vjd vjd - 1 year ago 362
PHP Question

Authentication for Slim framework not working

I am using Slim framework to create restful api.

I am able to create a get api, but when I add authentication to the get request, it throws an error(Advanced Rest client google chrome extension), here is the error :

<html><head><title>Slim Application Error</title><style>body{margin:0;padding:30px;font:12px/1.5 Helvetica,Arial,Verdana,sans-serif;}h1{margin:0;font-size:48px;font-weight:normal;line-height:48px;}strong{display:inline-block;width:65px;}</style></head><body><h1>Slim Application Error</h1><p>The application could not run because of the following error:</p><h2>Details</h2><div><strong>Type:</strong> ErrorException</div><div><strong>Code:</strong> 8</div><div><strong>Message:</strong> Undefined variable: apiKey</div><div><strong>File:</strong> /Library/WebServer/Documents/pascal_api/rest_api/v1/index.php</div><div><strong>Line:</strong> 34</div><h2>Trace</h2><pre>#0 /Library/WebServer/Documents/pascal_api/rest_api/v1/index.php(34): Slim\Slim::handleErrors(8, 'Undefined varia...', '/Library/WebSer...', 34, Array)
#1 [internal function]: authenticate(Object(Slim\Route))
#2 /Library/WebServer/Documents/pascal_api/rest_api/libs/Slim/Route.php(433): call_user_func_array('authenticate', Array)
#3 /Library/WebServer/Documents/pascal_api/rest_api/libs/Slim/Slim.php(1307): Slim\Route->dispatch()
#4 /Library/WebServer/Documents/pascal_api/rest_api/libs/Slim/Middleware/Flash.php(85): Slim\Slim->call()
#5 /Library/WebServer/Documents/pascal_api/rest_api/libs/Slim/Middleware/MethodOverride.php(92): Slim\Middleware\Flash->call()
#6 /Library/WebServer/Documents/pascal_api/rest_api/libs/Slim/Middleware/PrettyExceptions.php(67): Slim\Middleware\MethodOverride->call()
#7 /Library/WebServer/Documents/pascal_api/rest_api/libs/Slim/Slim.php(1254): Slim\Middleware\PrettyExceptions->call()
#8 /Library/WebServer/Documents/pascal_api/rest_api/v1/index.php(100): Slim\Slim->run()
#9 {main}</pre></body></html>

Here is my code:


require '.././libs/Slim/Slim.php';


$app = new \Slim\Slim();

function isValidApiKey($api_key) {
$m = new MongoClient();
$db = $m->pascal;
$collection = $db->apiUsers;
if($collection->findOne(array('apiKey' => $api_key))){
return true;

return false;


function authenticate(\Slim\Route $route) {
// Getting request headers
$headers = apache_request_headers();
$response = array();
$app = \Slim\Slim::getInstance();

// Verifying Authorization Header
if (isset($headers['Authorization'])) {

// get the api key
$api_key = $headers['Authorization'];
echo $apiKey;
// validating api key
//$db = new dbSupport();
if ($isValidApiKey($api_key) === false) {

// api key is not present
$response["error"] = true;
$response["message"] = "Access Denied. Invalid Api key";
echoRespnse(401, $response);


} else {
// api key is missing in header
$response["error"] = true;
$response["message"] = "Api key is misssing";
echoRespnse(400, $response);

$app->get('/offerData','authenticate',function() use ($app) {

$m = new MongoClient();
$db = $m->pascal;
$collection = $db->offerDetails;

$offer_array = array();
$cursor = $collection->find();
$offer_array["offers"] = array();

foreach ($cursor as $document) {

$offerData = array('title' => $document['title'],
'discription' => $document['discription'],
'create_time' => $document['create_time'],
'expire_time' => $document['expire_time'],
'coordinates' => $document['loc']['coordinates'],
'address' => $document['address'],
'tags' => $document['tags'],
'phone_number' => $document['phone_number'],
'email' => $document['email'],
'website' => $document['website'],
'img_url' => $document['img_url']
array_push($offer_array["offers"], $offerData);
$offer_array["error"] = false;
echoRespnse(200, $offer_array);

function echoRespnse($status_code, $response) {
$app = \Slim\Slim::getInstance();
// Http response code

// setting response content type to json

echo json_encode($response);


Any idea whats causing this error??

Answer Source

Please run the print_r command on the $headers and see what are you getting in the there . I think the key is not being set or its not coming at all to your code

Okay then do this before line 28 :

    $api_key=null ;

Try this once and let me know .

This is the error :

           $api_key = $headers['Authorization'];
           echo $apiKey;

But the echo is printing the wrong variable .It should be

           echo $api_key;
Recommended from our users: Dynamic Network Monitoring from WhatsUp Gold from IPSwitch. Free Download