diff --git a/docs/openapi.json b/docs/openapi.json index 964a35b6..3d114674 100644 --- a/docs/openapi.json +++ b/docs/openapi.json @@ -1066,6 +1066,45 @@ } } }, + "/authentication/authenticated": { + "get": { + "tags": [ + "Authentication" + ], + "summary": "Checks the authentication status of the user.", + "description": "Checks if the user is authenticated based on cookie.. The response is a JSON object with the authentication status and an optional username + userId of the authenticated user", + "responses": { + "200": { + "description": "OK", + "content": { + "application/json": { + "schema": { + "type": "object", + "properties": { + "authenticated": { + "type": "boolean", + "description": "True if authenticated, false if unauthenticated." + }, + "username": { + "type": "string", + "description": "The username of the authenticated user. It's empty if the user is unauthenticated." + }, + "userId": { + "type": "integer", + "description": "The ID of the authenticated user. It's empty if the user is unauthenticated." + }, + "isAdmin": { + "type": "boolean", + "description": "True if the user is an admin, False if the user isn't." + } + } + } + } + } + } + } + } + }, "/authentication/token": { "post": { "tags": [ diff --git a/settings/routes.php b/settings/routes.php index 6fcac1c1..1d7c6917 100644 --- a/settings/routes.php +++ b/settings/routes.php @@ -203,6 +203,7 @@ function addApiRoutes(RouterService $routerService, FastRoute\RouteCollector $ro $routes->add('GET', '/openapi', [Api\OpenApiController::class, 'getSchema']); $routes->add('POST', '/authentication/token', [Api\AuthenticationController::class, 'createToken']); + $routes->add('GET', '/authentication/authenticated', [Api\AuthenticationController::class, 'isAuthenticated']); $routeUserHistory = '/users/{username:[a-zA-Z0-9]+}/history/movies'; $routes->add('GET', $routeUserHistory, [Api\HistoryController::class, 'getHistory'], [Api\Middleware\IsAuthorizedToReadUserData::class]); diff --git a/src/HttpController/Api/AuthenticationController.php b/src/HttpController/Api/AuthenticationController.php index 7a4b8a7c..c3a155fb 100644 --- a/src/HttpController/Api/AuthenticationController.php +++ b/src/HttpController/Api/AuthenticationController.php @@ -89,4 +89,19 @@ public function createToken(Request $request) : Response ]), ); } + + public function isAuthenticated() : Response + { + if($this->authenticationService->isUserAuthenticated()) { + return Response::createJson(Json::encode([ + 'authenticated' => true, + 'userId' => $this->authenticationService->getCurrentUser()->getId(), + 'username' => $this->authenticationService->getCurrentUser()->getName(), + 'isAdmin' => $this->authenticationService->getCurrentUser()->isAdmin(), + ])); + } + return Response::createJson(Json::encode([ + 'authenticated' => false, + ])); + } } diff --git a/tests/rest/api/authentication.http b/tests/rest/api/authentication.http index 4431792f..f8488d7e 100644 --- a/tests/rest/api/authentication.http +++ b/tests/rest/api/authentication.http @@ -1,4 +1,4 @@ -POST http://127.0.0.1/api/authentication/token +POST http://127.0.0.1/api/authentication/create-token Accept: */* Cache-Control: no-cache Content-Type: application/json @@ -7,3 +7,9 @@ X-Movary-Client: RestAPI Test {"email" : "{{email}}", "password" : "{{password}}", "rememberMe" : 1, "totpCode" : 123456} ### + +GET http://127.0.0.1/api/authentication/authenticated +Accept: */* +Cache-Control: no-cache +Content-Type: application/json +X-Movary-Client: RestAPI Test \ No newline at end of file