Merge pull request chriskacerguis#677 from teabrg/master

chriskacerguis · web-flow · commit 8a8657bd645b · 2016-08-23T07:51:52.000-05:00
Check if API KEY submitted is activated
diff --git a/application/libraries/REST_Controller.php b/application/libraries/REST_Controller.php
@@ -999,7 +999,16 @@ protected function _detect_api_key()
         // Find the key from server or arguments
         if (($key = isset($this->_args[$api_key_variable]) ? $this->_args[$api_key_variable] : $this->input->server($key_name)))
         {
-            if ( ! ($row = $this->rest->db->where($this->config->item('rest_key_column'), $key)->get($this->config->item('rest_keys_table'))->row()))
+            //if you have a field to check if the API KEY provided by the user is activated or not 
+            //(in case you quickly want to deactivate specific users)
+            // you can also perform an extra check for this
+            
+            $existsactive = $this->db->query("SELECT api_key_activated FROM api_keys WHERE api_key = '".$key."' ");
+            // Using the Query builder method. This will only work if you have a column named activated in the api_key table.
+            //If you also want to add this as a config item replace the get('activated') with $this->config->item('rest_key_activated_column').
+            $existsactive = $this->rest->db->where($this->config->item('rest_key_column'), $key)->get('activated')->result();
+            $isactive = $existsactive->result();
+            if ( ! ($row = $this->rest->db->where($this->config->item('rest_key_column'), $key)->get($this->config->item('rest_keys_table'))->row() ) || $isactive[0]->api_key_activated == 'no' )
             {
                 return FALSE;
             }

Original file line number	Diff line number	Diff line change
`@@ -999,7 +999,16 @@ protected function _detect_api_key()`
`999`	`999`	`// Find the key from server or arguments`
`1000`	`1000`	`if (($key = isset($this->_args[$api_key_variable]) ? $this->_args[$api_key_variable] : $this->input->server($key_name)))`
`1001`	`1001`	`{`
`1002`		`- if ( ! ($row = $this->rest->db->where($this->config->item('rest_key_column'), $key)->get($this->config->item('rest_keys_table'))->row()))`
	`1002`	`+ //if you have a field to check if the API KEY provided by the user is activated or not`
	`1003`	`+ //(in case you quickly want to deactivate specific users)`
	`1004`	`+ // you can also perform an extra check for this`
	`1005`	`+`
	`1006`	`+ $existsactive = $this->db->query("SELECT api_key_activated FROM api_keys WHERE api_key = '".$key."' ");`
	`1007`	`+ // Using the Query builder method. This will only work if you have a column named activated in the api_key table.`
	`1008`	`+ //If you also want to add this as a config item replace the get('activated') with $this->config->item('rest_key_activated_column').`
	`1009`	`+ $existsactive = $this->rest->db->where($this->config->item('rest_key_column'), $key)->get('activated')->result();`
	`1010`	`+ $isactive = $existsactive->result();`
	`1011`	`+ if ( ! ($row = $this->rest->db->where($this->config->item('rest_key_column'), $key)->get($this->config->item('rest_keys_table'))->row() ) \|\| $isactive[0]->api_key_activated == 'no' )`
`1003`	`1012`	`{`
`1004`	`1013`	`return FALSE;`
`1005`	`1014`	`}`