Add current user endpoint to db authentication (#724)

Author: rolandboon

README.md

@@ -705,12 +705,13 @@ Below you find more information on each of the authentication types.
 
 #### Database authentication
 
-The database authentication middleware defines two new routes:
+The database authentication middleware defines three new routes:
 
     method path       - parameters               - description
-    ----------------------------------------------------------------------------------------
+    ---------------------------------------------------------------------------------------------------
     POST   /login     - username + password      - logs a user in by username and password
     POST   /logout    -                          - logs out the currently logged in user
+    GET    /me        -                          - returns the user as which you're currently logged in
 
 A user can be logged in by sending it's username and password to the login endpoint (in JSON format).
 The authenticated user (with all it's properties) will be stored in the `$_SESSION['user']` variable.

api.php

@@ -7601,6 +7601,12 @@ public function process(ServerRequestInterface $request, RequestHandlerInterface
                 }
                 return $this->responder->error(ErrorCode::AUTHENTICATION_REQUIRED, '');
             }
+            if ($method == 'GET' && $path == 'me') {
+              if (isset($_SESSION['user'])) {
+                  return $this->responder->success($_SESSION['user']);
+              }
+              return $this->responder->error(ErrorCode::AUTHENTICATION_REQUIRED, '');
+            }
             if (!isset($_SESSION['user']) || !$_SESSION['user']) {
                 $authenticationMode = $this->getProperty('mode', 'required');
                 if ($authenticationMode == 'required') {

src/Tqdev/PhpCrudApi/Middleware/DbAuthMiddleware.php

@@ -85,6 +85,12 @@ public function process(ServerRequestInterface $request, RequestHandlerInterface
             }
             return $this->responder->error(ErrorCode::AUTHENTICATION_REQUIRED, '');
         }
+        if ($method == 'GET' && $path == 'me') {
+            if (isset($_SESSION['user'])) {
+                return $this->responder->success($_SESSION['user']);
+            }
+            return $this->responder->error(ErrorCode::AUTHENTICATION_REQUIRED, '');
+        }
         if (!isset($_SESSION['user']) || !$_SESSION['user']) {
             $authenticationMode = $this->getProperty('mode', 'required');
             if ($authenticationMode == 'required') {

tests/functional/002_auth/003_db_auth.log

@@ -16,6 +16,14 @@ Content-Type: application/json; charset=utf-8
 Content-Type: application/json; charset=utf-8
 Content-Length: 27
 
+{"id":2,"username":"user2"}
+===
+GET /me
+===
+200
+Content-Type: application/json; charset=utf-8
+Content-Length: 27
+
 {"id":2,"username":"user2"}
 ===
 GET /records/invisibles/e42c77c6-06a4-4502-816c-d112c7142e6d