gnh1201/seeddms-code
1
0
Fork 0
mirror of https://git.code.sf.net/p/seeddms/code synced 2025-02-06 07:04:57 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

do more logging during authentication

Browse Source
This commit is contained in:
Uwe Steinmann 2022-11-07 12:19:58 +01:00
parent 196fa91a27
commit 31e47d4fbe
1 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
restapi/index.php
View File

@ -2639,6 +2639,7 @@ class Auth { /* {{{ */
$logger = $this->container->logger;
$logger->log("Access with method ".$request->getMethod()." on '".$request->getUri()->getPath()."'".(isset($this->container->environment['HTTP_ORIGIN']) ? " with origin ".$this->container->environment['HTTP_ORIGIN'] : ''), PEAR_LOG_INFO);
if($settings->_apiOrigin && isset($this->container->environment['HTTP_ORIGIN'])) {
$logger->log("Checking origin", PEAR_LOG_DEBUG);
$origins = explode(',', $settings->_apiOrigin);
if(!in_array($this->container->environment['HTTP_ORIGIN'], $origins)) {
return $response->withStatus(403);
@ -2648,9 +2649,11 @@ class Auth { /* {{{ */
* don't even try to authorize.
*/
if($request->getMethod() == 'OPTIONS') {
$logger->log("Received preflight options request", PEAR_LOG_DEBUG);
} elseif(!in_array($request->getUri()->getPath(), array('login')) && substr($request->getUri()->getPath(), 0, 5) != 'echo/') {
$userobj = null;
if(!empty($this->container->environment['HTTP_AUTHORIZATION']) && !empty($settings->_apiKey) && !empty($settings->_apiUserId)) {
$logger->log("Authorization key: ".$this->container->environment['HTTP_AUTHORIZATION'], PEAR_LOG_DEBUG);
if($settings->_apiKey == $this->container->environment['HTTP_AUTHORIZATION']) {
if(!($userobj = $dms->getUser($settings->_apiUserId))) {
return $response->withStatus(403);