token support, api fixes and security, dark mode

bin/tempus_project.php

@@ -82,6 +82,10 @@ class TheTempusProject extends Bedrock {
             'text' => '<i class="fa fa-fw fa-reply-all"></i> Contact',
             'url' => '{ROOT_URL}admin/contact',
         ],
+        [
+            'text' => '<i class="fa fa-fw fa-reply-all"></i> Tokens',
+            'url' => '{ROOT_URL}admin/tokens',
+        ],
         [
             'text' => '<i class="fa fa-fw fa-arrows-v"></i> Modules',
             'url' => [
@@ -399,8 +403,7 @@ class TheTempusProject extends Bedrock {
         self::$activePrefs = $user->getDefaultPreferences(); // PREFERENCES_JSON
         if (
             !$sessions->checkSession( Session::get( 'SessionID' ) ) &&
-            !$sessions->checkCookie( Cookie::get( 'RememberToken' ), true ) &&
-            !$sessions->checkToken( self::getBearerToken(), true )
+            !$sessions->checkCookie( Cookie::get( 'RememberToken' ), true )
         ) {
             Debug::info( 'Sessions->authenticate - Could not authenticate cookie or session' );
             return false;
@@ -527,46 +530,6 @@ class TheTempusProject extends Bedrock {
         echo '</div>';
     }
 
-    public static function verifyApiRequest() {
-        $token = self::getBearerToken();
-        if ( empty( $token ) ) {
-            return false;
-        }
-        $user = new User;
-        $result = $user->findByToken( $token );
-        return $result;
-    }
-
-    private static function getAuthorizationHeader(){
-        $headers = null;
-        if ( isset( $_SERVER['Authorization'] ) ) {
-            $headers = trim( $_SERVER["Authorization"] );
-        } elseif ( isset( $_SERVER['HTTP_AUTHORIZATION'] ) ) {
-            $headers = trim( $_SERVER["HTTP_AUTHORIZATION"] );
-        } elseif ( function_exists( 'apache_request_headers' ) ) {
-            $requestHeaders = apache_request_headers();
-            $requestHeaders = array_combine(array_map('ucwords', array_keys($requestHeaders)), array_values($requestHeaders));
-            if ( isset( $requestHeaders['Authorization'] ) ) {
-                $headers = trim( $requestHeaders['Authorization'] );
-            }
-        }
-        return $headers;
-    }
-
-    /**
-     * get access token from header
-     * */
-    private static function getBearerToken() {
-        $headers = self::getAuthorizationHeader();
-        // HEADER: Get the access token from the header
-        if ( ! empty( $headers ) ) {
-            if ( preg_match( '/Bearer\s(\S+)/', $headers, $matches ) ) {
-                return $matches[1];
-            }
-        }
-        return null;
-    }
-
     /**
      * Echos useful information about the installation.
      *