PluginProbe ʕ •ᴥ•ʔ
Booking for Appointments and Events Calendar – Amelia / trunk
Booking for Appointments and Events Calendar – Amelia vtrunk
2.4.3 2.4.2 2.4.1 2.4 trunk 1.2.1 1.2.10 1.2.11 1.2.12 1.2.13 1.2.14 1.2.15 1.2.16 1.2.17 1.2.18 1.2.19 1.2.2 1.2.20 1.2.21 1.2.22 1.2.23 1.2.24 1.2.25 1.2.26 1.2.27 1.2.28 1.2.29 1.2.3 1.2.30 1.2.31 1.2.32 1.2.33 1.2.34 1.2.35 1.2.36 1.2.37 1.2.38 1.2.4 1.2.5 1.2.6 1.2.7 1.2.8 1.2.9 2.0 2.0.1 2.0.2 2.1 2.1.1 2.1.2 2.1.3 2.2 2.2.1 2.3
ameliabooking / src / Application / Controller / Mobile / MobileV1Controller.php
ameliabooking / src / Application / Controller / Mobile Last commit date
Appointments 2 weeks ago Events 2 weeks ago GetMobileInfoController.php 2 weeks ago MobileV1Controller.php 2 weeks ago
MobileV1Controller.php
63 lines
1 <?php
2
3 namespace AmeliaBooking\Application\Controller\Mobile;
4
5 use AmeliaBooking\Application\Controller\Controller;
6 use AmeliaVendor\Psr\Http\Message\ServerRequestInterface as Request;
7 use AmeliaVendor\Psr\Http\Message\ResponseInterface as Response;
8
9 /**
10 * Base controller for all /mobile/v1/ routes.
11 *
12 * Enforces two invariants so individual mobile controllers don't have to:
13 *
14 * 1. A Bearer token is required. If it is missing the response is a 409 JSON
15 * body with `data.reauthorize = true` — the same shape the mobile app
16 * already handles for expired sessions, so it drives the user back to
17 * the login screen rather than crashing.
18 *
19 * 2. The cabinet context (`source = cabinet-provider`) is forced by the route
20 * itself. Subclasses call `forceCabinetContext($command)` so the client
21 * never needs to send — or can fake — the source parameter.
22 */
23 abstract class MobileV1Controller extends Controller
24 {
25 /**
26 * @param Request $request
27 * @param Response $response
28 * @param $args
29 * @param bool $validApiCall
30 *
31 * @return Response
32 */
33 public function __invoke(Request $request, Response $response, $args, $validApiCall = false)
34 {
35 $authHeader = $request->getHeaderLine('Authorization');
36 $parts = explode(' ', trim($authHeader));
37
38 if (count($parts) !== 2 || $parts[0] !== 'Bearer' || empty($parts[1])) {
39 $response = $response->withStatus(self::STATUS_CONFLICT);
40 $response = $response->withHeader('Content-Type', 'application/json;charset=utf-8');
41 $response->getBody()->write(
42 json_encode(['message' => 'error', 'data' => ['reauthorize' => true]])
43 );
44
45 return $response;
46 }
47
48 return parent::__invoke($request, $response, $args, $validApiCall);
49 }
50
51 /**
52 * Forces cabinet-provider context on the command regardless of what the
53 * client sends. Subclasses call this inside instantiateCommand() instead
54 * of reading the `source` query param.
55 *
56 * @param \AmeliaBooking\Application\Commands\Command $command
57 */
58 protected function forceCabinetContext($command)
59 {
60 $command->setPage('cabinet-provider');
61 }
62 }
63