All geek questions in one place

Cakephp3- unable to get authorization header inside controller

I am developing an API using CakePHP 3 framework. Now I am sending a GET request from the POSTMAN client. The user will pass the API key in the header. enter image description here

I want to get this header in my controller function.

This is what my controller looks like

namespace Api\Controller; use Cake\Auth\DefaultPasswordHasher; use Api\Controller\AppController; use Cake\Cache\Cache; use Cake\Http\ServerRequest; class ApiController extends AppController { public function initialize() { parent::initialize(); $this->loadComponent('RequestHandler'); } public function myinfo() { if($this->request->is('get')) { $key = $this->request->getHeaderLine('Authorization'); $this->set('key', $key); } $this->set('_serialize', ['key']); } }

The error I get is: HeaderLine is not a function

I also tried some more options:

 $acceptHeader = $this->request->getHeader('Authorization');

but it also gave rise to a similar error. The header is not a function.

Link: Link

CakePHP Version: 3.3.5

+5
source share
2 answers

As @ndm said in the comments on the OP, the last example of a linked document should solve your problem. You are using version prior to 3.4, so you need to use:

 // Prior to 3.4.0 $key = $this->request->header('Authorization');
+3
source

Refere document for reading HTTP header

It is mentioned here that "Allows you to access any of the HTTP_ * headers that were used for the request." So it only reads http headers, for example

  • HTTP request
  • Host
  • Connection
  • Upgrade-Insecure-requests
  • User agent
  • To accept
  • Accept-encoding
  • Accept language

It was also mentioned that "although some Apache installations do not make the authorization header available, CakePHP will make it available using special Apache methods as necessary."

So for solution

They all have different obscure settings that you can configure to undo this behavior, but you need to determine exactly which module is to blame.

You can work around this problem by passing the header directly to PHP via env:

 SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1

Also Refere: Zend Server Windows - authorization header is not passed to PHP script

+1
source

Source: https://habr.com/ru/post/1266303/

More articles:


All Articles