I have looked at the HMAC authentication (https://phalcon-rest.redound.org/) users suggested here but it looks too excessive for me and it does not use Micro framework. I just want to add a very simple and minimaist authentication to the REST example of the phalcon website.
The only thing I need is when a call arrives (to specific API functions that require auth) I can somehow find which user is behind the call.
So I need to:
1- Intercept calls and "if they require authentication" but the request does not provide a valid token (i.e. one that belongs to a user) I can send back a json error message.
2- Inside api functions I can call a getUser function (looks which user is the owner of current token) and get the user info. Even if I can get just the token, I can do the rest.
So, is there a minimalist example that has implemented just that?