Beispiel #1
0
    $event = json_decode($app->request()->getBody());
    $p = json_decode(json_encode($event), True);
    // Reading options from POST/PUT
    $cookie = genUuid();
    $output = apiLogin($db, $p, $cookie);
    if ($output['code'] == 200) {
        // User is authenticated, need to set the cookie
        $app->setCookie('unetlab_session', $cookie, SESSION, '/api/', $_SERVER['SERVER_NAME'], False, False);
    }
    $app->response->setStatus($output['code']);
    $app->response->setBody(json_encode($output));
});
$app->get('/api/auth/logout', function () use($app, $db) {
    // Logout (DELETE request does not work with cookies)
    $cookie = $app->getCookie('unetlab_session');
    $app->deleteCookie('unetlab_session');
    $output = apiLogout($db, $cookie);
    $app->response->setStatus($output['code']);
    $app->response->setBody(json_encode($output));
});
$app->get('/api/auth', function () use($app, $db) {
    list($user, $tenant, $output) = apiAuthorization($db, $app->getCookie('unetlab_session'));
    if ($user === False) {
        // Set 401 not 412 for this page only -> used to refresh after a logout
        $output['code'] = 401;
        $app->response->setStatus($output['code']);
        $app->response->setBody(json_encode($output));
        return;
    }
    if (checkFolder(BASE_LAB . $user['folder']) !== 0) {
        // User has an invalid last viewed folder
 /**
  * Test delete cookie
  *
  * This method ensures that the `Set-Cookie:` HTTP response
  * header is set. The implementation of setting the response
  * cookie is tested separately in another file.
  */
 public function testDeleteCookie()
 {
     \Slim\Environment::mock(array('SCRIPT_NAME' => '/foo', 'PATH_INFO' => '/bar', 'COOKIE' => 'foo=bar; foo2=bar2'));
     $s = new \Slim\Slim();
     $s->get('/bar', function () use($s) {
         $s->setCookie('foo', 'bar');
         $s->deleteCookie('foo');
     });
     $s->call();
     $cookie = $s->response->cookies->get('foo');
     $this->assertEquals(1, count($s->response->cookies));
     $this->assertEquals('', $cookie['value']);
     $this->assertLessThan(time(), $cookie['expires']);
 }
Beispiel #3
0
 /**
  * Test delete cookie
  *
  * This method ensures that the `Set-Cookie:` HTTP response
  * header is set. The implementation of setting the response
  * cookie is tested separately in another file.
  */
 public function testDeleteCookie()
 {
     \Slim\Environment::mock(array('SCRIPT_NAME' => '/foo', 'PATH_INFO' => '/bar', 'COOKIE' => 'foo=bar; foo2=bar2'));
     $s = new \Slim\Slim();
     $s->get('/bar', function () use($s) {
         $s->setCookie('foo', 'bar');
         $s->deleteCookie('foo');
     });
     $s->call();
     list($status, $header, $body) = $s->response()->finalize();
     $cookies = explode("\n", $header['Set-Cookie']);
     $this->assertEquals(1, count($cookies));
     $this->assertEquals(1, preg_match('@^foo=;@', $cookies[0]));
 }
Beispiel #4
0
                 $sql_text->bindParam(1, $lan);
                 $sql_text->execute();
                 $query = 'DELETE FROM Language WHERE lan =?';
                 $sql_lan = $db->prepare($query);
                 $sql_lan->bindParam(1, $lan);
                 $sql_lan->execute();
             } catch (Exception $e) {
                 $app->halt(503, json_encode(['type' => 'Error', 'title' => 'Oops, something went wrong!', 'message' => $e->getMessage()]));
             } finally {
                 $db = null;
             }
         } else {
             $app->halt(503, json_encode(['type' => 'Error', 'title' => 'Oops, something went wrong!', 'message' => 'No database connection']));
         }
         if ($app->getCookie('aco-lan') === $lan) {
             $app->deleteCookie('aco-lan');
             $app->redirect($app->urlFor('getContent'));
         } else {
             $app->redirect($app->urlFor('getContent'));
         }
     } else {
         $app->halt(403, json_encode(['type' => 'error', 'title' => 'Forbidden Request', 'message' => 'You do not have the permission to call this request.']));
     }
 });
 $app->delete('/remove/lan/:lan', function ($lan) use($app) {
     if (isset($data->token) && security_token($data->token)) {
         if (($db = connectToMySql()) !== false) {
             try {
                 $query = 'DELETE FROM Language WHERE lan = ?';
                 $sql_lan = $db->prepare($query);
                 $sql_lan->bindParam(1, $lan);
Beispiel #5
0
$app->get('/hello/:name', function ($name) {
    echo "Hello, {$name}";
});
$app->get('/test/:name', function ($name) use($app) {
    $headers = $app->request->headers;
    var_dump($headers);
    echo "Hello, {$name}";
});
// response
$app->post('/books', function () use($app) {
    //Create book
    $body = $app->request->getBody();
    echo $body;
    $app->response->setStatus(400);
    $app->setCookie('foo', 'bar', '2 days');
    $app->deleteCookie('foo');
    // Overwrite response body
    $app->response->setBody('Foo');
    // Append response body
    $app->response->write('Bar');
    // response json string with application/json header
    $arr = array("name" => "jerry", "age" => 25);
    $app->response->json($arr);
});
$app->delete('/books/:id', function ($id) {
    //Delete book identified by $id
});
$app->get('/archive(/:year(/:month(/:day)))', function ($year = 2010, $month = 12, $day = 05) {
    echo sprintf('%s-%s-%s', $year, $month, $day);
});
// middleware for special route
    $app->redirect($url);
});
$app->get('/app/callback', function () use($app) {
    if ($code = $app->request->params('code')) {
        $config = new \Models\OAuthConfig();
        $client = new \GuzzleHttp\Client();
        $params = ['code' => $code, 'grant_type' => 'authorization_code', 'client_id' => $config->getClientId(), 'client_secret' => $config->getClientSecret(), 'redirect_uri' => 'https://' . $_SERVER['HTTP_HOST'] . '/app/callback'];
        $response = $client->post($config->getTokenUri(), ['form_params' => $params]);
        $json = json_decode($response->getBody(), true);
        Helpers\App::setAccessToken($json);
        $app->redirect('/app');
    } else {
        if ($error = $app->request->params('error')) {
            echo $error;
        }
    }
});
$app->get('/app', function () use($app) {
    if (Helpers\App::isAuthorized()) {
        $cookie = Helpers\App::getCookie();
        $client = new \GuzzleHttp\Client();
        $response = $client->get('https://www.googleapis.com/drive/v2/files', ['headers' => ['Authorization' => 'Bearer ' . $cookie['access_token'], 'Referer' => Helpers\App::getUrl()]]);
        $files = new Models\Files($response->getBody());
        $app->render('files.phtml', ['files' => $files->formatData()]);
    }
});
$app->get('/app/logout', function () use($app) {
    $app->deleteCookie(Helpers\App::COOKIE);
    $app->redirect('/app/auth');
});
$app->run();
            // OK
            echo json_encode(array('operation' => 'login', 'status' => 'ok'));
        } else {
            throw new AuthenticateFailedException();
        }
    } catch (AuthenticateFailedException $e) {
        $app->response()->status(401);
        $app->response()->header('X-Status-Reason', 'Login failure');
    } catch (Exception $e) {
        $app->response()->status(400);
        $app->response()->header('X-Status-Reason', $e->getMessage());
    }
});
$app->get('/logout', function () use($app) {
    try {
        $app->deleteCookie('username');
        $app->deleteCookie('password');
        $app->response()->header('Content-Type', 'application/json');
        $app->response()->status(200);
        // OK
        echo json_encode(array('operation' => 'logout', 'status' => 'ok'));
    } catch (Exception $e) {
        $app->response()->status(400);
        $app->response()->header('X-Status-Reason', $e->getMessage());
    }
});
// API for CRUD operations on Contacts
$app->get('/contacts', $checkLoggedOn($app), function () use($app) {
    try {
        $contacts = R::find('contacts');
        $app->response()->header('Content-Type', 'application/json');