌”(128位发言权)。

Instead I though I could do a check to see if user is logged in first (so my own website does not have to authorise each time) and if not check the posts for a 'token' 相反,我虽然可以检查用户是否首先登录(因此我自己的网站不必每次都进行授权),如果没有,请检查帖子中是否有“令牌”

What I now want to do is check every incoming POST to my API for the token. 我现在想做的是检查到API的每个传入POST的令牌。

ie use the constructor to do this rather than having to add a 'has_token' method to every single method across all my controllers. 即使用构造函数来执行此操作,而不必在所有控制器上的每个方法中都添加“ has_token”方法。

Is there a way to do this in the constructor so that any request will check against this token? 有没有办法在构造函数中执行此操作,以便任何请求都将对此令牌进行检查? 

public function __construct()
   {
        parent::__construct();
        if (!$this->authentication->logged_in())
        {
             if(!POST_DATA['token'] == "tokenValue"){ //PSEUDO CODE HERE FOR WHAT I WANT TO BE ABLE TO DO
                       redirect('auth/login', 'refresh');
                     } 

        }
  }

basically is there a way to intercept all post data from none-logged in users and check that post has a 'token' set before continuing -> if not I will return an error 'invalid token' or 'token missing' (I am aware the code above does not do this!) 基本上有一种方法可以拦截未登录用户的所有帖子数据,并在继续之前检查帖子是否设置了“令牌”->如果没有,我将返回错误“无效令牌”或“令牌丢失”(我知道上面的代码无法执行此操作!)

Thanks in advance. 提前致谢。

1 个解决方案

解决方案1
 1 已采纳  2014-06-19 15:44:50

Is this right? 这是正确的吗? Check if the user is logged in, if they're not, check the $_POST for a token, and then check if the token is valid? 检查用户是否登录,如果不是,则检查$ _POST以获取令牌,然后检查该令牌是否有效? 

if ( ! $this->auth->logged_in() )
{
    if ( $this->input->post('token') )
    {
        if ( ! $this->token_model->check_token($this->input->post('token')) )
        {
            // Invalid token....
        }
    }
    else
    {
        // No token found
    }
}

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 如何在 codeigniter 中检查请求是 POST 还是 GET 请求? - How can I check if request was a POST or GET request in codeigniter? 我如何将价值从Ajax发布到Controller(Codeigniter) - How can i post value from Ajax to Controller (Codeigniter) 我如何从Codeigniter中的控制器检查变量的值 - how can i check the value of a variable from a controller in codeigniter 我如何检查一个值是否在 codeigniter result_array() 中 - How can i check if a value is in codeigniter result_array() 如何快速检查CodeIgniter中的GET和POST变量是否同时设置和为数字? - How can I quickly check if GET and POST variables in CodeIgniter are both set and numeric? 我如何检查用户是否更改了帖子值? - How can i check if user changed post value? 在Codeigniter中如何检查更新? - In codeigniter How i can check update? 如何在codeigniter中对$ _POST进行全部处理而不进行任何消毒操作? - How can i get $_POST full value without any sanitization operation on it in codeigniter? 如何在Codeigniter中创建API? - How can I create an API in Codeigniter? 如何在 Codeigniter 中显示具有特定字段绑定条件的字段? - How can I display a field with a certain field bound condition in Codeigniter?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM