2022-12-01 16:46:14 +01:00
parent 88b966e2ed
commit 5ccd74dc3c
1 changed files with 8 additions and 0 deletions
							
							
								
							
							
						
@@ -123,6 +123,14 @@ class mfBaseApicontroller {
    $me->loadByApikey($key);
    
    if(!$me->id) {
      header("Access-Control-Allow-Methods: GET,POST,PUT,DELETE,OPTIONS");
      header("Access-Control-Allow-Headers: X-Api-Key");
      
      if(preg_match('#^(https?)://([^/:]+)(:\d+)?/?$#i', $this->headers['origin'], $m)) {
        $origin_proto = $m[1];
        $origin_hostname = $m[2];
        header("Access-Control-Allow-Origin: ".$origin_proto."://".$origin_hostname);
      }
      $this->return(mfResponse::Unauthorized(['message' => "API key missing or invalid"]));
    }
    $_SESSION[MFAPPNAME.'_username'] = $me->username;