1
<?php
2

3
namespace SilverStripe\RestfulServer;
4

5
use SilverStripe\Security\Authenticator;
6
use SilverStripe\Control\Controller;
7
use SilverStripe\Security\Security;
8

9
/**
10
 * A simple authenticator for the Restful server.
11
 *
12
 * This allows users to be authenticated against that RestfulServer using their
13
 * login details, however they will be passed 'in the open' and will require the
14
 * application accessing the RestfulServer to store logins in plain text (or in
15
 * decrytable form)
16
 */
17
class BasicRestfulAuthenticator
18
{
19
    /**
20
     * The authenticate function
21
     *
22
     * Takes the basic auth details and attempts to log a user in from the DB
23
     *
24
     * @return Member|false The Member object, or false if no member
25
     */
26 1
    public static function authenticate()
27
    {
28
        //if there is no username or password, fail
29 1
        if (!isset($_SERVER['PHP_AUTH_USER']) || !isset($_SERVER['PHP_AUTH_PW'])) {
30 1
            return null;
31
        }
32

33
        // With a valid user and password, check the password is correct
34
        $data = [
35 1
            'Email' => $_SERVER['PHP_AUTH_USER'],
36 1
            'Password' => $_SERVER['PHP_AUTH_PW'],
37
        ];
38 1
        $request = Controller::curr()->getRequest();
39 1
        $authenticators = Security::singleton()->getApplicableAuthenticators(Authenticator::LOGIN);
40 1
        $member = null;
41 1
        foreach ($authenticators as $authenticator) {
42 1
            $member = $authenticator->authenticate($data, $request);
43 1
            if ($member) {
44 1
                break;
45
            }
46
        }
47 1
        return $member;
48
    }
49
}

Read our documentation on viewing source code .

Loading