static function addRoutes($app, $authenticateForRole) { ///// // System Admin // TODO: Create system functions route ///// $app->map("/admin/auth/delete/expired-tokens/", $authenticateForRole('admin'), function () use($app) { AuthController::deleteExpiredAuthTokens($app); })->via(['DELETE', 'POST']); /** * @api {post} /user/update/password Manage user password. * @apiName ChangeUserPassword * @apiGroup Auth * * @apiParam {String} apiKey User session key. * @apiParam {String} apiToken User session unhashed token. * * @apiParam {Integer} userId optional but Required if the User Email was not provided. Used to select the user. * @apiParam {String} email optional but Required if the User ID was not provided. Used to select the user. * @apiParam {String} current Current user password for user authentication. * @apiParam {String} new New password for the user to change it too. * * @apiSuccessExample {json} Success-Response: * HTTP/1.1 200: OK * { * "data": { * "msg": "Password successfully changed." * }, * "meta": { * "error": false, * "status": 200 * } * } * * @apiErrorExample {json} Error-Missing-Parameters: * HTTP/1.1 400: Bad Request * { * "data": { * "msg": "Password could not be changed. Check your parameters and try again." * }, * "meta": { * "error": true, * "status": 400 * } * } * * @apiErrorExample {json} Error-Invalid-New-Password: * HTTP/1.1 400: Bad Request * { * "data": { * "msg": "Invalid Password. Check your parameters and try again." * }, * "meta": { * "error": true, * "status": 400 * } * } * * @apiErrorExample {json} Error-User-Id-Not-Found: * HTTP/1.1 400: Bad Request * { * "data": { * "msg": "User not found. Check your parameters and try again." * }, * "meta": { * "error": true, * "status": 400 * } * } * * @apiErrorExample {json} Error-Unauthorized: * HTTP/1.1 401: Unauthorized * { * "data": { * "msg": "Invalid user password. Unable to verify request." * }, * "meta": { * "error": true, * "status": 401 * } * } * * @apiErrorExample {json} Error-Unknown-DB-Update: * HTTP/1.1 400: Bad Request * { * "data": { * "msg": "Password could not be changed. Try again later." * }, * "meta": { * "error": true, * "status": 400 * } * } */ $app->post("/user/update/password/", $authenticateForRole('member'), function () use($app) { AuthController::changeUserPassword($app); }); //* /auth/ routes - publicly accessable $app->group('/auth', $authenticateForRole('public'), function () use($app) { /** * @api {post} /auth/authenticate Confirm api key and token pair represents an active user login session. * @apiName Authenticate * @apiGroup Auth * * @apiParam {String} apiKey User session key. * @apiParam {String} apiToken User session unhashed token. * * @apiSuccessExample {json} Success-Response: * HTTP/1.1 200: OK * { * "data": { * "authenticated": true, * "sessionLifeHours": 1 * "user": { * "id": "28", * "nameFirst": "Rachel", * "nameLast": "Testing", * "email": "*****@*****.**", * "displayName": "Rachel", * "roles": ['3'], * "apiKey": "caf02551768a09e1aed8946ecacce3b01f253884a08bded1f1a76520b8f0c4e847914a1daea072ab957582a2c32beceacd62b5e6842f18ef2b21a3f13b16c374", * "apiToken": "c88e7640de8f34c18d7d07d6d0a26b0d9896f188766e445bac32a44cb275ba89" * } * }, * "meta": { * "error": false, * "status": 200 * } * } * * * @apiErrorExample {json} Error-Missing-Parameters: * HTTP/1.1 401: Unauthorized * { * "data": { * "authenticated": false, * "msg": "Unauthenticated: Invalid request. Check your parameters and try again." * }, * "meta": { * "error": true, * "status": 401 * } * } * * * @apiErrorExample {json} Error-Incorrect-Values: * HTTP/1.1 401: Unauthorized * { * "data": { * "authenticated": false, * "msg": "Unauthenticated: No User" * }, * "meta": { * "error": true, * "status": 401 * } * } */ $app->post("/authenticate/", function () use($app) { AuthController::isAuthenticated($app); }); /** * @api {post} /auth/signup Standard user signup. * @apiName Signup * @apiGroup Auth * * @apiParam {String} email User email address. * @apiParam {String} passowrd User unencrypted password. * @apiParam {String} nameFirst User first name. * @apiParam {String} nameLast User last name. * @apiParam {Integer} teamId optional Team to add the new player too. * * @apiSuccessExample {json} Success-Response: * HTTP/1.1 200: OK * { * "data": { * "registered": true, * "sessionLifeHours": 1 * "user": { * "id": "28", * "nameFirst": "Rachel", * "nameLast": "Testing", * "email": "*****@*****.**", * "displayName": "Rachel", * "roles": ['3'], * "apiKey": "caf02551768a09e1aed8946ecacce3b01f253884a08bded1f1a76520b8f0c4e847914a1daea072ab957582a2c32beceacd62b5e6842f18ef2b21a3f13b16c374", * "apiToken": "c88e7640de8f34c18d7d07d6d0a26b0d9896f188766e445bac32a44cb275ba89" * } * }, * "meta": { * "error": false, * "status": 200 * } * } * * @apiErrorExample {json} Error-Missing-Parameters: * HTTP/1.1 400: Bad Request * { * "data": { * "registered": false, * "msg": "Signup failed. Check your parameters and try again." * }, * "meta": { * "error": true, * "status": 400 * } * } * * @apiErrorExample {json} Error-Duplicate-Email: * HTTP/1.1 400: Bad Request * { * "data": { * "registered": false, * "msg": "Signup failed. A user with that email already exists." * }, * "meta": { * "error": true, * "status": 400 * } * } */ $app->post("/signup/", function () use($app) { AuthController::signup($app); }); /* email, nameFirst, nameLast, facebookId, accessToken */ $app->post("/signup/facebook/", function () use($app) { AuthController::facebookSignup($app); }); /* email, nameFirst, nameLast, password, venue, address, city, state, zip */ /* OPTIONAL: addressb, phone, website, facebook, logo, hours, referralCode */ $app->post("/venue/signup/", function () use($app) { AuthController::venueSignup($app); }); /* email, nameFirst, nameLast, facebookId, accessToken, venue, address, city, state, zip */ /* OPTIONAL: addressb, phone, website, facebook, logo, hours, referralCode */ $app->post("/venue/signup/facebook/", function () use($app) { AuthController::venueFacebookSignup($app); }); $app->post("/signup/additional/", function () use($app) { InfoController::saveAdditional($app); }); /** * @api {post} /auth/login Standard user login. * @apiName Login * @apiGroup Auth * * @apiParam {String} email User email address. * @apiParam {String} passowrd User unencrypted password. * * @apiSuccessExample {json} Success-Response: * HTTP/1.1 200: OK * { * "data": { * "authenticated": true, * "sessionLifeHours": 1 * "user": { * "id": "28", * "nameFirst": "Rachel", * "nameLast": "Testing", * "email": "*****@*****.**", * "displayName": "Rachel", * "roles": ['3'], * "apiKey": "caf02551768a09e1aed8946ecacce3b01f253884a08bded1f1a76520b8f0c4e847914a1daea072ab957582a2c32beceacd62b5e6842f18ef2b21a3f13b16c374", * "apiToken": "c88e7640de8f34c18d7d07d6d0a26b0d9896f188766e445bac32a44cb275ba89" * } * }, * "meta": { * "error": false, * "status": 200 * } * } * * @apiErrorExample {json} Error-Missing-Parameters: * HTTP/1.1 401: Unauthorized * { * "data": { * "authenticated": false, * "msg": "Login failed. Check your parameters and try again." * }, * "meta": { * "error": true, * "status": 401 * } * } * * @apiErrorExample {json} Error-Unregistered-Email: * HTTP/1.1 401: Unauthorized * { * "data": { * "authenticated": false, * "msg": "Unauthenticated: No User" * }, * "meta": { * "error": true, * "status": 401 * } * } * * @apiErrorExample {json} Error-Incorrect-Password: * HTTP/1.1 401: Unauthorized * { * "data": { * "authenticated": false, * "maxattempts": 6, * "msg": "Login failed. Username and password combination did not match." * }, * "meta": { * "error": true, * "status": 401 * } * } */ $app->post("/login/", function () use($app) { AuthController::login($app); }); $app->post("/forgotpassword/", function () use($app) { AuthController::forgotpassword($app); }); $app->post("/getforgotpasswordemail/", function () use($app) { AuthController::getforgotpasswordemail($app); }); $app->post("/resetpassword/", function () use($app) { AuthController::resetpassword($app); }); /* email, nameFirst, nameLast, facebookId, accessToken */ $app->post("/login/facebook/", function () use($app) { AuthController::facebookLogin($app); }); ///// ///// Logout ///// $app->post("/logout/", function () use($app) { AuthController::logout($app); }); }); }
$routes->get('/', function () { if ($user = AuthController::get_user_logged_in()) { AppController::index(); } else { AuthController::index(); } }); $routes->post('/login', function () { // Kirjautumisen käsittely AuthController::handle_login(); }); $routes->get('/logout', function () { AuthController::signout(); }); $routes->get('/signup', function () { AuthController::signup(); }); $routes->post('/signup', function () { AuthController::handle_signup(); }); $routes->get('/tasks/create', 'check_logged_in', function () { AppController::createTask(); }); $routes->post('/tasks/create', 'check_logged_in', function () { AppController::storeTask(); }); $routes->get('/tasks/task/:id', 'check_logged_in', function ($id) { AppController::showTask($id); }); $routes->get('/tasks/complete/:id', 'check_logged_in', function ($id) { AppController::markComplete($id);