mic*_*ael 2 php rest middleware slim access-token
我已经设置了一个RESTful API和一个单独的客户端网站来调用它.
客户端网站使用资源所有者密码凭据授予类型oAuth2从API获取访问令牌(来自https://myapi.com/v1/oauth/token)
对API的每次其他调用都必须包含访问令牌才能访问数据.
使用Slim框架,我如何获取访问令牌,为属于访问令牌的用户查询数据库并使该用户模型可用于路由?
我想做这样的事情,但我不确定如何......
function validateAccessToken() {
$access_token = $_GET["access_token"];
$user = \models\user::where("access_token", "=", $access_token)->first();
if($user === NULL) {
throw new exception("Invalid access token");
}
return $user
}
$app->get("/v1/emails", validateAccessToken(), function() use ($app) {
$emails = \models\emails::where("user_id", "=", $user->id)->toArray();
echo(json_encode($emails));
});
$validateAccessToken= function($app) {
return function () use ($app) {
$access_token = $app->request()->get("access_token");
$user = \models\user::where("access_token", "=", $access_token)->first();
if($user === NULL) {
$app->redirect("/errorpage");
}
};
};
$app->get("/v1/emails", $validateAccessToken($app), function() use ($app) {
// here you have to define $user once again
$access_token = $app->request()->get("access_token");
$user = \models\user::where("access_token", "=", $access_token)->first();
$emails = \models\emails::where("user_id", "=", $user->id)->toArray();
echo(json_encode($emails));
});