From 3d17771f765a40da0ccf63327ca03c4242d9aa0c Mon Sep 17 00:00:00 2001 From: ro Date: Sat, 13 Jul 2024 14:23:01 -0600 Subject: [PATCH] API Decoupling, Part 1 The first part of improving the API is removing all admin functions from the front end so those no admin methods will be available client side. The urls in the FipamoAdmin js file have been changed to post directly to the system and they are handled from there. To account for this change controller routes for every standard method have been created for better organization and readability. The FipamoAdmin js file will be integrated with the rest of the front end code and will not be seperate library --- app/Http/Controllers/DashController.php | 40 +++++++---- .../Controllers/RouteDeleteController.php | 29 ++++++++ ...eController.php => RouteGetController.php} | 14 +--- app/Http/Controllers/RoutePostController.php | 60 ++++++++++++++++ app/Http/Controllers/RoutePutController.php | 71 +++++++++++++++++++ .../scripts/dash/libraries/FipamoAdminAPI.js | 62 ++++++---------- resources/views/forms/login.blade.php | 2 +- resources/views/frame.blade.php | 1 + routes/web.php | 15 +++- 9 files changed, 224 insertions(+), 70 deletions(-) create mode 100644 app/Http/Controllers/RouteDeleteController.php rename app/Http/Controllers/{RouteController.php => RouteGetController.php} (83%) create mode 100644 app/Http/Controllers/RoutePostController.php create mode 100644 app/Http/Controllers/RoutePutController.php diff --git a/app/Http/Controllers/DashController.php b/app/Http/Controllers/DashController.php index ae4b7a7..9f652b2 100644 --- a/app/Http/Controllers/DashController.php +++ b/app/Http/Controllers/DashController.php @@ -26,6 +26,10 @@ class DashController extends Controller $this->sort = $sortingService; } + //--- + // GET + //--- + public function init($second, $third, $fourth) { switch ($second) { @@ -52,18 +56,6 @@ class DashController extends Controller } } - public function login() - { - if ($this->member::status()) { - return redirect('dashboard'); - } else { - return view('back.login', [ - "status" => $this->member::status(), - "title" => "Hi!" - ]); - } - } - public function start() { $result = []; @@ -119,6 +111,30 @@ class DashController extends Controller return view('back.settings', $this->sort->settings()); } + //--- + // POST + //--- + + //--- + // PUT + //--- + + //--- + // AUTH + //--- + + public function login() + { + if ($this->member::status()) { + return redirect('dashboard'); + } else { + return view('back.login', [ + "status" => $this->member::status(), + "title" => "Hi!" + ]); + } + } + public function logout() { session()->flush(); diff --git a/app/Http/Controllers/RouteDeleteController.php b/app/Http/Controllers/RouteDeleteController.php new file mode 100644 index 0000000..857ad22 --- /dev/null +++ b/app/Http/Controllers/RouteDeleteController.php @@ -0,0 +1,29 @@ +page = $pageRepo; + } + + public function handleRequest(Request $request) + { + $path = explode('/', $request->path()); + switch ($path[0]) { + case 'page': + $body = json_decode($request->getContent()); + $result = $this->page->delete($body); + return response()->json($result)->header('Content-Type', 'application/json'); + break; + } + } +} diff --git a/app/Http/Controllers/RouteController.php b/app/Http/Controllers/RouteGetController.php similarity index 83% rename from app/Http/Controllers/RouteController.php rename to app/Http/Controllers/RouteGetController.php index 71f92a4..d15665f 100644 --- a/app/Http/Controllers/RouteController.php +++ b/app/Http/Controllers/RouteGetController.php @@ -3,9 +3,8 @@ namespace App\Http\Controllers; use App\Interfaces\MemberRepositoryInterface; -use Illuminate\Http\Request; -class RouteController extends Controller +class RouteGetController extends Controller { protected $dash; protected $gate; @@ -27,7 +26,7 @@ class RouteController extends Controller $this->member = $memberRepo; } - public function get($first = null, $second = null, $third = null, $fourth = null) + public function handleRequest($first = null, $second = null, $third = null, $fourth = null) { if (isset($first) && !is_numeric($first)) { switch ($first) { @@ -58,13 +57,4 @@ class RouteController extends Controller return $this->front->index($first, $second, $third); } } - - public function post(Request $request) - { - switch ($request->path()) { - case 'login': - return $this->gate->enter($request); - break; - } - } } diff --git a/app/Http/Controllers/RoutePostController.php b/app/Http/Controllers/RoutePostController.php new file mode 100644 index 0000000..25e7781 --- /dev/null +++ b/app/Http/Controllers/RoutePostController.php @@ -0,0 +1,60 @@ +page = $pageRepo; + $this->gate = $authController; + } + + public function handleRequest(Request $request) + { + $path = explode('/', $request->path()); + switch ($path[0]) { + case 'login': + return $this->gate->enter($request); + break; + case 'page': + $body = json_decode($request->getContent()); + $result = $this->page->create($body); + return response()->json($result)->header('Content-Type', 'application/json'); + break; + case 'settings': + if ($path[1] == 'mailer') { + return $this->sendNotify($request); + } + break; + } + } + + private function sendNotify($request) + { + $result = []; + try { + Mail::to(env('ADMIN_EMAIL'))->send(new SystemEmail($request->content)); + $result = [ + 'type' => 'mail_good', + 'message' => 'Mail Sent', + ]; + } catch (TransportException $e) { + $result = [ + 'type' => 'mail_not_good', + 'message' => 'Mail Not Sent. It\'s cool. Just check mail settings in the .env', + ]; + } + + return response()->json($result)->header('Content-Type', 'application/json'); + } +} diff --git a/app/Http/Controllers/RoutePutController.php b/app/Http/Controllers/RoutePutController.php new file mode 100644 index 0000000..12075ba --- /dev/null +++ b/app/Http/Controllers/RoutePutController.php @@ -0,0 +1,71 @@ +page = $pageRepo; + $this->assets = $assetService; + $this->render = $renderService; + $this->settings = $settingsService; + $this->member = $memberRepo; + } + + public function handleRequest(Request $request) + { + $path = explode('/', $request->path()); + switch ($path[0]) { + case 'page': + $body = json_decode($request->getContent()); + $result = $this->page->update($body); + return response()->json($result)->header('Content-Type', 'application/json'); + break; + case 'settings': + return $this->settingsTasks($request, $path[1]); + break; + } + } + + private function settingsTasks($request, $task) + { + $result = []; + switch ($task) { + case 'publish': + $this->assets->moveToTheme(true); + $result = $this->render->publishAll(); + break; + case 'sync': + $body = json_decode($request->getContent()); + //update member if needed + $this->member->update($body->member); + //sync settings + $result = $this->settings->sync($body); + break; + case 'nav-sync': + $body = json_decode($request->getContent()); + $result = $this->settings->navSync($body); + break; + } + return response()->json($result)->header('Content-Type', 'application/json'); + } +} diff --git a/public/assets/scripts/dash/libraries/FipamoAdminAPI.js b/public/assets/scripts/dash/libraries/FipamoAdminAPI.js index 2426932..c0f27b8 100644 --- a/public/assets/scripts/dash/libraries/FipamoAdminAPI.js +++ b/public/assets/scripts/dash/libraries/FipamoAdminAPI.js @@ -6,20 +6,21 @@ export const REQUEST_TYPE_DELETE = 'DELETE'; //** POST CONTENT TYPES **// export const CONTENT_TYPE_JSON = 'json'; export const CONTENT_TYPE_FORM = 'x-www-form-urlencoded'; -//** API URLS **// -export const API_STATUS = '/api/v1/status'; -export const API_GET_SETTINGS = '/api/v1/settings/site'; -export const API_GET_MEMBER_INFO = '/api/v1/settings/member'; -export const API_NEW_PAGE = '/api/v1/page/create'; -export const API_EDIT_PAGE = '/api/v1/page/write'; -export const API_DELETE_PAGE = '/api/v1/page/delete'; -export const API_SETTINGS_SYNC = '/api/v1/settings/sync'; -export const API_PUBLISH_PAGES = '/api/v1/settings/publish'; -export const API_NAV_SYNC = '/api/v1/settings/nav-sync'; -export const API_REINDEX_PAGES = '/api/v1/settings/reindex'; -export const API_SEND_MAIL = '/api/v1/mailer'; -export const API_LOGIN = '/api/v1/login'; -//** API TASKS **// +//** ACTIONS URLS **// +export const API_NEW_PAGE = '/page/create'; +export const API_EDIT_PAGE = '/page/write'; +export const API_DELETE_PAGE = '/page/delete'; +export const API_GET_SETTINGS = '/settings/site'; +export const API_SETTINGS_SYNC = '/settings/sync'; +export const API_PUBLISH_PAGES = '/settings/publish'; +export const API_NAV_SYNC = '/settings/nav-sync'; + +export const API_GET_MEMBER_INFO = '/settings/member'; +export const API_REINDEX_PAGES = '/settings/reindex'; +export const API_SEND_MAIL = '/settings/mailer'; + +export const API_LOGIN = '/login'; +//** ACTIONS TASKS **// export const AUTH_STATUS = 'getAuthStatus'; export const TASK_SETTINGS_WRITE = 'writeSettings'; export const TASK_PUBLISH_SITE = 'publishSite'; @@ -32,7 +33,7 @@ export const TASK_SYNC_SETTNIGS = 'syncSite'; export const TASK_SYNC_NAV = 'syncNav'; export const TASK_GET_SETTINGS = 'getSiteSettings'; export const TASK_GET_MEMBER_INFO = 'getMemberInfo'; -//** API STATUS **// +//** ACTIONS STATUS **// export const API_ACCESS_GOOD = 'apiUseAuthorized'; export const API_ACCESS_BAD = 'apiUseNotAuthorized'; @@ -52,17 +53,6 @@ class FipamoAdminAPI { this.progressBar = progressBar; this.status = false; if (baseURL) this.baseURL = baseURL; - //asks server if a session is active - this._request(this.baseURL ? this.baseURL + API_STATUS : API_STATUS).then( - response => { - if (response.type === API_ACCESS_GOOD) { - this.token = response.token; - } else { - //don't set token - //console.log("NO TOKEN"); - } - } - ); } /** * Promise method for authenticating and starting a session\ @@ -375,6 +365,10 @@ class FipamoAdminAPI { self.handleLoadProgress(e, self.progressBar) ); request.open(requestType, requestURL, true); + request.setRequestHeader( + 'X-CSRF-TOKEN', + document.querySelector('meta[name="csrf-token"]').content + ); request.onload = () => { if (request.status == 200) { let response = JSON.parse(request['response']); @@ -389,16 +383,6 @@ class FipamoAdminAPI { requestType == REQUEST_TYPE_POST || requestType == REQUEST_TYPE_DELETE ) { - if ( - eventType === TASK_SETTINGS_WRITE || - eventType === TASK_PAGE_EDIT || - eventType === TASK_PAGE_CREATE || - eventType === TASK_PAGE_DELETE || - eventType === TASK_PUBLISH_SITE || - eventType === TASK_REINDEX_PAGE - ) - request.setRequestHeader('fipamo-access-token', self.token); - switch (contentType) { case CONTENT_TYPE_JSON: request.setRequestHeader( @@ -412,12 +396,6 @@ class FipamoAdminAPI { break; } } else { - if ( - eventType === TASK_GET_SETTINGS || - eventType === TASK_GET_MEMBER_INFO - ) { - request.setRequestHeader('fipamo-access-token', self.token); - } request.send(); } }); diff --git a/resources/views/forms/login.blade.php b/resources/views/forms/login.blade.php index 7de501e..173c7fe 100644 --- a/resources/views/forms/login.blade.php +++ b/resources/views/forms/login.blade.php @@ -3,7 +3,6 @@
- @csrf @if($errors->any()) @@ -11,5 +10,6 @@ @else @endif + @csrf
diff --git a/resources/views/frame.blade.php b/resources/views/frame.blade.php index 5bd1fed..d63f2be 100644 --- a/resources/views/frame.blade.php +++ b/resources/views/frame.blade.php @@ -5,6 +5,7 @@ + @yield('title') diff --git a/routes/web.php b/routes/web.php index 592cf28..4bc788d 100644 --- a/routes/web.php +++ b/routes/web.php @@ -1,7 +1,11 @@ middleware(VerifyCsrfToken::class); +Route::put("/{first?}/{second?}/{third?}", [RoutePutController::class, 'handleRequest']) + ->middleware(VerifyCsrfToken::class); +Route::delete("/{first?}/{second?}/{third?}", [RouteDeleteController::class, 'handleRequest']) + ->middleware(VerifyCsrfToken::class);