mirrors/wallabag
1
0
Fork 0
mirror of https://github.com/wallabag/wallabag.git synced 2024-06-25 00:20:34 +00:00
Code Issues Projects Releases Wiki Activity

authentication on API

Browse source
This commit is contained in:
Nicolas Lœuillet 2015-02-09 13:59:48 +01:00
parent 89c03230c3
commit 0ac38198ab
2 changed files with 11 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
app/config/security.yml
View file

@ -16,9 +16,11 @@ security:
# the main part of the security, where you can set up firewalls # the main part of the security, where you can set up firewalls
# for specific sections of your app # for specific sections of your app
firewalls: firewalls:
#wsse_secured: wsse_secured:
# pattern: /api/.* pattern: /api/.*
# wsse: true wsse: true
stateless: true
anonymous: true
login_firewall: login_firewall:
pattern: ^/login$ pattern: ^/login$
anonymous: ~ anonymous: ~

6
src/Wallabag/CoreBundle/Security/Authentication/Provider/WsseProvider.php
View file

@ -44,6 +44,12 @@ class WsseProvider implements AuthenticationProviderInterface
if (file_exists($this->cacheDir.'/'.$nonce) && file_get_contents($this->cacheDir.'/'.$nonce) + 300 > time()) { if (file_exists($this->cacheDir.'/'.$nonce) && file_get_contents($this->cacheDir.'/'.$nonce) + 300 > time()) {
throw new NonceExpiredException('Previously used nonce detected'); throw new NonceExpiredException('Previously used nonce detected');
} }
// If cache directory does not exist we create it
if (!is_dir($this->cacheDir)) {
mkdir($this->cacheDir, 0777, true);
}
file_put_contents($this->cacheDir.'/'.$nonce, time()); file_put_contents($this->cacheDir.'/'.$nonce, time());
// Valide le Secret // Valide le Secret