Middleware

Middleware either does configuration work or blocks the request when certain conditions aren't met. Requests are blocked by exceptions. By using exceptions we catch all unintended requests and handle them in a consistent way. Read more on exceptions.

NotFoundMiddleware

Throws a new Exception(ErrorCodes::GEN_NOTFOUND) when an endpoint does not exist (on Phalcon's beforeNotFound event).

use PhalconRest\Middleware\NotFoundMiddleware;

$api->attach(new NotFoundMiddleware());

AuthenticationMiddleware

Authenticates a session token that either has been passed as a query parameter ?token or as an Authorization header with prefixed by Bearer Throws a new Exception(ErrorCodes::AUTH_BADTOKEN) when an invalid token has been passed. Throws a new UserException(ErrorCodes::AUTH_EXPIRED) when an expired token has been passed.

use PhalconRest\Middleware\AuthenticationMiddleware;

$api->attach(new AuthenticationMiddleware());

AuthorizationMiddleware

Throws a new Exception(ErrorCodes::AUTH_FORBIDDEN) when the endpoint is not authorized (ex. excluded for this particular user). Throws a new Exception(ErrorCodes::AUTH_UNAUTHORIZED) when the request is not authorized.

use PhalconRest\Middleware\AuthorizationMiddleware;

$api->attach(new AuthorizationMiddleware());

FractalMiddleware

Configures which includes need to be included in responses managed by the Fractal Manager service.

use PhalconRest\Middleware\FractalMiddleware;

$api->attach(new FractalMiddleware());

Cors

Preflight

Source: https://en.wikipedia.org/wiki/Cross-origin_resource_sharing

CorsMiddleware

Allows all origins provided to make CORS (Cross-origin resource sharing) requests.

use PhalconRest\Middleware\CorsMiddleware;

$api->attach(new CorsMiddleware([
  'frontend-app.dev'
]);

Wildcard can also be used

use PhalconRest\Middleware\CorsMiddleware;

$api->attach(new CorsMiddleware(['*']);

OptionsResponseMiddleware

Responds to all OPTION (preflight) requests with a 200 OK response.

use PhalconRest\Middleware\OptionsResponseMiddleware;

$api->attach(new OptionsResponseMiddleware());

UrlQueryMiddleware

Updates the global query by parsing url query syntax. Read more on URL Query Syntax

use PhalconRest\Middleware\UrlQueryMiddleware;

$api->attach(new UrlQueryMiddleware());