mirrors/wallabag
1
0
Fork 0
mirror of https://github.com/wallabag/wallabag.git synced 2024-06-16 04:00:45 +00:00
Code Issues Projects Releases Wiki Activity

authentication on API

Browse source
This commit is contained in:
Nicolas Lœuillet 2015-02-09 13:59:48 +01:00
parent 89c03230c3
commit 0ac38198ab
2 changed files with 11 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
app/config/security.yml
View file

@ -16,9 +16,11 @@ security:
# the main part of the security, where you can set up firewalls
# for specific sections of your app
firewalls:
#wsse_secured:
# pattern: /api/.*
# wsse: true
wsse_secured:
pattern: /api/.*
wsse: true
stateless: true
anonymous: true
login_firewall:
pattern: ^/login$
anonymous: ~

6
src/Wallabag/CoreBundle/Security/Authentication/Provider/WsseProvider.php
View file

@ -44,6 +44,12 @@ class WsseProvider implements AuthenticationProviderInterface
if (file_exists($this->cacheDir.'/'.$nonce) && file_get_contents($this->cacheDir.'/'.$nonce) + 300 > time()) {
throw new NonceExpiredException('Previously used nonce detected');
}
// If cache directory does not exist we create it
if (!is_dir($this->cacheDir)) {
mkdir($this->cacheDir, 0777, true);
}
file_put_contents($this->cacheDir.'/'.$nonce, time());
// Valide le Secret