Application des correctifs de M. Micard

b6aa7119 · poslovitch · 06249eca · b6aa7119 · b6aa7119 · b6aa7119
Commit b6aa7119 authored Dec 14, 2021 by poslovitch
--- a/app/apiroutes/openfoodfacts.php
+++ b/app/apiroutes/openfoodfacts.php
@@ -10,7 +10,7 @@ function get_product_short_data_array($product_full_data){
    $shortproduct = null;

    //check if product description contains mandatory fields
-    if (array_key_exists("product_name_fr", $product_full_data) &&
+    if (array_key_exists("id", $product_full_data) && array_key_exists("product_name_fr", $product_full_data) &&
    !empty($product_full_data["product_name_fr"]) && array_key_exists("image_url", $product_full_data) &&
    !empty($product_full_data["image_url"]) && array_key_exists("nutriscore_grade", $product_full_data) &&
    !empty($product_full_data["nutriscore_grade"]))

--- a/app/apiroutes/users.php
+++ b/app/apiroutes/users.php
@@ -420,21 +420,26 @@ $app->delete('/api/users/{username}', function( Request $request, Response $resp
 });

 /** 
- * Function which parse token, decode user infos from this token and Throws  
- * UnauthenticatedException if Authentication Issue. 
+ * Function which parse token, decode user infos from this token and Throws UnauthenticatedException  
+ * if Authentication Issue. 
 *  
- * The UnauthenticatedException must be catched in the caller and should result  
- * to a 401 Http Error 
+ * The UnauthenticatedException must be catched in the caller and should result to a 401 Http Error 
 */ 
 function get_token_infos(Request $request){ 
    if ($request->hasHeader('Authorization')) { 
        list($token) = sscanf($request->getHeaderLine('Authorization'), 'Bearer %s'); 
 
        $jwt = new Auth\JwtHandler(); 
-
-        $data = $jwt->_jwt_decode_data($token); 
+        try 
+        { 
+            $data = $jwt->_jwt_decode_data($token); 
 
-        return $data; 
+            return $data; 
+        } 
+        catch (Exception $e) 
+        { 
+            throw new Auth\UnauthenticatedException("Invalid token : ". $e->getMessage()); 
+        } 
    } 
    else{ 
        throw new Auth\UnauthenticatedException("Unable to find Authorization Header"); 

--- a/app/public/index.php
+++ b/app/public/index.php
@@ -7,6 +7,9 @@ use Psr\Http\Message\ResponseInterface as Response;
 // # include the Slim framework
 require __DIR__ . '/../vendor/autoload.php';

+// Report simple running errors 
+error_reporting(E_ERROR | E_PARSE);
+

 $config['displayErrorDetails'] = true;
 $config['addContentLengthHeader'] = false;