You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Fipamo/brain/controller/APIControl.php

232 lines
8.6 KiB
PHTML

<?php
namespace brain\controller;
use Psr\Http\Message\ResponseInterface;
use Psr\Http\Message\ServerRequestInterface;
use brain\api\v1\AuthAPI;
use brain\api\v1\PagesAPI;
use brain\api\v1\SettingsAPI;
use brain\api\v1\InitAPI;
use brain\api\v1\MailerAPI;
use brain\data\Member;
use brain\data\Session;
class APIControl
{
public static function get(
ServerRequestInterface $request,
ResponseInterface $response,
array $args
): ResponseInterface {
$filename = '';
switch (isset($args['third']) ? $args['third'] : 'none') {
case 'status':
3 years ago
$result = AuthAPI::status();
break;
case 'page':
//echo
if (Member::verifyKey($_GET['key'])) {
$result = PagesAPI::getPageContent($request, $args);
} else {
$result = [
'message' => 'API access denied, homie',
'type' => 'API_ERROR',
];
}
break;
case 'settings':
$token = $request->getHeader('fipamo-access-token');
//Verify token to get site info
if (isset($token[0])) {
if (Session::verifyToken($token[0])) {
$result = SettingsAPI::getInfo($request, $args);
} else {
$result = [
'message' => 'Invalid token, API access denied, homie',
'type' => 'API_ERROR',
];
}
} else {
$result = [
'message' => 'No token, API access denied, homie',
'type' => 'API_ERROR',
];
}
break;
case 'files':
if (Session::active()) {
if ($args['third'] == 'backup') {
$filename = '../config/backups/latest_backup.zip';
if (file_exists($filename)) {
header('Content-Type: application/zip');
header(
'Content-Disposition: attachment; filename="' .
basename($filename) .
'"'
);
header('Content-Length: ' . filesize($filename));
flush();
// return readfile($filename);
//readfile($filename);
// delete file
//unlink($filename);
}
}
} else {
$result = [
'message' => 'API access denied, homie',
'type' => 'API_ERROR',
];
}
// no break
default:
break;
}
$freshResponse = $response;
if ($args['third'] == 'files') {
$freshResponse
->getBody()
->write(file_get_contents('../config/backups/latest_back.zip'));
$freshResponse->withHeader('Content-Type', 'application/zip');
return $freshResponse->withAddedHeader(
'Content-Disposition',
'attachment; filename=latest_backup.zip'
);
} else {
$response->getBody()->write(json_encode($result));
return $response->withHeader('Content-Type', 'application/json');
}
}
public static function post(
ServerRequestInterface $request,
ResponseInterface $response,
array $args
): ResponseInterface {
$contentType = $request->getHeader('Content-Type');
switch ($contentType[0]) {
case 'application/json':
$body = json_decode(file_get_contents('php://input'), true);
break;
default:
break;
}
switch (isset($args['third']) ? $args['third'] : 'none') {
case 'restore': //move to 'api/auth'
case 'init': //move to 'api/auth'
$task = $args['third'];
$result = InitApi::handleInitTasks(
$task,
$task == 'init' ? $body : $request
);
break;
case 'backup': //move to 'api/auth'
$token = $request->getHeader('fipamo-access-token');
//Verify token for admin tasks
$result = SettingsAPI::createBackup();
/*
if (Session::verifyToken($token[0])) {
$result = SettingsAPI::createBackup();
} else {
$result = [
"message" => "API access denied, homie",
"type" => "API_ERROR",
];
}
*/
break;
case 'login': //move to 'api/auth'
//check if request is remote and if so, verify token
if ($body['remote'] || $body['remote'] == 'true') {
if (Member::verifyKey($body['key'])) {
$result = AuthAPI::login($body);
} else {
$result = [
'message' => 'API access denied, homie',
'type' => 'API_ERROR',
];
}
} else {
//request is local, so it's cool
$result = AuthAPI::login($body);
}
break;
case 'logout': //move to 'api/auth'
$result = AuthAPI::logout($body);
break;
case 'get-secret': //move to 'api/auth'
$result = AuthAPI::requestSecret($body);
break;
case 'reset-password': //move to 'api/auth'
$result = AuthAPI::resetPassword($body);
break;
case 'page':
$token = $request->getHeader('fipamo-access-token');
//Verify token for admin tasks
if (isset($token[0])) {
if (Session::verifyToken($token[0])) {
$result = PagesAPI::handlePageTask($request, $args);
} else {
$result = [
'message' => 'Invalid token, API access denied, homie',
'type' => 'API_ERROR',
];
}
} else {
$result = [
'message' => 'No token, API access denied, homie',
'type' => 'API_ERROR',
];
}
break;
case 'settings':
if (isset($body)) {
$postBody = $body;
} else {
$postBody = null;
}
$task = $args['fourth'];
if ($task == 'add-feature-background' || $task == 'add-avatar') {
$result = SettingsAPI::handleSettingsTask($request, $args, $postBody);
} else {
$token = $request->getHeader('fipamo-access-token');
if (Session::verifyToken($token[0])) {
$result = SettingsAPI::handleSettingsTask(
$request,
$args,
$postBody
);
} else {
$result = [
'message' => 'API access denied, homie',
'type' => 'API_ERROR',
];
}
}
break;
case 'mailer':
$result = MailerAPI::handleMail($request, $body, $response);
break;
default:
$result = [
'message' => "Oh, nothing to do. That's unfortunate",
'type' => 'TASK_NONE',
];
break;
}
$response->getBody()->write(json_encode($result));
return $response->withHeader('Content-Type', 'application/json');
}
}