README_AUTH.md

AUTH VALIDATION

The api access X-Auth Header for authentication, current support auth is :

1. X-Auth-User : plain text username (important)
2. X-Auth-Key : plain text password (optional but required to allow delete)
3. X-Access-Token : Token generated (generated by script with password hash)
4. X-Access-Key: plain text private_token

GENERATE TOKEN

To generate token please refer : PentagonalProject\Model\Validator\CommonHeaderValidator

<?php
use PentagonalProject\Model\Database\User;
use PentagonalProject\Model\Validator\CommonHeaderValidator;

/**
 * @var User $user 
 */
$user  = User::where(User::COLUMN_USERNAME, 'username')->first();
$token = CommonHeaderValidator::generateTokenFromUser($user);
$headerList = [
    CommonHeaderValidator::AUTH_USER    => $user[User::COLUMN_USERNAME],
    CommonHeaderValidator::ACCESS_TOKEN => $token,
    CommonHeaderValidator::ACCESS_KEY   => $user[User::COLUMN_PRIVATE_KEY],
    CommonHeaderValidator::AUTH_KEY     => 'plainpasswordforuser'
];