coolbung
commented
8 years ago @vishal22 this should be much more simplified. The authentication class should be simply decided based on the header value. The default value of this should be picked up from the config.
So in the constructor you should do -
$auth_method = headers['x-auth'] ? headers['x-auth'] : $params->get('auth_method');
$this->set('auth_method', $auth_method);Then remove all the code related to key/login checks. All that code is unnecessary. Great chance for #strengthbysubtraction !
In the authenticateRequest() method just have -
$className = 'APIAuthentication'.ucwords($this->get('auth_method'));
Good idea!