|
|
<?php |
|
|
header('Content-Type: application/json'); |
|
|
require_once '../models/TokenManager.php'; |
|
|
|
|
|
$tokenManager = new TokenManager(); |
|
|
|
|
|
|
|
|
$headers = getallheaders(); |
|
|
$auth_header = $headers['Authorization'] ?? ''; |
|
|
$token = ''; |
|
|
|
|
|
if (preg_match('/Bearer\s+(.*)$/i', $auth_header, $matches)) { |
|
|
$token = $matches[1]; |
|
|
} else { |
|
|
$token = $_GET['token'] ?? ''; |
|
|
} |
|
|
|
|
|
if (empty($token)) { |
|
|
http_response_code(401); |
|
|
echo json_encode(['error' => 'No token provided']); |
|
|
exit; |
|
|
} |
|
|
|
|
|
|
|
|
$endpoint = $_SERVER['REQUEST_URI']; |
|
|
$ip_address = $_SERVER['REMOTE_ADDR']; |
|
|
$user_agent = $_SERVER['HTTP_USER_AGENT'] ?? ''; |
|
|
$method = $_SERVER['REQUEST_METHOD']; |
|
|
|
|
|
|
|
|
$result = $tokenManager->validateAndLogUsage($token, $endpoint, $ip_address, $user_agent, $method); |
|
|
|
|
|
if ($result['valid']) { |
|
|
echo json_encode([ |
|
|
'valid' => true, |
|
|
'user' => $result['username'], |
|
|
'permissions' => $result['permissions'], |
|
|
'timestamp' => date('c') |
|
|
]); |
|
|
} else { |
|
|
http_response_code(401); |
|
|
echo json_encode([ |
|
|
'valid' => false, |
|
|
'error' => $result['error'] |
|
|
]); |
|
|
} |
|
|
?> |
