fipamo/brain/controller/APIControl.inc.php

197 lines
5.7 KiB
PHP
Raw Normal View History

<?php
use Psr\Http\Message\ResponseInterface;
use Psr\Http\Message\ServerRequestInterface;
2021-04-17 05:50:03 +02:00
include "../brain/api/v1/AuthAPI.inc.php";
include "../brain/api/v1/ImagesAPI.inc.php";
include "../brain/api/v1/PagesAPI.inc.php";
include "../brain/api/v1/SettingsAPI.inc.php";
include "../brain/api/v1/InitAPI.inc.php";
include "../brain/api/v1/MailerAPI.inc.php";
class APIControl
{
public static function get(
ServerRequestInterface $request,
ResponseInterface $response,
array $args
): ResponseInterface {
$filename = "";
switch (isset($args["third"]) ? $args["third"] : "none") {
case "status":
if (Member::verifyKey($_GET["key"])) {
$result = AuthAPI::status();
} else {
$result = [
"message" => "Valid key required. API access denied, homie",
"type" => "API_ERROR",
];
}
break;
case "page":
//echo
if (Member::verifyKey($_GET["key"])) {
$result = PagesAPI::getPageContent($request, $args);
} else {
$result = [
"message" => "API access denied, homie",
"type" => "API_ERROR",
];
}
break;
case "files":
if (Session::active()) {
if ($args["third"] == "backup") {
$filename = "../config/backups/latest_backup.zip";
if (file_exists($filename)) {
header("Content-Type: application/zip");
header(
'Content-Disposition: attachment; filename="' .
basename($filename) .
'"'
);
header("Content-Length: " . filesize($filename));
flush();
// return readfile($filename);
//readfile($filename);
// delete file
//unlink($filename);
}
}
} else {
$result = [
"message" => "API access denied, homie",
"type" => "API_ERROR",
];
}
default:
break;
}
$freshResponse = $response;
if ($args["third"] == "files") {
$freshResponse
->getBody()
->write(file_get_contents("../config/backups/latest_back.zip"));
$freshResponse->withHeader("Content-Type", "application/zip");
return $freshResponse->withAddedHeader(
"Content-Disposition",
"attachment; filename=latest_backup.zip"
);
} else {
$response->getBody()->write(json_encode($result));
return $response->withHeader("Content-Type", "application/json");
}
}
public static function post(
ServerRequestInterface $request,
ResponseInterface $response,
array $args
): ResponseInterface {
$contentType = $request->getHeader("Content-Type");
switch ($contentType[0]) {
case "application/json":
$body = json_decode(file_get_contents("php://input"), true);
break;
default:
break;
}
switch (isset($args["third"]) ? $args["third"] : "none") {
2021-05-06 21:45:39 +02:00
case "restore": //move to 'api/auth'
case "init": //move to 'api/auth'
$task = $args["third"];
$result = InitApi::handleInitTasks(
$task,
$task == "init" ? $body : $request
);
break;
2021-05-06 21:45:39 +02:00
case "backup": //move to 'api/auth'
$token = $request->getHeader("fipamo-access-token");
//Verify token for admin tasks
if (Session::verifyToken($token[0])) {
$result = SettingsAPI::createBackup();
} else {
$result = [
"message" => "API access denied, homie",
"type" => "API_ERROR",
];
}
break;
2021-05-06 21:45:39 +02:00
case "login": //move to 'api/auth'
//check if request is remote and if so, verify token
if ($body["remote"] || $body["remote"] == "true") {
if (Member::verifyKey($body["key"])) {
$result = AuthAPI::login($body);
} else {
$result = [
"message" => "API access denied, homie",
"type" => "API_ERROR",
];
}
} else {
//request is local, so it's cool
$result = AuthAPI::login($body);
}
break;
2021-05-06 21:45:39 +02:00
case "logout": //move to 'api/auth'
2021-04-17 05:50:03 +02:00
$result = AuthAPI::logout($body);
break;
2021-05-06 21:45:39 +02:00
case "get-secret": //move to 'api/auth'
$result = AuthAPI::requestSecret($body);
break;
case "reset-password": //move to 'api/auth'
$result = AuthAPI::resetPassword($body);
break;
case "page":
$token = $request->getHeader("fipamo-access-token");
//Verify token for admin tasks
if (Session::verifyToken($token[0])) {
$result = PagesAPI::handlePageTask($request, $args);
} else {
$result = [
"message" => "API access denied, homie",
"type" => "API_ERROR",
];
}
break;
case "settings":
$token = $request->getHeader("fipamo-access-token");
if (Session::verifyToken($token[0])) {
if (isset($body)) {
$postBody = $body;
} else {
$postBody = null;
}
$result = SettingsAPI::handleSettingsTask($request, $args, $postBody);
} else {
$result = [
"message" => "API access denied, homie",
"type" => "API_ERROR",
];
}
break;
case "mailer":
$result = MailerAPI::handleMail($request, $body, $response);
break;
default:
$result = [
"message" => "Oh, nothing to do. That's unfortunate",
"type" => "TASK_NONE",
];
break;
}
$response->getBody()->write(json_encode($result));
return $response->withHeader("Content-Type", "application/json");
}
}