Luracast Restler 4 Live Examples:- Protected API

Protected API PHP >= 5.3

authentication authorization

Not all the API exposed needs to be public, we need to protect some of our API. Here are three ways to protect a method

Change it to a protected function
Add a PHPDoc comment @access protected to the method
Add @access protected comment to the class to protect all methods of that class

In order to provide access to those protected methods we use a class that implements iAuthenticate. Also note that An Authentication class is also an API class so all public methods that does not begin with _ will be exposed as API for example SimpleAuth::key. It can be used to create login/logout methods.

This API Server is made using the following php files/folders

index.php (gateway)

Simple.php (api)

Secured.php (api)

SimpleAuth.php (auth)

restler.php (framework)

JsonFormat.php (format)

This API Server exposes the following URIs

GET normal         ⇠ Simple::normal()
GET restricted     ⇠ Simple::restricted()
GET restricted2    ⇠ Simple::restricted2()
GET secured        ⇠ Secured::index()
GET simpleauth/key ⇠ SimpleAuth::key()

Try the following links in your browser

GET restricted

{
  "error": {
    "code": 401,
    "message": "Unauthorized"
  }
}

GET restricted?key=rEsTlEr2

"protected method"

GET secured?key=rEsTlEr2

"protected class"