Verify auth key when retrieving existing configuration as well - partkeepr

commit 1096e1387a86a42621bca517a2425f388ee9537b
parent 76f511b1c070a459c27f2e8575230d716d582b2a
Author: Felicitus <felicitus@felicitus.org>
Date:   Wed,  4 Nov 2015 19:23:41 +0100

Verify auth key when retrieving existing configuration as well

Diffstat:
M src/PartKeepr/SetupBundle/Controller/ExistingConfigParserController.php  | 9 +++++++++

1 file changed, 9 insertions(+), 0 deletions(-)
diff --git a/src/PartKeepr/SetupBundle/Controller/ExistingConfigParserController.php b/src/PartKeepr/SetupBundle/Controller/ExistingConfigParserController.php
@@ -15,6 +15,15 @@ class ExistingConfigParserController extends SetupController
      */
     public function parseExistingConfigAction(Request $request)
     {
+        $data = json_decode($request->getContent(), true);
+        if (!array_key_exists("authKey", $data) || !$this->verifyAuthKey($data["authKey"])) {
+            $response["success"] = false;
+            $response["message"] = "Invalid Authentication Key";
+            $response["errors"] = array();
+
+            return new JsonResponse($response);
+        }
+
          $response = array(
             "success" => true,
             "errors" => [],

	partkeepr fork of partkeepr
	git clone https://git.e1e0.net/partkeepr.git
	Log \| Files \| Refs \| Submodules \| README \| LICENSE