diff --git a/.gitignore b/.gitignore index 95e2b1a..860400b 100644 --- a/.gitignore +++ b/.gitignore @@ -68,4 +68,14 @@ config.codekit3 /src/styles/main/_navigation.sass /src/styles/main/_posts.sass /src/styles/main/_settings.sass -/src/styles/main/_structure.sass \ No newline at end of file +/src/styles/main/_structure.sass +/src/com/Base.js +/src/com/actions/Mailer.js +/src/com/actions/NavActions.js +/src/com/actions/SettingsActions.js +/src/com/controllers/NavIndex.js +/src/com/controllers/PageEditor.js +/src/com/controllers/SettingsIndex.js +/src/com/ui/TextEditor.js +/src/libraries/FipamoAPI.js +/src/styles/main/_settings.sass \ No newline at end of file diff --git a/brain/App.inc.php b/brain/App.inc.php index 53361ff..5cef56c 100644 --- a/brain/App.inc.php +++ b/brain/App.inc.php @@ -19,17 +19,20 @@ include "../brain/utility/Sorting.inc.php"; include "../brain/utility/Setup.inc.php"; include "../brain/utility/Maintenance.inc.php"; include "../brain/utility/Mailer.inc.php"; +include "../brain/utility/HandleCors.inc.php"; class App { public function __construct() { + // set up cors + new HandleCors(); $app = AppFactory::create(); $twig = Twig::create("../brain/views/"); $app->add(TwigMiddleware::create($app, $twig)); //set up routing $app->get( - "/[{first}[/{second}[/{third}[/{fourth}]]]]", + "/[{first}[/{second}[/{third}[/{fourth}[/{fifth}]]]]]", "\RouteControl:get" ); $app->post( diff --git a/brain/api/v1/PagesAPI.inc.php b/brain/api/v1/PagesAPI.inc.php index d54b830..2786efc 100644 --- a/brain/api/v1/PagesAPI.inc.php +++ b/brain/api/v1/PagesAPI.inc.php @@ -1,4 +1,5 @@ getContents(); + switch ($task) { + case "published": + //$pageNum = $args["fifth"]; not not needed but gonna keep remnant in case it becomes useful/needed + $published = filter($content, function ($item) { + return $item["published"] == true && $item["deleted"] == false; + }); + + $result = ["pages" => $published, "totalPages" => count($published)]; + //$result = (new Book("../content/pages"))->getPages($pageNum, 4, $task); + break; + case "single": + $uuid = $args["fifth"]; + $result = (new Book("../content/pages"))->findPageById($uuid); + break; + case "tags": + $result = Settings::getTags(); + break; + default: + $result = [ + "message" => "Hm, no task. That's unfortunate", + "type" => "TASK_NONE", + ]; + break; + } + return $result; + } + public static function handlePageTask($request, $args) { $task = $args["fourth"]; diff --git a/brain/controller/APIControl.inc.php b/brain/controller/APIControl.inc.php index b1c3385..5a974b1 100644 --- a/brain/controller/APIControl.inc.php +++ b/brain/controller/APIControl.inc.php @@ -17,9 +17,22 @@ class APIControl array $args ): ResponseInterface { $filename = ""; + switch (isset($args["third"]) ? $args["third"] : "none") { case "status": $result = AuthAPI::status(); + break; + case "page": + //echo + if (Member::verifyKey($_GET["key"])) { + $result = PagesAPI::getPageContent($request, $args); + } else { + $result = [ + "message" => "API access denied, homie", + "type" => "API_ERROR", + ]; + } + break; case "files": if (Session::active()) { diff --git a/brain/controller/DashControl.inc.php b/brain/controller/DashControl.inc.php index de09137..d0f5bff 100644 --- a/brain/controller/DashControl.inc.php +++ b/brain/controller/DashControl.inc.php @@ -37,6 +37,9 @@ class DashControl "lastBackup" => $updated->format("Y M D d"), "currentTheme" => $settings["global"]["theme"], "themes" => $themes, + "apiStatus" => isset($settings["global"]["externalAPI"]) + ? $settings["global"]["externalAPI"] + : "false", "mailOption" => $settings["email"]["active"], "mailConfig" => $settings["email"], "status" => Session::active(), diff --git a/brain/data/Auth.inc.php b/brain/data/Auth.inc.php index b8cb7c3..136e9b0 100644 --- a/brain/data/Auth.inc.php +++ b/brain/data/Auth.inc.php @@ -44,6 +44,7 @@ class Auth "email" => $found["email"], "role" => $found["role"], "avatar" => $found["avi"], + "key" => $found["key"], ]; $token = Token::create( diff --git a/brain/data/Member.inc.php b/brain/data/Member.inc.php index 277db60..85ad0e6 100644 --- a/brain/data/Member.inc.php +++ b/brain/data/Member.inc.php @@ -7,6 +7,21 @@ class Member { } + public static function verifyKey(string $key) + { + if (isset($key)) { + $folks = (new Settings())->getFolks(); + $found = find($folks, ["key" => $key]); + if ($found) { + return true; + } else { + return false; + } + } else { + return false; + } + } + public static function updateData(string $key, string $data, $secret = null) { $folks = (new Settings())->getFolks(); diff --git a/brain/data/Settings.inc.php b/brain/data/Settings.inc.php index 4917c1e..47703be 100644 --- a/brain/data/Settings.inc.php +++ b/brain/data/Settings.inc.php @@ -5,7 +5,7 @@ use function _\remove; class Settings { private $folks; - private $tags; + private static $tags; private $themes = []; private static $settings; @@ -13,7 +13,7 @@ class Settings { //gets all settings files and converts to php objects $this->folks = json_decode(file_get_contents("../config/folks.json"), true); - $this->tags = json_decode(file_get_contents("../config/tags.json"), true); + self::$tags = json_decode(file_get_contents("../config/tags.json"), true); self::$settings = json_decode( file_get_contents("../config/settings.json"), true @@ -38,6 +38,7 @@ class Settings $settings["global"]["private"] = $data["global"]["private"]; $settings["global"]["renderOnSave"] = $data["global"]["renderOnSave"]; $settings["global"]["theme"] = $data["global"]["theme"]; + $settings["global"]["externalAPI"] = $data["global"]["externalAPI"]; Member::updateData("handle", $data["member"]["handle"]); Member::updateData("email", $data["member"]["email"]); @@ -122,6 +123,11 @@ class Settings return self::$settings; } + public static function getTags() + { + return self::$tags; + } + public static function updateGlobalData($key, $data) { $settings = self::$settings; diff --git a/brain/utility/HandleCors.inc.php b/brain/utility/HandleCors.inc.php new file mode 100644 index 0000000..a5a6c7e --- /dev/null +++ b/brain/utility/HandleCors.inc.php @@ -0,0 +1,51 @@ +getSettings(); + if ($settings["global"]["externalAPI"]) { + //echo "API STATUS: " . $settings["global"]["externalAPI"]; + if ($settings["global"]["externalAPI"] == "true") { + //echo "API ACCESS ACTIVE"; + // checks to see if origin is set + if (isset($_SERVER["HTTP_ORIGIN"])) { + // You can decide if the origin in $_SERVER['HTTP_ORIGIN'] is something you want to allow, or as we do here, just allow all + header("Access-Control-Allow-Origin: {$_SERVER["HTTP_ORIGIN"]}"); + } else { + //No HTTP_ORIGIN set, so we allow any. You can disallow if needed here + //never allow just any domain, so turn CORS off if no No HTTP_ORIGIN is set + //header("Access-Control-Allow-Origin: *"); + } + + header("Access-Control-Allow-Credentials: true"); + header("Access-Control-Max-Age: 600"); // cache for 10 minutes + + if ($_SERVER["REQUEST_METHOD"] == "OPTIONS") { + if (isset($_SERVER["HTTP_ACCESS_CONTROL_REQUEST_METHOD"])) { + header( + "Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE, PUT" + ); + } //Make sure you remove those you do not want to support + + if (isset($_SERVER["HTTP_ACCESS_CONTROL_REQUEST_HEADERS"])) { + header( + "Access-Control-Allow-Headers: {$_SERVER["HTTP_ACCESS_CONTROL_REQUEST_HEADERS"]}" + ); + } + + //Just exit with 200 OK with the above headers for OPTIONS method + exit(0); + } + } else { + //echo "API ACCESS ACTIVE"; + } + } else { + //value doesn't exist, so whatevs + //echo "API ACCESS VALUE NOT PRESENT"; + } + } +} diff --git a/brain/views/dash/_frame.twig b/brain/views/dash/_frame.twig index f8be02a..5ec39d9 100644 --- a/brain/views/dash/_frame.twig +++ b/brain/views/dash/_frame.twig @@ -31,7 +31,7 @@