You are here

Home » API reference » Services API Key Authentication 7 » services_api_key_auth.module

function services_api_key_auth_services_settings_form in Services API Key Authentication 7

Build form for authentication settings.

Parameters

$settings: The settings as they exist currently.

Return value

The form definition.

1 string reference to 'services_api_key_auth_services_settings_form'
services_api_key_auth_services_authentication_info in ./services_api_key_auth.module
Implements hook_services_authentication_info().

File

./services_api_key_auth.module, line 66
Extend services to allow API key authentication on endpoints.

Code

function services_api_key_auth_services_settings_form($settings) {
  $form = array();

  // Generate an API key for the user.
  $key = drupal_random_key(16);

  // Text field for api key.
  $form['api_key'] = array(
    '#type' => 'textfield',
    '#title' => t('API Key'),
    '#description' => t('Enter an API key to allow access to this endpoint. You can use a secure pseudo-random key generated on your behalf, "!key", entered automatically if the field was empty.', array(
      '!key' => $key,
    )),
    '#default_value' => !empty($settings['api_key']) ? $settings['api_key'] : $key,
  );

  // Define where we should look up of the API key value.
  $form['api_key_source'] = array(
    '#type' => 'select',
    '#title' => t('API Key source'),
    '#description' => t('Where the API key can be found, either in the request parameters or in the HTTP header. Note that the <a href="@href_php_net" target="_blank">@var_request</a> variable contains the contents of @var_get, @var_post and @var_cookie, and that for the header option, <em>api-key</em> should still be the parameter passed in the request. The Web server will convert this to <em>HTTP_API_KEY</em> on receipt.', array(
      '@href_php_net' => 'http://php.net/manual/en/reserved.variables.request.php',
      '@var_request' => '$_REQUEST',
      '@var_cookie' => '$_COOKIE',
      '@var_post' => '$_POST',
      '@var_get' => '$_GET',
    )),
    '#options' => array(
      'request' => t("Request (\$_REQUEST['api-key'])"),
      'header' => t("Header (\$_SERVER['HTTP_API_KEY'])"),
    ),
    '#default_value' => empty($settings['api_key_source']) ? 'request' : $settings['api_key_source'],
  );

  // Get list of users with given role.
  $role = user_role_load_by_name(variable_get('service_api_key_role', 'administrator'));
  $query = 'SELECT DISTINCT(ur.uid) FROM {users_roles} AS ur WHERE ur.rid = :rids';
  $result = db_query($query, array(
    ':rids' => $role->rid,
  ));
  $options = array(
    '' => 'Select user',
  );
  while ($uid = $result
    ->fetchColumn()) {
    $user = user_load($uid);
    $options[$user->name] = $user->name;
    unset($user);
  }

  // Build select field.
  $form['user'] = array(
    '#type' => 'select',
    '#title' => t('User'),
    '#description' => t('Select the user to run request through this endpoint as.'),
    '#options' => $options,
    '#default_value' => !empty($settings['user']) ? $settings['user'] : '',
  );
  return $form;
}