Love Fuel?    Donate

FuelPHP Forums

Ask your question about FuelPHP in the appropriate forum, or help others by answering their questions.
REST Controller, sending a response in the before() method.
  • danmatthewsdanmatthews
    I'm currently writing a REST controller for my app, and would like to use the before() method in the Controller_Rest to perform an authentication check that is required to access _every_ method in the controller. The check logic runs fine (i'm looking for a header called X-Simply-Authenticate, and all the methods in the controller are POST), but when i try and return a response using $this->response(array('Error' => 'Authentication Failed'), 401); nothing is happenning. I've also tried calling a method (called authenticate, in the same controller) from _each_ post request, using $this->authenticateRequest(), but this has the same effect, and doesn't have the desired effect either. I realise this is probably something i'm doing that is conflicting with the way REST controllers function, but can anyone suggest a DRY way to authenticate each request automatically, and return the proper 401 response when it does not authenticate.
  • mookeymookey
    Hi, can you post your solution for the problem? I have been same problem i like do to something like
    public function before()
{
   if(!Input::get('authKey') || !$this->valide_auth_key(Input::get('authKey') ))
  {
      $this->response(array('error' => 'Permission denie'), 400);
  }
}
    thx
    mario
  • danmatthewsdanmatthews
    https://gist.github.com/3240064 I knocked that up quickly so apologies if there's mistakes, but that's almost the exact code i used. The static validate method is just a static method inside that controller that processed the API key.
  • mookeymookey
    danmatthews wrote on Thursday 2nd of August 2012:
    https://gist.github.com/3240064 I knocked that up quickly so apologies if there's mistakes, but that's almost the exact code i used. The static validate method is just a static method inside that controller that processed the API key.

    O.O -> thx for that ultra fast response :D [Edit]
    works perfect for me ^^
  • Jelmer SchreuderJelmer Schreuder
    The before() is not part of the request->response flow, it's meant to setup conditions under which the request->response logic is being run. Whatever before() returns is never used. The after() method in contrast is meant for finishing up a response that has already been generated and as such is able to influence the flow. When the before() method is being run there's nothing but for the already assigned ->request property on the controller. For something like you're doing using a router() method is probably the best solution. It takes over the internal routing of the Controller and gets passed the method and the method arguments - instead of an action method being called. The before() and after() methods will be executed as usual, before and after the router() method was executed. The router method is expected to return a response as any normal action but leaves it up to you to decide how. The REST controller uses the router method itself so you'll probably want to do your checking, return some error message when it fails and call parent::router($method, $args) when it succeeds. Which means it'll call the get_/post_/etc prefixed methods to generate the response.
  • danmatthewsdanmatthews
    Thanks very much Jelmer, i had a feeling that before() was out of the flow of the REST logic. I'll try the router() method for that. Again, thanks for taking the time to respond. Dan.
Add a Comment

Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Sign In Apply for Membership

Categories

In this Discussion