Micro - Securing Routes

Question

Micro - Securing Routes

Ben Kilah Apr '16

Created Apr '16	Last Reply Apr '16	Replies 2	Views 551	Votes 0

Ben Kilah 3.5k

Apr '16

Hey There,

I've been looking at getting into Phalcon micro apps as REST services for my angularjs apps. I was wondering if it was possible to only secure certain routes in a micro app, rather then all routes.

Many thanks!

Ben.

Lajos Bencz · Answer 1 · 2016-04-11T03:00:50-07:00

Check this section of the docs: https://docs.phalcon.io/en/latest/reference/micro.html#middleware-events

You have to manually set up your ACL logic in the before function.

Jonathan Aaron Steel · Answer 2 · 2016-04-11T04:30:45-07:00

You can also use events manager.

$eventsManager = new \Phalcon\Events\Manager();

   if ($event->getType() == 'beforeExecuteRoute'){
            //Security first.
            //HMAC digest checksum etc.
            $clientId = $app->request->getHeader('MYAPI_ID');
            $time = $app->request->getHeader('MYAPI_TIME');
            $hash = $app->request->getHeader('MYAPI_HASH');
            //calculate hash from supplied headers..
            $result = doDigestCalc();

            if (!result) return false; // Return (false) stop the operation
            }