From b6dd2e31527216f7ac382789d245336c1e7c900f Mon Sep 17 00:00:00 2001 From: drigato Date: Mon, 3 Mar 2014 16:04:34 -0500 Subject: [PATCH] CC-5701: Airtime File API --- .../rest/controllers/MediaController.php | 18 +++++------------- 1 file changed, 5 insertions(+), 13 deletions(-) diff --git a/airtime_mvc/application/modules/rest/controllers/MediaController.php b/airtime_mvc/application/modules/rest/controllers/MediaController.php index 304e11365..14eb7c9b4 100644 --- a/airtime_mvc/application/modules/rest/controllers/MediaController.php +++ b/airtime_mvc/application/modules/rest/controllers/MediaController.php @@ -106,7 +106,7 @@ class Rest_MediaController extends Zend_Rest_Controller if (!$id = $this->_getParam('id', false)) { $resp = $this->getResponse(); $resp->setHttpResponseCode(400); - $resp->appendBody("ERROR: No show ID specified."); + $resp->appendBody("ERROR: No file ID specified."); return false; } return $id; @@ -115,23 +115,15 @@ class Rest_MediaController extends Zend_Rest_Controller private function verifyAPIKey() { //The API key is passed in via HTTP "basic authentication": - // http://en.wikipedia.org/wiki/Basic_access_authentication + // http://en.wikipedia.org/wiki/Basic_access_authentication - //TODO: Fetch the user's API key from the database to check against - $unencodedStoredApiKey = "foobar"; - $encodedStoredApiKey = base64_encode($unencodedStoredApiKey . ":"); + $CC_CONFIG = Config::getConfig(); - //Decode the API key that was passed to us in the HTTP request. $authHeader = $this->getRequest()->getHeader("Authorization"); - $encodedRequestApiKey = substr($authHeader, strlen("Basic ")); - //if ($encodedRequestApiKey === $encodedStoredApiKey) - if (true) - { + if (in_array($authHeader, $CC_CONFIG["apiKey"])) { return true; - } - else - { + } else { $resp = $this->getResponse(); $resp->setHttpResponseCode(401); $resp->appendBody("ERROR: Incorrect API key.");