I am writing a REST API with slim. I have written a small middleware to protect resources so that only A certified user can access them:
& lt ;? Expansion of Php Class Security Models \ Slim \ Middleware {Protected $ Resources; Public function __ composition ($ resource) {$ this- & resource; Resource = $ resource; } Public function call () {// app $$ app = $ this- & gt; Get references for the app; // Scout Route, which are allowed without unique access token: $ publicRoutes = ["/", "/ login", "/ about"]; If (in_array ($ app- & gt; request () -> getPathInfo (), publicRoutes)) {$ this- & gt; Next-> Call (); // let's go} other {// validate: if ($ this-> is resource-> invalid ()) {$ this- & gt; Next-> Call (); // passed verification, let's go} Other {$ app-> Feedback-> setstats ('403'); // Verification failed $ app- & gt; Feedback-> Body (json_encode (array ("error" = & gt; "access token problem"))); Return; }}}} This works, but the unwanted side effect is that the middleware does not distinguish between existing routes and non-existing routes. For example, if a user tries to request a code such as / dfghdfgh which does not exist, instead of getting a 404 HTTP status code, 403 would say that no access The token is not there. I would like to implement the following check on middleware class:
if ($ app- & quot; heroout ($ app- & gt; request- & gt; getPathInfo ()) {$ this -> Next> Call (); // Let's get the user 404 from the app.} How can any ideas be obtained?
I use one to do what you are trying to do, as if the mamveller suggested, But you first skinny Instead of a hook, .id.expatch . If the path your user is trying to visit does not exist, the hook will never be called and threw out 404
Comments
Post a Comment