Micro - Securing Routes

Hey There,

I've been looking at getting into Phalcon micro apps as REST services for my angularjs apps. I was wondering if it was possible to only secure certain routes in a micro app, rather then all routes.

Many thanks!


Check this section of the docs: https://docs.phalcon.io/en/latest/reference/micro.html#middleware-events

You have to manually set up your ACL logic in the before function.

edited Apr '16

You can also use events manager.

$eventsManager = new \Phalcon\Events\Manager();

   if ($event->getType() == 'beforeExecuteRoute'){
            //Security first.
            //HMAC digest checksum etc.
            $clientId = $app->request->getHeader('MYAPI_ID');
            $time = $app->request->getHeader('MYAPI_TIME');
            $hash = $app->request->getHeader('MYAPI_HASH');
            //calculate hash from supplied headers..
            $result = doDigestCalc();

            if (!result) return false; // Return (false) stop the operation