feat: access jwt webtoken

Author: fullstackondemand

.htaccess

@@ -1,3 +1,5 @@
 RewriteEngine on
 RewriteRule ^([a-z]+)$ index.php?table=$1
-RewriteRule ^([a-z]+)/([0-9]+)$ index.php?table=$1&&id=$2
+RewriteRule ^([a-z]+)/access_token=([a-z0-9]+)$ index.php?table=$1&&access_token=$2
+RewriteRule ^([a-z]+)/([0-9]+)$ index.php?table=$1&&id=$2
+RewriteRule ^([a-z]+)/([0-9]+)/access_token=([a-z0-9]+)$ index.php?table=$1&&id=$2&&access_token=$3

env-simple.php

@@ -5,5 +5,6 @@
 define('USER_NAME', '');
 define('PASSWORD', '');
 define('DATABASE_NAME', '');
+define('ACCESS_TOKEN', '');
 
 ?>

index.php

@@ -1,7 +1,11 @@
 <?php
 
+/* Include Varibles File */
+include 'env.php';
+
 /* Include View Files */
 include 'views/header.view.php';
+include 'views/access_token.view.php';
 include 'views/table.view.php';
 
 /* Check ID */

views/access_token.view.php

@@ -0,0 +1,26 @@
+<?php
+
+/* Check Access Token */
+if(isset($_GET['access_token'])) {
+
+    if ($_GET['access_token'] != ACCESS_TOKEN) {
+        echo json_encode(array('status'=>'Fail', 'error'=>'Please provide valid access token'));
+        die();
+    }
+}
+
+/* Check Authorization */
+else if (isset($headers['Authorization'])) {
+
+    if ($headers['Authorization'] != "Bearer ".ACCESS_TOKEN) {
+        echo json_encode(array('status'=>'Fail', 'error'=>'Please provide valid access token'));
+        die();
+    }
+}
+
+else {
+    echo json_encode(array('status'=>'Fail', 'error'=>'Please provide access token'));
+    die();
+}
+
+?>

views/database.view.php

@@ -1,8 +1,5 @@
 <?php 
 
-/* Include Varibles File */
-include 'env.php';
-
 /* Create connection */
 $con = new mysqli(SERVER_NAME, USER_NAME, PASSWORD, DATABASE_NAME);
 

views/header.view.php

@@ -5,5 +5,6 @@
 header("Content-Type: application/json; charset=UTF-8");
 header("Access-Control-Allow-Methods: POST, GET, PUT, DELETE");
 header("Access-Control-Allow-Headers: Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With");
+$headers = getallheaders();
 
 ?>