[英]PHP REST Tonic and authentication
I'm using the PHP Tonic framework. 我正在使用PHP Tonic框架。 I took this example as starting point: GitHub link 我以以下示例为起点: GitHub链接
I would like to add an auth method based on cookie. 我想添加一个基于cookie的auth方法。 Is that the correct solution? 那是正确的解决方案吗? The previous one was based on a token variable in the querystring something like: /serviceName?token=XXXXXXXXxxXX* * & The token was valid for 10 seconds. 上一个基于查询字符串中的令牌变量,例如:/ serviceName?token = XXXXXXXXxxXX * * &令牌有效10秒钟。
Of course, it's not a proper solution. 当然,这不是一个适当的解决方案。 I cannot use the browser cache, because the token changes every call. 我无法使用浏览器缓存,因为令牌会更改每个调用。 Ideas? 想法?
A possible solution is using the HTTP headers. 一种可能的解决方案是使用HTTP标头。
$urlToCall = '<get the link>';
$credentials = Crypt::createToken();
$reqHeaders = apache_request_headers();
// Configuring curl options extra:CURLOPT_HEADER => 1,
$options = array(
CURLOPT_RETURNTRANSFER => true,
CURLOPT_HTTPHEADER => array('Authorization: ' . $credentials)
);
$ch = curl_init($urlToCall);
curl_setopt_array($ch, $options);
$response = curl_exec($ch);
/*
//$header_size = curl_getinfo($ch, CURLINFO_HEADER_SIZE);
//$header = substr($response, 0, $header_size);
//$body = substr($response, $header_size);
if (curl_errno($ch)) {
print curl_error($ch);
} else {
list($headers, $content) = explode("\r\n\r\n", $response, 2);
foreach (explode("\r\n", $headers) as $hdr) {
header($hdr);
//echo $hdr . '<br>';
//print_r($hdr);
}
echo $content;
}
*/
if (curl_errno($ch)) {
print curl_error($ch);
} else {
header("Accept: " . $reqHeaders['Accept']);
$finfo = new finfo(FILEINFO_MIME);
header("Content-Type: " . $finfo->buffer($response));
print $response;
}
curl_close($ch);
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.