minor #20107 [Security] fix: propose a better header naming for custom authenticator (94noni)

javiereguiluz · javiereguiluz · commit 24ed0c0caefd · 2024-08-26T16:37:57.000+02:00
This PR was merged into the 5.4 branch. Discussion ---------- [Security] fix: propose a better header naming for custom authenticator Ref https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers Commits ------- 27a4f50 Update custom_authenticator.rst
diff --git a/security/custom_authenticator.rst b/security/custom_authenticator.rst
@@ -37,12 +37,12 @@ method that fits most use-cases::
          */
         public function supports(Request $request): ?bool
         {
-            return $request->headers->has('X-AUTH-TOKEN');
+            return $request->headers->has('auth-token');
         }
 
         public function authenticate(Request $request): Passport
         {
-            $apiToken = $request->headers->get('X-AUTH-TOKEN');
+            $apiToken = $request->headers->get('auth-token');
             if (null === $apiToken) {
                 // The token header was empty, authentication fails with HTTP Status
                 // Code 401 "Unauthorized"

Original file line number	Diff line number	Diff line change
`@@ -37,12 +37,12 @@ method that fits most use-cases::`
`37`	`37`	`*/`
`38`	`38`	`public function supports(Request $request): ?bool`
`39`	`39`	`{`
`40`		`- return $request->headers->has('X-AUTH-TOKEN');`
	`40`	`+ return $request->headers->has('auth-token');`
`41`	`41`	`}`
`42`	`42`
`43`	`43`	`public function authenticate(Request $request): Passport`
`44`	`44`	`{`
`45`		`- $apiToken = $request->headers->get('X-AUTH-TOKEN');`
	`45`	`+ $apiToken = $request->headers->get('auth-token');`
`46`	`46`	`if (null === $apiToken) {`
`47`	`47`	`// The token header was empty, authentication fails with HTTP Status`
`48`	`48`	`// Code 401 "Unauthorized"`