added key check to use AdminAPI, updated front end classes
This commit is contained in:
parent
2785ef6982
commit
ab40219d9b
8 changed files with 49 additions and 23 deletions
|
@ -20,7 +20,15 @@ class APIControl
|
|||
|
||||
switch (isset($args["third"]) ? $args["third"] : "none") {
|
||||
case "status":
|
||||
$result = AuthAPI::status();
|
||||
if (Member::verifyKey($_GET["key"])) {
|
||||
$result = AuthAPI::status();
|
||||
} else {
|
||||
$result = [
|
||||
"message" => "Valid key required. API access denied, homie",
|
||||
"type" => "API_ERROR",
|
||||
];
|
||||
}
|
||||
|
||||
break;
|
||||
case "page":
|
||||
//echo
|
||||
|
|
|
@ -48,7 +48,7 @@ class Auth
|
|||
];
|
||||
|
||||
$token = Token::create(
|
||||
$found["id"],
|
||||
$found["key"],
|
||||
$found["secret"],
|
||||
time() + 3600,
|
||||
"localhost"
|
||||
|
|
8
public/assets/scripts/dash.min.js
vendored
8
public/assets/scripts/dash.min.js
vendored
File diff suppressed because one or more lines are too long
|
@ -11,7 +11,10 @@ export default class NavIndex {
|
|||
//--------------------------
|
||||
constructor() {
|
||||
this.processing = false;
|
||||
this.admin = new FipamoAdminAPI();
|
||||
this.admin = new FipamoAdminAPI(
|
||||
null,
|
||||
"fe79df250470815bf32dcea70221384c89163cad3a827a9c3da25d87159ed55a"
|
||||
);
|
||||
this.start();
|
||||
}
|
||||
//--------------------------
|
||||
|
|
|
@ -19,7 +19,10 @@ export default class PostEditor {
|
|||
constructor() {
|
||||
this.processing = false;
|
||||
let self = this;
|
||||
this.admin = new FipamoAdminAPI();
|
||||
this.admin = new FipamoAdminAPI(
|
||||
null,
|
||||
"fe79df250470815bf32dcea70221384c89163cad3a827a9c3da25d87159ed55a"
|
||||
);
|
||||
this.urlPieces = document.URL.split("/");
|
||||
this.post = [];
|
||||
this.postID = null;
|
||||
|
|
|
@ -11,7 +11,10 @@ export default class SettingsIndex {
|
|||
constructor() {
|
||||
this.processing = false;
|
||||
this.start();
|
||||
this.admin = new FipamoAdminAPI();
|
||||
this.admin = new FipamoAdminAPI(
|
||||
null,
|
||||
"fe79df250470815bf32dcea70221384c89163cad3a827a9c3da25d87159ed55a"
|
||||
);
|
||||
}
|
||||
//--------------------------
|
||||
// methods
|
||||
|
|
|
@ -28,8 +28,8 @@ export const TASK_PAGE_DELETE = "deletePage";
|
|||
export const TASK_SEND_MAIL = "sendMail";
|
||||
export const TASK_REINDEX_PAGE = "reIndexPages";
|
||||
//** API STATUS **//
|
||||
export const API_ACCESS_GOOD = "apiConnected";
|
||||
export const API_ACCESS_BAD = "apiNotConnected";
|
||||
export const API_ACCESS_GOOD = "apiUseAuthorized";
|
||||
export const API_ACCESS_BAD = "apiUseNotAuthorized";
|
||||
|
||||
/**
|
||||
* A can of methods used to edit install settings, navigation pages.
|
||||
|
@ -48,29 +48,30 @@ class FipamoAdminAPI {
|
|||
this.key = null;
|
||||
if (key) this.key = key;
|
||||
if (baseURL) this.baseURL = baseURL;
|
||||
//checks backend to see if user is logged in and requests encrypted token for api calls
|
||||
this._request(API_STATUS).then((response) => {
|
||||
//if key is valid, checks to see if a session is active and returns
|
||||
this._request(
|
||||
this.baseURL
|
||||
? this.baseURL + API_STATUS + "?key=" + this.key
|
||||
: API_STATUS + "?key=" + this.key
|
||||
).then((response) => {
|
||||
if (response.type === API_ACCESS_GOOD) {
|
||||
this.token = response.token;
|
||||
} else {
|
||||
//don't set token
|
||||
//console.log("NO TOKEN");
|
||||
}
|
||||
});
|
||||
}
|
||||
/**
|
||||
* Method for retrieving user authorizing user login
|
||||
* Promise method for checking credentials. Must login to use Admin API.
|
||||
* @param {object} data - json object that contains data for set up
|
||||
* @property {string} handle - handle for site user
|
||||
* @property {string} password - password for site user
|
||||
*/
|
||||
login(data) {
|
||||
return new Promise((resolve, reject) => {
|
||||
if (this.baseURL) {
|
||||
data.key = this.key;
|
||||
data.remote = true;
|
||||
} else {
|
||||
data.remote = false;
|
||||
}
|
||||
this.baseURL ? (data.remote = true) : (data.remote = false);
|
||||
this.key ? (data.key = this.key) : (data.key = null);
|
||||
this._request(
|
||||
this.baseURL ? this.baseURL + API_LOGIN : API_LOGIN,
|
||||
AUTH_STATUS,
|
||||
|
@ -109,7 +110,9 @@ class FipamoAdminAPI {
|
|||
syncSettings(data) {
|
||||
return new Promise((resolve, reject) => {
|
||||
this._request(
|
||||
this.baseURL ? this.baseURL + API_SETTINGS_SYNC : API_SETTINGS_SYNC,
|
||||
this.baseURL
|
||||
? this.baseURL + API_SETTINGS_SYNC + "?key=" + this.key
|
||||
: API_SETTINGS_SYNC + "?key=" + this.key,
|
||||
TASK_SETTINGS_WRITE,
|
||||
REQUEST_TYPE_POST,
|
||||
CONTENT_TYPE_JSON,
|
||||
|
@ -190,6 +193,13 @@ class FipamoAdminAPI {
|
|||
break;
|
||||
}
|
||||
|
||||
if (this.baseURL) {
|
||||
data.key = this.key;
|
||||
data.remote = true;
|
||||
} else {
|
||||
data.remote = false;
|
||||
}
|
||||
|
||||
return new Promise((resolve, reject) => {
|
||||
this._request(
|
||||
this.baseURL ? this.baseURL + url : url,
|
||||
|
@ -292,7 +302,6 @@ class FipamoAdminAPI {
|
|||
request.open(requestType, requestURL, true);
|
||||
request.onload = () => {
|
||||
if (request.status == 200) {
|
||||
//console.log("RESPONSE", request);
|
||||
let response = JSON.parse(request["response"]);
|
||||
resolve(response);
|
||||
} else {
|
||||
|
|
|
@ -21,7 +21,7 @@ export const TASK_GET_CONTENT = "retrieveContent";
|
|||
/**
|
||||
* Fipamo Content API
|
||||
* A bag of methods for getting page info from an install.
|
||||
* To use remotely, include url of install and user key found in settings.
|
||||
* To use remotely, include url of install and user key found in settings in the Dashboard.
|
||||
*/
|
||||
class FipamoContentAPI {
|
||||
/**
|
||||
|
|
Loading…
Reference in a new issue