moved page editing api methodology to its own api class, session check for pages section

2021-04-14 12:01:49 -07:00 · 2021-04-14 12:01:49 -07:00 · 9cf0cbfbe4
commit 9cf0cbfbe4
parent ed2105edcc
3 changed files with 60 additions and 46 deletions
--- a/brain/api/v1/PagesAPI.inc.php
+++ b/brain/api/v1/PagesAPI.inc.php
@ -0,0 +1,31 @@
+<?php
+
+class PagesAPI
+{
+  public function __construct()
+  {
+  }
+
+  public static function handlePageTask($request, $args)
+  {
+    $task = $args["fourth"];
+    switch ($task) {
+      case "delete":
+      case "create":
+      case "write":
+        $result = (new Book("../content/pages"))->editPage($task, $request);
+        break;
+      case "add-entry-image":
+        $result = ImagesAPI::uploadImage($request);
+        break;
+      default:
+        $result = [
+          "message" => "Hm, no task. That's unfortunate",
+          "type" => "TASK_NONE",
+        ];
+        break;
+    }
+
+    return $result;
+  }
+}
--- a/brain/controller/APIControl.inc.php
+++ b/brain/controller/APIControl.inc.php
@ -3,6 +3,7 @@ use Psr\Http\Message\ResponseInterface;
 use Psr\Http\Message\ServerRequestInterface;

 include "../brain/api/v1/ImagesAPI.inc.php";
+include "../brain/api/v1/PagesAPI.inc.php";

 class APIControl
 {
@ -36,7 +37,7 @@ class APIControl
    }

    //there's only one verion of the api for now
-    //$result = [];
+    $result = [];
    switch (isset($args["third"]) ? $args["third"] : "none") {
      case "login":
        $result = Auth::login($body);
@ -45,36 +46,16 @@ class APIControl
        $result = Auth::logout($body);
        break;
      case "page":
-        //move methdology to its own API class
-        $task = $args["fourth"];
        $token = $request->getHeader("fipamo-access-token");
+        //Verify token for admin tasks
        if (Session::verifyToken($token[0])) {
-          switch ($task) {
-            case "delete":
-            case "create":
-            case "write":
-              $result = (new Book("../content/pages"))->editPage(
-                $task,
-                $request
-              );
-              break;
-            case "add-entry-image":
-              $result = ImagesAPI::uploadImage($request);
-              break;
-            default:
-              $result = [
-                "message" => "Hm, no task. That's unfortunate",
-                "type" => "TASK_NONE",
-              ];
-              break;
-          }
+          $result = PagesAPI::handlePageTask($request, $args);
        } else {
          $result = [
            "message" => "API access denied, homie",
            "type" => "API_ERROR",
          ];
        }
-
        break;
      default:
        $result = [
--- a/brain/controller/DashControl.inc.php
+++ b/brain/controller/DashControl.inc.php
@ -17,6 +17,7 @@ class DashControl
    $template = "";
    switch (isset($args["second"]) ? $args["second"] : "index") {
      case "pages":
+        if (Session::active()) {
          $currentPage = isset($args["fourth"]) ? $args["fourth"] : 1;
          $filter = isset($args["third"]) ? $args["third"] : "all";
          $data = (new Book("../content/pages"))->getPages(
@ -35,6 +36,10 @@ class DashControl
            "paginate" => $data["paginate"],
            "status" => Session::active(),
          ];
+        } else {
+          header("Location: /dashboard");
+          die();
+        }
        break;
      case "page":
        if (Session::active()) {
@ -50,11 +55,8 @@ class DashControl
              "status" => Session::active(),
            ];
          } else {
-            $pageOptions = [
-              "title" => "Fipamo | Create Page",
-              "mode" => $mode,
-              "status" => Session::active(),
-            ];
+            header("Location: /dashboard");
+            die();
          }
        } else {
          $template = "dash/start.twig";