Initial commit
This commit is contained in:
Paul Nicoué
commit
73c6b816c0
716 changed files with 170045 additions and 0 deletions
27
kirby/config/api/authentication.php
Normal file
27
kirby/config/api/authentication.php
Normal file
|
|
@ -0,0 +1,27 @@
|
|||
<?php
|
||||
|
||||
use Kirby\Exception\PermissionException;
|
||||
|
||||
return function () {
|
||||
$auth = $this->kirby()->auth();
|
||||
$allowImpersonation = $this->kirby()->option('api.allowImpersonation') ?? false;
|
||||
|
||||
// csrf token check
|
||||
if (
|
||||
$auth->type($allowImpersonation) === 'session' &&
|
||||
$auth->csrf() === false
|
||||
) {
|
||||
throw new PermissionException('Unauthenticated');
|
||||
}
|
||||
|
||||
// get user from session or basic auth
|
||||
if ($user = $auth->user(null, $allowImpersonation)) {
|
||||
if ($user->role()->permissions()->for('access', 'panel') === false) {
|
||||
throw new PermissionException(['key' => 'access.panel']);
|
||||
}
|
||||
|
||||
return $user;
|
||||
}
|
||||
|
||||
throw new PermissionException('Unauthenticated');
|
||||
};
|
||||
Loading…
Add table
Add a link
Reference in a new issue