Webservices

services/www/api/authenticator.php

@@ -0,0 +1,27 @@
+<?php
+
+class Authenticator {
+
+    private $db;
+
+    function __construct($db) {
+        $this->db = $db;
+    }
+
+    public function authenticate() {
+        $token = $_SERVER['HTTP_AUTHENTICATION'];
+        $query = "SELECT user_id FROM token WHERE token=:token AND expires>NOW() LIMIT 1";
+        $stmt = $this->db->prepare($query);
+        $stmt->bindParam(":token", $token);
+        if($stmt->execute()){
+            if ($row = $stmt->fetch(PDO::FETCH_ASSOC)) {
+                // Token found
+                return $row['user_id'];
+            }
+        }
+        http_response_code(401);
+        echo json_encode(array("error" => "Unauthorized"));
+        exit();
+        return 0;
+    }
+}