DEVHIDE
Login Or Sign up

Using Altorouter along with .htpasswd basic authentication

160 Views Asked by At

My index.php

require_once 'altorouter.php';
$router = new Router();

$router->map('GET', '/', function() {
    require 'home.php';
}, 'home');

$router->map('GET|POST', '/dashboard/[*:serial]?', function($serial) {
    require 'dashboard.php';
}, 'dashboard');

$match = $router->match();

if (is_array($match)) {

    header("HTTP/1.1 200 OK");
    call_user_func_array( $match['target'], $match['params'] );
        
}

else {

    header('Content-type: text/javascript');
    header("HTTP/1.1 400 Bad Request");
    echo json_encode(array('message' => 'Please check validity of methods and URL slugs.', 'debug' => ($_SERVER['REQUEST_URI'])), JSON_UNESCAPED_UNICODE, JSON_UNESCAPED_SLASHES);

}

The Apache sites-available ssl conf file

<IfModule mod_ssl.c>
    <VirtualHost *:443>
        ServerAdmin webmaster@localhost
        DocumentRoot /var/www/html

        <Directory /var/www/html/>
            #Options Indexes FollowSymLinks
            #AllowOverride All
            #Require all granted
            AuthType Basic
            AuthName "Restricted Content"
            AuthUserFile /etc/apache2/.htpasswd
            Require valid-user
        </Directory>

        ErrorLog ${APACHE_LOG_DIR}/error.log
        CustomLog ${APACHE_LOG_DIR}/access.log combined

        <IfModule mod_dir.c>
            DirectoryIndex index.php index.pl index.cgi index.html index.xhtml index.htm
        </IfModule>

        ServerName example.com
        Include /etc/letsencrypt/options-ssl-apache.conf
        ServerAlias www.example.com
        SSLCertificateFile /etc/letsencrypt/live/example.com/fullchain.pem
        SSLCertificateKeyFile /etc/letsencrypt/live/example.com/privkey.pem
    </VirtualHost>
</IfModule>

The .htaccess

RewriteEngine on

# Autorouter
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule . index.php [L]

# Enable last slash in URL
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^/(.*)/$ /$1 [R=301,L]

When Basic Auth is enabled home.php is accessible (after login), but dashboard.php is not.

        <Directory /var/www/html/>
            AuthType Basic
            AuthName "Restricted Content"
            AuthUserFile /etc/apache2/.htpasswd
            Require valid-user
        </Directory>

https://www.example.com/dashboard/abcd123/ returns 404

Not Found

The requested URL was not found on this server.

When Basic Auth is disabled, everything works fine.

        <Directory /var/www/html/>
            Options Indexes FollowSymLinks
            AllowOverride All
            Require all granted
        </Directory>

https://www.example.com/dashboard/abcd123/ returns 200 and the page.

Is there a way to combine Altorouter with Basic Auth? Why is the '/' route not affected by the authentication, but other routes are?

php api rest altorouter
Original Q&A
1

There are 1 best solutions below

0
Fid On

Apparently, AllowOverride All needs to be enabled. Now the routing works.

Related Questions in PHP

Related Questions in API

Related Questions in REST

Related Questions in ALTOROUTER

Trending Questions

Popular # Hahtags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs

Popular Questions

.

Copyright © 2021 Jogjafile Inc.