Tom Shaw
Reputation: 1712
Apigility Custom Db Filter Based on oAuth Request
I'm building a REST DB connected system where users can only create/fetch/query their own data based on the client_id or user_id doesn't matter. I've successfully implemented oAuth and Mapper/Resource objects to go along with my Entity/Collection. After a successful oAuth request using an access token is there a recommended way to get the client_id or user_id so I can filter database queries based on who made the request?
Upvotes: 0
Views: 97
Answers (1)
Tom Shaw
Reputation: 1712
Solved. a simple solution is in the API config inject an instance of \ZF\MvcAuth\Identity\AuthenticatedIdentity into the service mapper.
if ($sm->has('api-identity')) {
$mapper->setAuthenticatedIdentity($sm->get('api-identity'));
} else {
$mapper->setAuthenticatedIdentity(new \ZF\MvcAuth\Identity\AuthenticatedIdentity());
}
In the Mapper add setter/getters.
protected $authenticatedIdentity;
public function setAuthenticatedIdentity(\ZF\MvcAuth\Identity\AuthenticatedIdentity $authenticatedIdentity)
{
$this->authenticatedIdentity = $authenticatedIdentity;
}
protected function getAuthenticatedIdentity()
{
return $this->authenticatedIdentity;
}
Finally.
print_r(get_class_methods($this->getAuthenticatedIdentity()));
Upvotes: 1
Related Questions
- Detecting request type in PHP (GET, POST, PUT or DELETE)
- How do I send a POST request with PHP?
- Converting a Postman request to curl
- Apigility and oAuth for users
- Filter an array collection relation
- How to create action based on resource in zend apigility like -- /users/[/:user_id]/customAction
- ApiGility - Returning custom collections
- Make Oauth API calls with existing Access Token and Access Token Secret
- Add custom route to Apigility