ComunicAPI/index.php

94 lines
2.3 KiB
PHP
Raw Normal View History

2017-05-17 11:48:24 +00:00
<?php
/**
* Comunic Rest API
*
* Serves the data for users
*
* @author Pierre HUBERT
*/
/**
* Page initiator
*/
include(__DIR__."/init.php");
2017-05-17 12:05:23 +00:00
//Include RestControllers
foreach(glob(PROJECT_PATH."RestControllers/*.php") as $restControllerFile){
2017-05-19 16:07:52 +00:00
require_once $restControllerFile;
2017-05-17 12:05:23 +00:00
}
//Include RestServer library
require PROJECT_PATH."3rdparty/RestServer/RestServer.php";
//By default return format is json
2017-05-17 12:05:23 +00:00
if(!isset($_GET["format"]))
2017-05-19 16:07:52 +00:00
$_GET['format'] = "json";
2017-05-17 12:05:23 +00:00
//Specify we are on Comunic API Server
header("Technology: Official Comunic API Server");
2017-06-13 09:01:36 +00:00
//Set debug clients tokens
if($cs->config->get("site_mode") === "debug"){ //DEBUG ONLY
2017-05-17 12:43:12 +00:00
$_POST['serviceName'] = "testService";
$_POST['serviceToken'] = "testPasswd";
}
2017-06-13 09:01:36 +00:00
//Check client tokens
2017-05-19 16:07:52 +00:00
if(!$cs->tokens->checkClientRequestTokens())
Rest_fatal_error(401, "Please check your client tokens!");
2017-06-13 09:01:36 +00:00
//Check for remote requests limit
if(defined("APIServiceDomain")){
//First, limit requests
header("Access-Control-Allow-Origin: ".APIServiceDomain);
//Then check for referer
if(!isset($_SERVER["HTTP_REFERER"]))
Rest_fatal_error(401, "Access from direct requests denied with this client token !");
2017-06-13 09:01:36 +00:00
//Check the referer
if(get_url_domain($_SERVER["HTTP_REFERER"]) !== APIServiceDomain)
Rest_fatal_error(401, "Access denied from this domain with this client token !");
}
else {
//Allow remote requests from anywhere
header("Access-Control-Allow-Origin: *");
}
2017-05-19 16:07:52 +00:00
//Check if login tokens where specified
if(isset($_POST['userToken1']) AND isset($_POST['userToken2'])){
//Try to login user
$userID = $cs->components->user->getUserIDfromToken(APIServiceID, array(
2017-05-19 16:07:52 +00:00
$_POST['userToken1'],
$_POST['userToken2']
));
if($userID < 1){
Rest_fatal_error(401, "Please check your login tokens!");
}
//Else save userID
define("userID", $userID);
}
else {
//Defined userID is number 0
define("userID", 0);
}
2017-05-17 12:43:12 +00:00
2017-05-17 12:05:23 +00:00
/**
* Handle Rest requests
*/
$server = new \Jacwright\RestServer\RestServer($cs->config->get("site_mode"));
//Include controllers
foreach(get_included_files() as $filePath){
2017-05-19 16:07:52 +00:00
if(preg_match("<RestControllers>", $filePath)){
$className = strstr($filePath, "RestControllers/");
$className = str_replace(array("RestControllers/", ".php"), "", $className);
$server->addClass($className);
}
2017-05-17 12:05:23 +00:00
}
//Hanlde
$server->handle();