salman/igny8
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

wp plugin udapted v1.5.0

Browse Source
This commit is contained in:
IGNY8 VPS (Salman)
2026-01-13 08:19:55 +00:00
parent 17b3811d4c
commit 3cc2e6b270
13 changed files with 1078 additions and 273 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
plugins/wordpress/source/igny8-wp-bridge/includes/class-igny8-rest-api.php
View File

@@ -123,21 +123,32 @@ class Igny8RestAPI {
public function check_permission($request) {
// Check if authenticated with IGNY8 via API key
$api = new Igny8API();
$stored_api_key = function_exists('igny8_get_secure_option') ? igny8_get_secure_option('igny8_api_key') : get_option('igny8_api_key');
if (empty($stored_api_key)) {
return new WP_Error(
'rest_forbidden',
__('IGNY8 API key not configured', 'igny8-bridge'),
array('status' => 401)
);
}
// Accept explicit X-IGNY8-API-KEY header for incoming requests
$header_api_key = $request->get_header('x-igny8-api-key');
if ($header_api_key) {
$stored_api_key = function_exists('igny8_get_secure_option') ? igny8_get_secure_option('igny8_api_key') : get_option('igny8_api_key');
if ($stored_api_key && hash_equals($stored_api_key, $header_api_key)) {
return true;
}
if ($header_api_key && hash_equals($stored_api_key, $header_api_key)) {
// Update last communication timestamp
update_option('igny8_last_communication', current_time('timestamp'));
return true;
}
// Check Authorization Bearer header
// Check Authorization Bearer header (timing-safe comparison)
$auth_header = $request->get_header('Authorization');
if ($auth_header) {
$stored_api_key = function_exists('igny8_get_secure_option') ? igny8_get_secure_option('igny8_api_key') : get_option('igny8_api_key');
if ($stored_api_key && strpos($auth_header, 'Bearer ' . $stored_api_key) !== false) {
// Extract token from "Bearer <token>" format
$expected_header = 'Bearer ' . $stored_api_key;
if (hash_equals($expected_header, $auth_header)) {
// Update last communication timestamp
update_option('igny8_last_communication', current_time('timestamp'));
return true;
}
}