From 87e7deacf92811430ed113c66db91a3f8f4e476e Mon Sep 17 00:00:00 2001 From: friendica Date: Thu, 23 May 2013 22:29:27 -0700 Subject: use http_authorization header with nginx --- include/api.php | 10 ++++++++++ 1 file changed, 10 insertions(+) (limited to 'include') diff --git a/include/api.php b/include/api.php index 926b8510a..e6140b120 100644 --- a/include/api.php +++ b/include/api.php @@ -96,6 +96,16 @@ require_once('include/security.php'); } } + if(x($_SERVER,'HTTP_AUTHORIZATION')) { + $userpass = base64_decode(substr($_SERVER["HTTP_AUTHORIZATION"],6)) ; + if(strlen($userpass)) { + list($name, $password) = explode(':', $userpass); + $_SERVER['PHP_AUTH_USER'] = $name; + $_SERVER['PHP_AUTH_PW'] = $password; + } + } + + if (!isset($_SERVER['PHP_AUTH_USER'])) { logger('API_login: ' . print_r($_SERVER,true), LOGGER_DEBUG); header('WWW-Authenticate: Basic realm="Red"'); -- cgit v1.2.3