$event = json_decode($app->request()->getBody());
$p = json_decode(json_encode($event), True);
// Reading options from POST/PUT
$cookie = genUuid();
$output = apiLogin($db, $p, $cookie);
if ($output['code'] == 200) {
// User is authenticated, need to set the cookie
$app->setCookie('unetlab_session', $cookie, SESSION, '/api/', $_SERVER['SERVER_NAME'], False, False);
}
$app->response->setStatus($output['code']);
$app->response->setBody(json_encode($output));
});
$app->get('/api/auth/logout', function () use($app, $db) {
// Logout (DELETE request does not work with cookies)
$cookie = $app->getCookie('unetlab_session');
$app->deleteCookie('unetlab_session');
$output = apiLogout($db, $cookie);
$app->response->setStatus($output['code']);
$app->response->setBody(json_encode($output));
});
$app->get('/api/auth', function () use($app, $db) {
list($user, $tenant, $output) = apiAuthorization($db, $app->getCookie('unetlab_session'));
if ($user === False) {
// Set 401 not 412 for this page only -> used to refresh after a logout
$output['code'] = 401;
$app->response->setStatus($output['code']);
$app->response->setBody(json_encode($output));
return;
}
if (checkFolder(BASE_LAB . $user['folder']) !== 0) {
// User has an invalid last viewed folder
/**
* Test delete cookie
*
* This method ensures that the `Set-Cookie:` HTTP response
* header is set. The implementation of setting the response
* cookie is tested separately in another file.
*/
public function testDeleteCookie()
{
\Slim\Environment::mock(array('SCRIPT_NAME' => '/foo', 'PATH_INFO' => '/bar', 'COOKIE' => 'foo=bar; foo2=bar2'));
$s = new \Slim\Slim();
$s->get('/bar', function () use($s) {
$s->setCookie('foo', 'bar');
$s->deleteCookie('foo');
});
$s->call();
$cookie = $s->response->cookies->get('foo');
$this->assertEquals(1, count($s->response->cookies));
$this->assertEquals('', $cookie['value']);
$this->assertLessThan(time(), $cookie['expires']);
}
/**
* Test delete cookie
*
* This method ensures that the `Set-Cookie:` HTTP response
* header is set. The implementation of setting the response
* cookie is tested separately in another file.
*/
public function testDeleteCookie()
{
\Slim\Environment::mock(array('SCRIPT_NAME' => '/foo', 'PATH_INFO' => '/bar', 'COOKIE' => 'foo=bar; foo2=bar2'));
$s = new \Slim\Slim();
$s->get('/bar', function () use($s) {
$s->setCookie('foo', 'bar');
$s->deleteCookie('foo');
});
$s->call();
list($status, $header, $body) = $s->response()->finalize();
$cookies = explode("\n", $header['Set-Cookie']);
$this->assertEquals(1, count($cookies));
$this->assertEquals(1, preg_match('@^foo=;@', $cookies[0]));
}
$sql_text->bindParam(1, $lan);
$sql_text->execute();
$query = 'DELETE FROM Language WHERE lan =?';
$sql_lan = $db->prepare($query);
$sql_lan->bindParam(1, $lan);
$sql_lan->execute();
} catch (Exception $e) {
$app->halt(503, json_encode(['type' => 'Error', 'title' => 'Oops, something went wrong!', 'message' => $e->getMessage()]));
} finally {
$db = null;
}
} else {
$app->halt(503, json_encode(['type' => 'Error', 'title' => 'Oops, something went wrong!', 'message' => 'No database connection']));
}
if ($app->getCookie('aco-lan') === $lan) {
$app->deleteCookie('aco-lan');
$app->redirect($app->urlFor('getContent'));
} else {
$app->redirect($app->urlFor('getContent'));
}
} else {
$app->halt(403, json_encode(['type' => 'error', 'title' => 'Forbidden Request', 'message' => 'You do not have the permission to call this request.']));
}
});
$app->delete('/remove/lan/:lan', function ($lan) use($app) {
if (isset($data->token) && security_token($data->token)) {
if (($db = connectToMySql()) !== false) {
try {
$query = 'DELETE FROM Language WHERE lan = ?';
$sql_lan = $db->prepare($query);
$sql_lan->bindParam(1, $lan);
$app->get('/hello/:name', function ($name) {
echo "Hello, {$name}";
});
$app->get('/test/:name', function ($name) use($app) {
$headers = $app->request->headers;
var_dump($headers);
echo "Hello, {$name}";
});
// response
$app->post('/books', function () use($app) {
//Create book
$body = $app->request->getBody();
echo $body;
$app->response->setStatus(400);
$app->setCookie('foo', 'bar', '2 days');
$app->deleteCookie('foo');
// Overwrite response body
$app->response->setBody('Foo');
// Append response body
$app->response->write('Bar');
// response json string with application/json header
$arr = array("name" => "jerry", "age" => 25);
$app->response->json($arr);
});
$app->delete('/books/:id', function ($id) {
//Delete book identified by $id
});
$app->get('/archive(/:year(/:month(/:day)))', function ($year = 2010, $month = 12, $day = 05) {
echo sprintf('%s-%s-%s', $year, $month, $day);
});
// middleware for special route
$app->redirect($url);
});
$app->get('/app/callback', function () use($app) {
if ($code = $app->request->params('code')) {
$config = new \Models\OAuthConfig();
$client = new \GuzzleHttp\Client();
$params = ['code' => $code, 'grant_type' => 'authorization_code', 'client_id' => $config->getClientId(), 'client_secret' => $config->getClientSecret(), 'redirect_uri' => 'https://' . $_SERVER['HTTP_HOST'] . '/app/callback'];
$response = $client->post($config->getTokenUri(), ['form_params' => $params]);
$json = json_decode($response->getBody(), true);
Helpers\App::setAccessToken($json);
$app->redirect('/app');
} else {
if ($error = $app->request->params('error')) {
echo $error;
}
}
});
$app->get('/app', function () use($app) {
if (Helpers\App::isAuthorized()) {
$cookie = Helpers\App::getCookie();
$client = new \GuzzleHttp\Client();
$response = $client->get('https://www.googleapis.com/drive/v2/files', ['headers' => ['Authorization' => 'Bearer ' . $cookie['access_token'], 'Referer' => Helpers\App::getUrl()]]);
$files = new Models\Files($response->getBody());
$app->render('files.phtml', ['files' => $files->formatData()]);
}
});
$app->get('/app/logout', function () use($app) {
$app->deleteCookie(Helpers\App::COOKIE);
$app->redirect('/app/auth');
});
$app->run();
// OK
echo json_encode(array('operation' => 'login', 'status' => 'ok'));
} else {
throw new AuthenticateFailedException();
}
} catch (AuthenticateFailedException $e) {
$app->response()->status(401);
$app->response()->header('X-Status-Reason', 'Login failure');
} catch (Exception $e) {
$app->response()->status(400);
$app->response()->header('X-Status-Reason', $e->getMessage());
}
});
$app->get('/logout', function () use($app) {
try {
$app->deleteCookie('username');
$app->deleteCookie('password');
$app->response()->header('Content-Type', 'application/json');
$app->response()->status(200);
// OK
echo json_encode(array('operation' => 'logout', 'status' => 'ok'));
} catch (Exception $e) {
$app->response()->status(400);
$app->response()->header('X-Status-Reason', $e->getMessage());
}
});
// API for CRUD operations on Contacts
$app->get('/contacts', $checkLoggedOn($app), function () use($app) {
try {
$contacts = R::find('contacts');
$app->response()->header('Content-Type', 'application/json');
