mirror of
https://github.com/pierre42100/ComunicAPI
synced 2024-11-26 23:39:28 +00:00
93 lines
2.2 KiB
PHP
93 lines
2.2 KiB
PHP
<?php
|
|
/**
|
|
* Comunic Rest API
|
|
*
|
|
* Serves the data for users
|
|
*
|
|
* @author Pierre HUBERT
|
|
*/
|
|
|
|
/**
|
|
* Page initiator
|
|
*/
|
|
include(__DIR__."/init.php");
|
|
|
|
//Include RestControllers
|
|
foreach(glob(PROJECT_PATH."RestControllers/*.php") as $restControllerFile){
|
|
require_once $restControllerFile;
|
|
}
|
|
|
|
//Include RestServer library
|
|
require PROJECT_PATH."3rdparty/RestServer/RestServer.php";
|
|
|
|
//By default return format is json
|
|
if(!isset($_GET["format"]))
|
|
$_GET['format'] = "json";
|
|
|
|
//Specify we are on Comunic API Server
|
|
header("Technology: Official Comunic API Server");
|
|
|
|
//Check client tokens
|
|
if(!$cs->clients->checkClientRequestTokens())
|
|
Rest_fatal_error(401, "Please check your client tokens!");
|
|
|
|
//Check for remote requests limit
|
|
if(defined("APIServiceDomain")){
|
|
|
|
//First, limit requests
|
|
header("Access-Control-Allow-Origin: https://".APIServiceDomain);
|
|
|
|
//Then check for referer
|
|
if(!isset($_SERVER["HTTP_REFERER"]))
|
|
Rest_fatal_error(401, "Access from direct requests denied with this client token !");
|
|
|
|
//Check the referer
|
|
if(get_url_domain($_SERVER["HTTP_REFERER"]) !== APIServiceDomain)
|
|
Rest_fatal_error(401, "Access denied from this domain with this client token !");
|
|
}
|
|
else {
|
|
//Allow remote requests from anywhere
|
|
header("Access-Control-Allow-Origin: *");
|
|
}
|
|
|
|
//Check if login tokens where specified
|
|
if(isset($_POST['userToken1']) AND isset($_POST['userToken2'])){
|
|
//Try to login user
|
|
$userID = $cs->components->account->getUserIDfromToken(APIServiceID, array(
|
|
$_POST['userToken1'],
|
|
$_POST['userToken2']
|
|
));
|
|
|
|
if($userID < 1){
|
|
Rest_fatal_error(412, "Please check your login tokens!");
|
|
}
|
|
|
|
//Else save userID
|
|
define("userID", $userID);
|
|
}
|
|
else {
|
|
//Defined userID is number 0
|
|
define("userID", 0);
|
|
}
|
|
|
|
//Setup API limits
|
|
require_once "classes/APILimits.php";
|
|
$api_limits = new APILimits();
|
|
cs()->register("limit", $api_limits);
|
|
|
|
/**
|
|
* Handle Rest requests
|
|
*/
|
|
$server = new \Jacwright\RestServer\RestServer($cs->config->get("site_mode"));
|
|
|
|
//Include controllers
|
|
foreach(get_included_files() as $filePath){
|
|
if(preg_match("<RestControllers>", $filePath)){
|
|
$className = strstr($filePath, "RestControllers/");
|
|
$className = str_replace(array("RestControllers/", ".php"), "", $className);
|
|
$server->addClass($className);
|
|
}
|
|
}
|
|
|
|
//Hanlde
|
|
$server->handle(); |