33 lines
767 B
PHP
33 lines
767 B
PHP
<?php
|
|
/**
|
|
* Protected API endpoint example
|
|
*
|
|
* This endpoint demonstrates how to protect an API route using
|
|
* our simplified authentication approach.
|
|
*/
|
|
|
|
require_once('../Models/User.php');
|
|
|
|
// Set content type to JSON
|
|
header('Content-Type: application/json');
|
|
|
|
// Check if user is authenticated
|
|
$auth = User::checkAuth();
|
|
if (!$auth) {
|
|
// The checkAuth method already sent the error response
|
|
exit;
|
|
}
|
|
|
|
// User is authenticated, proceed with the endpoint logic
|
|
$response = [
|
|
'status' => 'success',
|
|
'message' => 'You have access to this protected endpoint',
|
|
'user' => [
|
|
'id' => $auth['uid'],
|
|
'username' => $auth['username'],
|
|
'accessLevel' => $auth['accessLevel']
|
|
]
|
|
];
|
|
|
|
// Send response
|
|
echo json_encode($response);
|