Initial commit
This commit is contained in:
Paul Nicoué
commit
1ff19bf38f
830 changed files with 159212 additions and 0 deletions
24
kirby/config/api/authentication.php
Normal file
24
kirby/config/api/authentication.php
Normal file
|
|
@ -0,0 +1,24 @@
|
|||
<?php
|
||||
|
||||
use Kirby\Exception\PermissionException;
|
||||
|
||||
return function () {
|
||||
$auth = $this->kirby()->auth();
|
||||
$allowImpersonation = $this->kirby()->option('api.allowImpersonation') ?? false;
|
||||
|
||||
// csrf token check
|
||||
if ($auth->type($allowImpersonation) === 'session' && $auth->csrf() === false) {
|
||||
throw new PermissionException('Unauthenticated');
|
||||
}
|
||||
|
||||
// get user from session or basic auth
|
||||
if ($user = $auth->user(null, $allowImpersonation)) {
|
||||
if ($user->role()->permissions()->for('access', 'panel') === false) {
|
||||
throw new PermissionException(['key' => 'access.panel']);
|
||||
}
|
||||
|
||||
return $user;
|
||||
}
|
||||
|
||||
throw new PermissionException('Unauthenticated');
|
||||
};
|
||||
Loading…
Add table
Add a link
Reference in a new issue