search

dancrew32 / marcel

The PHP 5.4 MVC with Shoes On: ActiveRecord, User/Session, Generators, SCSS, (Twitter Bootstrap) Integration, Workers, Cron Management, Image Manipulation, Caching, Git Management, Mail & Mail Parsing, OCR, Scraping, Selenium, Mustache, Markdown, Phone & Text Messaging, WebSockets, BitTorrent and much more!
5 stars 0 forks source link

optionally handle auth checks at the router #6

Closed dancrew32 closed 11 years ago

dancrew32 commented 11 years ago 
'/foo' => [
    'c' => 'controller', 'm' => 'method',
    'auth' => ['admin', 'user'],
],

allow it per http method

'/foo' => [
    'http' => [
        'get'  => [ 'c' => 'controller', 'm' => 'method', 'auth' => ['admin', 'user'] ],
        'post' => [ 'c' => 'controller', 'm' => 'method', 'auth' => ['admin'] ],
    ],
],

maybe have the parent auth be the fallback for http methods that lack auth. e.g. admin allowed for all, but user can only GET:

'/foo' => [
    'http' => [
        'get'  => [ 'c' => 'controller', 'm' => 'method', 'auth' => ['user'] ],
        'post' => [ 'c' => 'controller', 'm' => 'method' ],
        'put' => [ 'c' => 'controller', 'm' => 'method' ],
        'delete' => [ 'c' => 'controller', 'm' => 'method' ],
    ],
    'auth' => ['admin'],
],