From 0ac38198ab1c00dfb290d5631fa7c1cf5ac2a48a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Nicolas=20L=C5=93uillet?= Date: Mon, 9 Feb 2015 13:59:48 +0100 Subject: authentication on API --- .../CoreBundle/Security/Authentication/Provider/WsseProvider.php | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'src') diff --git a/src/Wallabag/CoreBundle/Security/Authentication/Provider/WsseProvider.php b/src/Wallabag/CoreBundle/Security/Authentication/Provider/WsseProvider.php index 5499f400..eaad9c63 100644 --- a/src/Wallabag/CoreBundle/Security/Authentication/Provider/WsseProvider.php +++ b/src/Wallabag/CoreBundle/Security/Authentication/Provider/WsseProvider.php @@ -44,6 +44,12 @@ class WsseProvider implements AuthenticationProviderInterface if (file_exists($this->cacheDir.'/'.$nonce) && file_get_contents($this->cacheDir.'/'.$nonce) + 300 > time()) { throw new NonceExpiredException('Previously used nonce detected'); } + + // If cache directory does not exist we create it + if (!is_dir($this->cacheDir)) { + mkdir($this->cacheDir, 0777, true); + } + file_put_contents($this->cacheDir.'/'.$nonce, time()); // Valide le Secret -- cgit v1.2.3