pierre/wallabag
1
0
Fork 0
forked from wallabag/wallabag
Code Issues Pull Requests Packages Projects Releases 1 Wiki Activity

authentication on API

Browse Source
This commit is contained in:
Nicolas Lœuillet
2015-02-09 13:59:48 +01:00
parent 89c03230c3
commit 0ac38198ab
2 changed files with 11 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
app/config/security.yml
View File

@ -16,9 +16,11 @@ security:
# the main part of the security, where you can set up firewalls # the main part of the security, where you can set up firewalls
# for specific sections of your app # for specific sections of your app
firewalls: firewalls:
#wsse_secured: wsse_secured:
# pattern: /api/.* pattern: /api/.*
# wsse: true wsse: true
stateless: true
anonymous: true
login_firewall: login_firewall:
pattern: ^/login$ pattern: ^/login$
anonymous: ~ anonymous: ~

6
src/Wallabag/CoreBundle/Security/Authentication/Provider/WsseProvider.php
View File

@ -44,6 +44,12 @@ class WsseProvider implements AuthenticationProviderInterface
if (file_exists($this->cacheDir.'/'.$nonce) && file_get_contents($this->cacheDir.'/'.$nonce) + 300 > time()) { if (file_exists($this->cacheDir.'/'.$nonce) && file_get_contents($this->cacheDir.'/'.$nonce) + 300 > time()) {
throw new NonceExpiredException('Previously used nonce detected'); throw new NonceExpiredException('Previously used nonce detected');
} }
// If cache directory does not exist we create it
if (!is_dir($this->cacheDir)) {
mkdir($this->cacheDir, 0777, true);
}
file_put_contents($this->cacheDir.'/'.$nonce, time()); file_put_contents($this->cacheDir.'/'.$nonce, time());
// Valide le Secret // Valide le Secret