Skip to content
Jump to bottom

CFM-250_Allow_API_calls_from_within_the_Registry_application_without_the_need_for_an_API_user #69

Merged
merged 1 commit into from
Feb 9, 2023
+15 −14
Merged

CFM-250_Allow_API_calls_from_within_the_Registry_application_without_the_need_for_an_API_user #69

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
26 changes: 15 additions & 11 deletions app/src/Controller/Component/RegistryAuthComponent.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -129,8 +129,19 @@ public function beforeFilter(EventInterface $event) {
}

// Perform authorization check

if($this->getConfig('apiUser')) {

// Do we have an authenticated user session?
// Note we don't stuff anything into the session anymore, the only attribute
// is the username, which is actually loaded by login.php.

$auth = $session->read('Auth');

// Registry UI is now a hybrid implementation of VUE and CAKEPHP MVC.
// In order to allow a logged-in user to reach out to the backend without
// the need of an API User, but just with the use of the Session, we will
// skip the API user authorization if a user Session is available.
if(empty($auth) && $this->getConfig('apiUser')) {
// There are no unauthenticated API calls, so always require a valid user

try {
Expand Down Expand Up @@ -177,16 +188,9 @@ public function beforeFilter(EventInterface $event) {
if($controller->getName() == 'Pages') {
return true;
}

// Do we have an authenticated user session?
// Note we don't stuff anything into the session anymore, the only attribute
// is the username, which is actually loaded by login.php.

$auth = $session->read('Auth');


if(!empty($auth['external']['user'])) {
// We have a valid user name that is *authenticated* for the current request.
// We have a valid username that is *authenticated* for the current request.
// Note we haven't checked authorization, but this is how the authorization
// checks can get the authenticated username.
$controller->set('vv_user', ['username' => $auth['external']['user']]);
Expand Down
3 changes: 0 additions & 3 deletions app/webroot/js/comanage/comanage.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -254,9 +254,6 @@ function callRegistryAPI(
url: apiUrl,
method: httpMethod,
dataType: dataType,
headers: {
"Authorization": "Basic " + btoa("co_1.xhruser:vkam-9163-jwjp-4732")
},
data: data,
encode: true
})
Expand Down