$event = json_decode($app->request()->getBody()); $p = json_decode(json_encode($event), True); // Reading options from POST/PUT $cookie = genUuid(); $output = apiLogin($db, $p, $cookie); if ($output['code'] == 200) { // User is authenticated, need to set the cookie $app->setCookie('unetlab_session', $cookie, SESSION, '/api/', $_SERVER['SERVER_NAME'], False, False); } $app->response->setStatus($output['code']); $app->response->setBody(json_encode($output)); }); $app->get('/api/auth/logout', function () use($app, $db) { // Logout (DELETE request does not work with cookies) $cookie = $app->getCookie('unetlab_session'); $app->deleteCookie('unetlab_session'); $output = apiLogout($db, $cookie); $app->response->setStatus($output['code']); $app->response->setBody(json_encode($output)); }); $app->get('/api/auth', function () use($app, $db) { list($user, $tenant, $output) = apiAuthorization($db, $app->getCookie('unetlab_session')); if ($user === False) { // Set 401 not 412 for this page only -> used to refresh after a logout $output['code'] = 401; $app->response->setStatus($output['code']); $app->response->setBody(json_encode($output)); return; } if (checkFolder(BASE_LAB . $user['folder']) !== 0) { // User has an invalid last viewed folder
/** * Test delete cookie * * This method ensures that the `Set-Cookie:` HTTP response * header is set. The implementation of setting the response * cookie is tested separately in another file. */ public function testDeleteCookie() { \Slim\Environment::mock(array('SCRIPT_NAME' => '/foo', 'PATH_INFO' => '/bar', 'COOKIE' => 'foo=bar; foo2=bar2')); $s = new \Slim\Slim(); $s->get('/bar', function () use($s) { $s->setCookie('foo', 'bar'); $s->deleteCookie('foo'); }); $s->call(); $cookie = $s->response->cookies->get('foo'); $this->assertEquals(1, count($s->response->cookies)); $this->assertEquals('', $cookie['value']); $this->assertLessThan(time(), $cookie['expires']); }
/** * Test delete cookie * * This method ensures that the `Set-Cookie:` HTTP response * header is set. The implementation of setting the response * cookie is tested separately in another file. */ public function testDeleteCookie() { \Slim\Environment::mock(array('SCRIPT_NAME' => '/foo', 'PATH_INFO' => '/bar', 'COOKIE' => 'foo=bar; foo2=bar2')); $s = new \Slim\Slim(); $s->get('/bar', function () use($s) { $s->setCookie('foo', 'bar'); $s->deleteCookie('foo'); }); $s->call(); list($status, $header, $body) = $s->response()->finalize(); $cookies = explode("\n", $header['Set-Cookie']); $this->assertEquals(1, count($cookies)); $this->assertEquals(1, preg_match('@^foo=;@', $cookies[0])); }
$sql_text->bindParam(1, $lan); $sql_text->execute(); $query = 'DELETE FROM Language WHERE lan =?'; $sql_lan = $db->prepare($query); $sql_lan->bindParam(1, $lan); $sql_lan->execute(); } catch (Exception $e) { $app->halt(503, json_encode(['type' => 'Error', 'title' => 'Oops, something went wrong!', 'message' => $e->getMessage()])); } finally { $db = null; } } else { $app->halt(503, json_encode(['type' => 'Error', 'title' => 'Oops, something went wrong!', 'message' => 'No database connection'])); } if ($app->getCookie('aco-lan') === $lan) { $app->deleteCookie('aco-lan'); $app->redirect($app->urlFor('getContent')); } else { $app->redirect($app->urlFor('getContent')); } } else { $app->halt(403, json_encode(['type' => 'error', 'title' => 'Forbidden Request', 'message' => 'You do not have the permission to call this request.'])); } }); $app->delete('/remove/lan/:lan', function ($lan) use($app) { if (isset($data->token) && security_token($data->token)) { if (($db = connectToMySql()) !== false) { try { $query = 'DELETE FROM Language WHERE lan = ?'; $sql_lan = $db->prepare($query); $sql_lan->bindParam(1, $lan);
$app->get('/hello/:name', function ($name) { echo "Hello, {$name}"; }); $app->get('/test/:name', function ($name) use($app) { $headers = $app->request->headers; var_dump($headers); echo "Hello, {$name}"; }); // response $app->post('/books', function () use($app) { //Create book $body = $app->request->getBody(); echo $body; $app->response->setStatus(400); $app->setCookie('foo', 'bar', '2 days'); $app->deleteCookie('foo'); // Overwrite response body $app->response->setBody('Foo'); // Append response body $app->response->write('Bar'); // response json string with application/json header $arr = array("name" => "jerry", "age" => 25); $app->response->json($arr); }); $app->delete('/books/:id', function ($id) { //Delete book identified by $id }); $app->get('/archive(/:year(/:month(/:day)))', function ($year = 2010, $month = 12, $day = 05) { echo sprintf('%s-%s-%s', $year, $month, $day); }); // middleware for special route
$app->redirect($url); }); $app->get('/app/callback', function () use($app) { if ($code = $app->request->params('code')) { $config = new \Models\OAuthConfig(); $client = new \GuzzleHttp\Client(); $params = ['code' => $code, 'grant_type' => 'authorization_code', 'client_id' => $config->getClientId(), 'client_secret' => $config->getClientSecret(), 'redirect_uri' => 'https://' . $_SERVER['HTTP_HOST'] . '/app/callback']; $response = $client->post($config->getTokenUri(), ['form_params' => $params]); $json = json_decode($response->getBody(), true); Helpers\App::setAccessToken($json); $app->redirect('/app'); } else { if ($error = $app->request->params('error')) { echo $error; } } }); $app->get('/app', function () use($app) { if (Helpers\App::isAuthorized()) { $cookie = Helpers\App::getCookie(); $client = new \GuzzleHttp\Client(); $response = $client->get('https://www.googleapis.com/drive/v2/files', ['headers' => ['Authorization' => 'Bearer ' . $cookie['access_token'], 'Referer' => Helpers\App::getUrl()]]); $files = new Models\Files($response->getBody()); $app->render('files.phtml', ['files' => $files->formatData()]); } }); $app->get('/app/logout', function () use($app) { $app->deleteCookie(Helpers\App::COOKIE); $app->redirect('/app/auth'); }); $app->run();
// OK echo json_encode(array('operation' => 'login', 'status' => 'ok')); } else { throw new AuthenticateFailedException(); } } catch (AuthenticateFailedException $e) { $app->response()->status(401); $app->response()->header('X-Status-Reason', 'Login failure'); } catch (Exception $e) { $app->response()->status(400); $app->response()->header('X-Status-Reason', $e->getMessage()); } }); $app->get('/logout', function () use($app) { try { $app->deleteCookie('username'); $app->deleteCookie('password'); $app->response()->header('Content-Type', 'application/json'); $app->response()->status(200); // OK echo json_encode(array('operation' => 'logout', 'status' => 'ok')); } catch (Exception $e) { $app->response()->status(400); $app->response()->header('X-Status-Reason', $e->getMessage()); } }); // API for CRUD operations on Contacts $app->get('/contacts', $checkLoggedOn($app), function () use($app) { try { $contacts = R::find('contacts'); $app->response()->header('Content-Type', 'application/json');