Skip to content

Commit 5a7b0a3

Browse files
skieskie
committed
add middleware layer documentation
1 parent 97f6d6e commit 5a7b0a3

File tree

1 file changed

+54
-0
lines changed

1 file changed

+54
-0
lines changed

docs/Documentation/middleware.md

Lines changed: 54 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,54 @@
1+
# Middlewares
2+
3+
Middleware defined by plugin:
4+
5+
Initial `ApiMiddleware` was splited into parts to allow inject authorization middleware from Authorization plugin.
6+
7+
* ParseApiRequestMiddleware - perform url analyze and creates service instance and store it into request parameters.
8+
* ProcessApiRequestMiddleware - perform api request.
9+
10+
11+
`Api.Middleware` section in api.php defined set of middlewares loaded for the router.
12+
13+
By default it looks next way:
14+
15+
```
16+
'authentication' => [
17+
'class' => AuthenticationMiddleware::class,
18+
'request' => CakeDC\Api\ApiInitializer::class,
19+
'method' => 'getAuthenticationService',
20+
],
21+
'apiParser' => [
22+
'class' => ParseApiRequestMiddleware::class,
23+
],
24+
'apiAuthorize' => [
25+
'class' => AuthorizationMiddleware::class,
26+
'request' => ApiInitializer::class,
27+
'params' => [
28+
'unauthorizedHandler' => 'CakeDC/Api.ApiException',
29+
],
30+
],
31+
'apiAuthorizeRequest' => [
32+
'class' => RequestAuthorizationMiddleware::class,
33+
],
34+
'apiProcessor' => [
35+
'class' => ProcessApiRequestMiddleware::class,
36+
],
37+
```
38+
39+
## Authentication
40+
Defined schema allow user to use Authentication plugin for user authentication.
41+
42+
To override default \CakeDC\Api\ApiInitializer::getAuthenticationService autenticators
43+
user should define class with same signatures and generates AuthenticationService with needed Identifiers and Authenticators.
44+
45+
## Authrization
46+
Defined schema allow user to use Authorization plugin both for request authorizations and for code level checks. For this we loading RequestAuthorizationMiddleware and AuthorizationMiddleware.
47+
48+
49+
50+
## Installation
51+
52+
Rbac for authrize middlware setup performed by copy file cakephp-api/config/api_permissions.php.default to
53+
config/api_permissions.php and defining needed permissions.
54+
By defaul it is allowed everything for unauthorized users.

0 commit comments

Comments
 (0)