sessiuin controls
This commit is contained in:
@@ -99,6 +99,14 @@ abstract class BaseController extends Controller
|
||||
return $wrenchboard->cfgReadChar($config_item);
|
||||
}
|
||||
|
||||
public function sessionCheck($sessionid,$member_id){
|
||||
$in["action"] = WRENCHBOARD_SESSION_CHECK;
|
||||
$in["sessionid"] = $sessionid;
|
||||
$in["member_id"] = $member_id;
|
||||
$wrenchboard = new \App\Models\BackendModel();
|
||||
$ret = $wrenchboard->wrenchboard_api($in, $out);
|
||||
return $ret;
|
||||
}
|
||||
public function endPointList(){
|
||||
|
||||
$endpoints = [
|
||||
@@ -281,4 +289,27 @@ abstract class BaseController extends Controller
|
||||
// }
|
||||
return 0;
|
||||
}
|
||||
|
||||
public function sessionExcludedList(){
|
||||
|
||||
$excludedPoint = [
|
||||
'apigate' => ['POST'],
|
||||
'generics' => ['POST'],
|
||||
'createuser' => ['POST'],
|
||||
'verifysignuplink' => ['POST'],
|
||||
'completesignuplink' => ['POST'],
|
||||
'createmobileuser' => ['POST'],
|
||||
'completemobileuser' => ['POST'],
|
||||
'startresetpasword' => ['POST'],
|
||||
'stepresetpass' => ['POST'],
|
||||
'userlogin' => ['POST'],
|
||||
'authlogin' => ['POST'],
|
||||
'startjoblist' => ['POST'],
|
||||
'sitecontact' => ['POST'],
|
||||
'signupcountry' => ['POST'],
|
||||
'blogdata' => ['POST'],
|
||||
'blogitem' => ['POST'],
|
||||
];
|
||||
return $excludedPoint;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -486,6 +486,19 @@ class WrenchApi extends BaseController
|
||||
$in = $this->prepareEndPointData($endpoint, $raw_array,$call_backend,$local_out);
|
||||
log_message('critical', "wrenchboard_api-CALL PREPARE DATA".serialize($in) );
|
||||
|
||||
$ecludedEndpoints = $this->sessionExcludedList();
|
||||
$out = array();
|
||||
$res1 = [];
|
||||
if (!array_key_exists($endpoint, $ecludedEndpoints)) {
|
||||
// we need to check session now
|
||||
if ( $this->sessionCheck($in["sessionid"],$in["member_id"]) != PHP_API_OK){
|
||||
$call_backend = false;
|
||||
$local_out["status_msg"] = "invalid_session_msg";
|
||||
$out['internal_return'] = PHP_INVALID_SESSION;
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
|
||||
if ( $call_backend == true && $in["action"] !='' ){
|
||||
$wrenchboard = new \App\Models\BackendModel();
|
||||
|
||||
Reference in New Issue
Block a user