Delete all registered PDO objects in _db array.
| public static reset_db ( ) |
/**
* Adding Middle Layer to authenticate every request
* Checking if the request has valid api key in the 'Api-Key' header
*/
function mw_auth()
{
// Master DB
include_once SessionData::getInstance()->getRootDir() . '/config/database.php';
ORM::configure('mysql:host=' . DB_HOST . ';dbname=' . DB_NAME . '');
ORM::configure('username', DB_USERNAME);
ORM::configure('password', DB_PASSWORD);
ORM::configure('logging', true);
ORM::configure('driver_options', array(PDO::MYSQL_ATTR_INIT_COMMAND => 'SET NAMES utf8'));
ORM::reset_db();
// Datum setzen
date_default_timezone_set('Europe/Berlin');
// Getting request headers
$headers = apache_request_headers();
$response = array();
$app = \Slim\Slim::getInstance();
// Verifying Authorization Header
if (isset($headers['Api-Key'])) {
$apikey = $headers['Api-Key'];
// API-KEY vorhanden?
$user = ORM::for_table('user')->where('api_key', $apikey)->find_one();
if ($user != null) {
// API aktiviert?
if ($user['active'] == 1) {
// Everything is OK
// Set Session Data
SessionData::getInstance()->setUserId($user['id']);
} else {
$response["error"] = true;
$response["message"] = "API-Key not activated!";
echoResponse(400, $response);
$app->stop();
}
} else {
$response["error"] = true;
$response["message"] = "API-KEY unknown!";
echoResponse(400, $response);
$app->stop();
}
} else {
// api key is missing in header
$response["error"] = true;
$response["message"] = "Api key is missing";
echoResponse(400, $response);
$app->stop();
}
}
*
* Parameter
* - email
* - password
*
* POST
*
*/
$app->post('/login', function () use($app) {
// init ORM
ORM::configure('mysql:host=' . DB_HOST . ';dbname=' . DB_NAME . '');
ORM::configure('username', DB_USERNAME);
ORM::configure('password', DB_PASSWORD);
ORM::configure('logging', true);
ORM::configure('driver_options', array(PDO::MYSQL_ATTR_INIT_COMMAND => 'SET NAMES utf8'));
ORM::reset_db();
// set date
date_default_timezone_set('Europe/Berlin');
// Getting post parameters
// $parameters = $app->request->post();
$json = $app->request->getBody();
$parameters = json_decode($json, true);
// Getting post JSON parameters
#$parameters = json_decode($app->request->getBody(),true);
// Init response array
$response = array();
// check user credentials
if (isset($parameters['email']) && isset($parameters['password'])) {
$user = ORM::for_table('user')->where('email', $parameters['email'])->find_one();
if ($user != null) {
$password = sha1($parameters['password'] . $user->salt);
