Properly merge main with this branch for real

leepeuker · Feb 25, 2024 · 540e7a6 · 540e7a6
1 parent a367d20
commit 540e7a6
Show file tree

Hide file tree

Showing 4 changed files with 62 additions and 1 deletion.
diff --git a/docs/openapi.json b/docs/openapi.json
@@ -1066,6 +1066,45 @@
         }
       }
     },
+    "/authentication/authenticated": {
+      "get": {
+        "tags": [
+          "Authentication"
+        ],
+        "summary": "Checks the authentication status of the user.",
+        "description": "Checks if the user is authenticated based on cookie.. The response is a JSON object with the authentication status and an optional username + userId of the authenticated user",
+        "responses": {
+          "200": {
+            "description": "OK",
+            "content": {
+              "application/json": {
+                "schema": {
+                  "type": "object",
+                  "properties": {
+                    "authenticated": {
+                      "type": "boolean",
+                      "description": "True if authenticated, false if unauthenticated."
+                    },
+                    "username": {
+                      "type": "string",
+                      "description": "The username of the authenticated user. It's empty if the user is unauthenticated."
+                    },
+                    "userId": {
+                      "type": "integer",
+                      "description": "The ID of the authenticated user. It's empty if the user is unauthenticated."
+                    },
+                    "isAdmin": {
+                      "type": "boolean",
+                      "description": "True if the user is an admin, False if the user isn't."
+                    }
+                  }
+                }
+              }
+            }
+          }
+        }
+      }
+    },
     "/authentication/token": {
       "post": {
         "tags": [

diff --git a/settings/routes.php b/settings/routes.php
@@ -203,6 +203,7 @@ function addApiRoutes(RouterService $routerService, FastRoute\RouteCollector $ro
 
     $routes->add('GET', '/openapi', [Api\OpenApiController::class, 'getSchema']);
     $routes->add('POST', '/authentication/token', [Api\AuthenticationController::class, 'createToken']);
+    $routes->add('GET', '/authentication/authenticated', [Api\AuthenticationController::class, 'isAuthenticated']);
 
     $routeUserHistory = '/users/{username:[a-zA-Z0-9]+}/history/movies';
     $routes->add('GET', $routeUserHistory, [Api\HistoryController::class, 'getHistory'], [Api\Middleware\IsAuthorizedToReadUserData::class]);

diff --git a/src/HttpController/Api/AuthenticationController.php b/src/HttpController/Api/AuthenticationController.php
@@ -89,4 +89,19 @@ public function createToken(Request $request) : Response
             ]),
         );
     }
+
+    public function isAuthenticated() : Response
+    {
+        if($this->authenticationService->isUserAuthenticated()) {
+            return Response::createJson(Json::encode([
+                'authenticated' => true,
+                'userId' => $this->authenticationService->getCurrentUser()->getId(),
+                'username' => $this->authenticationService->getCurrentUser()->getName(),
+                'isAdmin' => $this->authenticationService->getCurrentUser()->isAdmin(),
+            ]));
+        }
+        return Response::createJson(Json::encode([
+            'authenticated' => false,
+        ]));
+    }
 }
diff --git a/tests/rest/api/authentication.http b/tests/rest/api/authentication.http
@@ -1,4 +1,4 @@
-POST http://127.0.0.1/api/authentication/token
+POST http://127.0.0.1/api/authentication/create-token
 Accept: */*
 Cache-Control: no-cache
 Content-Type: application/json
@@ -7,3 +7,9 @@ X-Movary-Client: RestAPI Test
 {"email" : "{{email}}", "password" : "{{password}}", "rememberMe" : 1, "totpCode" : 123456}
 
 ###
+
+GET http://127.0.0.1/api/authentication/authenticated
+Accept: */*
+Cache-Control: no-cache
+Content-Type: application/json
+X-Movary-Client: RestAPI Test