public function register(Application $app)
{
$app['tba.obj'] = $app->share(function () use($app) {
if (isset($app['config'])) {
$this->config['table_name'] = $app['config']->tba->table_name;
$this->config['user_field'] = $app['config']->tba->user_field;
$this->config['pass_field'] = $app['config']->tba->pass_field;
$this->config['token_timeout'] = $app['config']->tba->token_timeout;
$this->config['salt'] = $app['config']->tba->salt;
} else {
$this->config['table_name'] = $app['tba.table_name'];
$this->config['user_field'] = $app['tba.user_field'];
$this->config['pass_field'] = $app['tba.pass_field'];
$this->config['token_timeout'] = $app['tba.token_timeout'];
$this->config['salt'] = $app['tba.salt'];
}
$tba = new TokenBasedAuth($this->config);
$tba->setHeader(new \TBA\Header());
if (isset($app['db'])) {
$tba->setConnection($app['db']);
}
return $tba;
});
$app->get('/logout', function () {
if (isset($_SESSION["m1_53ck_m4"])) {
unset($_SESSION["m1_53ck_m4"]);
}
$dados = ["loggedOut" => "ok"];
error_log("/logout");
return new JsonResponse($dados, 200);
});
$app->options('/login', function () {
return new JsonResponse(["result" => "ok"], 200);
});
$app->post('/login', function (Request $request) use($app) {
try {
$dados = array();
$form = $request->request->all();
if (!isset($form['user']) || !isset($form['passwd'])) {
error_log("1 - email ou senha não enviados");
throw new UnauthorizedException(self::ERRO_1, 120001);
}
$pwdHash = md5($this->config['salt'] . "{$form['passwd']}123X");
if (!$app['tba.obj']->login($form['user'], $pwdHash)) {
error_log("senha informada não confere: {$form['user']} - {$pwdHash}");
throw new UnauthorizedException("erro no login", 120004);
}
$dados["msg"] = "Login com sucesso";
if (isset($this->config->token_as_field) && $this->config->token_as_field == true) {
$dados['token'] = $app['tba.obj']->getUser()->token;
}
unset($form);
$response = new JsonResponse($dados, 200);
$response->headers->set("ClientToken", $app['tba.obj']->getUser()->token);
return $response;
} catch (UnauthorizedException $e) {
error_log(">> 1 - 401 - erro verificado: {$e->getMessage()}");
return new JsonResponse(["msg" => $e->getMessage()], 401);
} catch (InvalidLoginException $e) {
error_log(">> 1 - 403 - erro verificado: {$e->getMessage()}");
return new JsonResponse(["msg" => $e->getMessage()], 403);
} catch (\Exception $e) {
error_log(">> 2 - 500 - erro verificado: {$e->getMessage()}");
return new JsonResponse(["msg" => $e->getMessage()], 500);
}
});
$app->before(function (Request $request) use($app) {
if (is_null($request->headers->get('AppToken'))) {
error_log("token não informado");
throw new UnauthorizedException("Aplicação não reconhecida", 120006);
}
if ($request->headers->get('AppToken') !== APP_TOKEN) {
error_log("token não confere");
throw new UnauthorizedException("Aplicação não reconhecida", 120005);
}
}, 1);
$app->before(function (Request $request) use($app) {
if (!in_array($request->getRequestUri(), $app['login.openroutes'])) {
$dados = array();
if (is_null($request->headers->get('ClientToken'))) {
throw new UnauthorizedException("Cliente não reconhecido");
}
}
}, 3);
$app->after(function (Request $request, Response $response) use($app) {
$response->headers->set("AppToken", APP_TOKEN);
try {
$user = $app['tba.obj']->getUserByToken();
error_log(print_r($user, true));
$response->headers->set("ClientToken", $user->token);
} catch (\Exception $e) {
error_log("client token: {$e->getMessage()}");
}
return $response;
}, 1);
}
$response->headers->set('Access-Control-Allow-Origin', '*');
$response->headers->set('Access-Control-Allow-Methods', 'GET, PUT, POST, DELETE, OPTIONS');
$response->headers->set('Access-Control-Max-Age', '1000');
$response->headers->set('Access-Control-Allow-Headers', 'Content-Type, Authorization, X-Requested-With');
$response->headers->set('Access-Control-Allow-Credentials', 'true');
});
$app->get('/races', function (Application $app, Request $req) {
$pp = (int) $req->get('_perPage');
$p = (int) $req->get('_page') - 1;
if ($pp == 0) {
$pp = 30;
}
return $app->json(all('select id, name from dogs_race limit ' . $pp . ' offset ' . $p * $pp), 200, ['X-Total-Count' => col('select count(*) from dogs_race')]);
});
$app->options('/races', function () {
return '';
});
$app->post('/races', function (Application $app, Request $req) {
insert('dogs_race', $req->request->all());
return $app->json(one('select * from dogs_race order by id desc limit 1'));
});
$app->get('/races/{id}', function (Application $app, Request $req, $id) {
return $app->json(one('select * from dogs_race where id =' . q($id)));
});
$app->put('/races/{id}', function (Application $app, Request $req, $id) {
$json = $req->request->all();
unset($json['id']);
update('dogs_race', $id, $json);
return $app->json();
});
$app->options('/races/{id}', function (Application $app, Request $req, $id) {
/**
* @param string $pattern
* @param Endpoint $to
* @return \Silex\Controller
*/
public function options($pattern, $to = null)
{
return parent::options($pattern, $to);
}
