Crawler API now checks token.

This commit is contained in:
Alexey Skobkin 2016-03-25 17:34:18 +03:00
parent f9f1072bbd
commit b5007fceec
2 changed files with 11 additions and 1 deletions

View file

@ -22,3 +22,6 @@ parameters:
# A secret key that's used to generate certain security-related tokens # A secret key that's used to generate certain security-related tokens
secret: ThisTokenIsNotSoSecretChangeIt secret: ThisTokenIsNotSoSecretChangeIt
# Token for Go crawler https://bitbucket.org/skobkin/point-tools-crawler
crawler_token: test_token

View file

@ -4,12 +4,19 @@ namespace Skobkin\Bundle\PointToolsBundle\Controller\Api;
use Skobkin\Bundle\PointToolsBundle\Service\Factory\Blogs\PostFactory; use Skobkin\Bundle\PointToolsBundle\Service\Factory\Blogs\PostFactory;
use Symfony\Component\HttpFoundation\Request; use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
class CrawlerController extends AbstractApiController class CrawlerController extends AbstractApiController
{ {
public function receiveAllPageAction(Request $request) public function receiveAllPageAction(Request $request)
{ {
$token = $request->request->get('token'); $remoteToken = $request->request->get('token');
$localToken = $this->getParameter('crawler_token');
if (!$localToken || ($localToken !== $remoteToken)) {
return $this->createErrorResponse('Token error. Please check it in crawler and API parameters.', Response::HTTP_FORBIDDEN);
}
$json = $request->request->get('json'); $json = $request->request->get('json');
$serializer = $this->get('jms_serializer'); $serializer = $this->get('jms_serializer');