/**
* Setup Middleware ApiKey
* request is available if api-key exists
* header must be contains
* WWW-Authorization : base64(username/password)
* API-Token : Token
*/
public function call()
{
$unprotectedURIs = ['login', 'create-api-token', 'register'];
$request = $this->app->request();
$headers = $request->headers;
$response = $this->app->response();
$apiKey = $headers->get('API-Token');
$authorization = $headers->get('WWW-Authorization');
$currentRoute = $this->app->request()->getPathInfo();
foreach ($unprotectedURIs as $value) {
if (strpos($currentRoute, $value) !== false) {
$this->next->call();
return;
}
}
$session = new APITokenAuth($this->app);
// go ahead if the sessionid is valid
if ($session->isApiKeyUserPassValid($apiKey, $authorization)) {
$this->next->call();
return;
}
$response['Content-type'] = 'application/json';
$response->setBody(json_encode(['errmsg' => 'Authentication invalid']));
$response->status(401);
return;
}
/**
* Setup routing request
* @param Setup $app
*/
public static function setupRouting(Setup $app)
{
$app->group('/v1', function () use($app) {
// CREATE API KEY
$app->post('/create-api-token', function () use($app) {
$token = new APITokenAuth($app);
$token->createNewToken();
});
// SAMPLE REQUEST
$controller = new ExpControllerDataCustomer($app);
### GET REQUEST
$app->get('/customers', function () use($controller) {
$controller->getCustomers();
});
$app->get('/customer/:ID_CUSTOMER', function ($id_customer) use($controller) {
$controller->getCustomers($id_customer);
});
$app->get('/customer_items/:ID_CUSTOMER', function ($id_customer) use($controller) {
$controller->getCustomerItems($id_customer);
});
$app->get('/customer/filterby', function () use($controller) {
$controller->filterCustomerBy();
});
$app->get('/customer_items/filterby', function () use($controller) {
$controller->filterCustomerItems();
});
### POST REQUEST
$app->post('/customer', function () use($controller) {
$controller->addNewCustomer();
});
$app->post('/customer_items', function () use($controller) {
$controller->addCustomerItems();
});
### PUT REQUEST
$app->put('/customer_items/:ID_CUSTOMER', function ($id_customer) use($controller) {
$controller->changeCustomerData($id_customer);
});
### DELETE REQUEST
$app->delete('/customer_items/:ID_CUSTOMER', function ($id_customer) use($controller) {
$controller->removeCustomer($id_customer);
});
});
}
/**
* Setup routing request
* @param Setup $app
*/
public static function setupRouting(Setup $app)
{
$app->group('/v1', function () use($app) {
// CREATE API KEY
$app->post('/create-api-token', function () use($app) {
$token = new APITokenAuth($app);
$token->createNewToken();
});
// ControllerBukaPintu
$ctrlBukaPintu = new ControllerBukaPintu($app);
### GET
$app->get('/bukapintu', function () use($ctrlBukaPintu) {
$ctrlBukaPintu->bukaPintu();
});
$app->get('/stopbukapintu', function () use($ctrlBukaPintu) {
$ctrlBukaPintu->stopBukaPintu();
});
// ControllerAuth
$ctrlAuth = new ControllerAuth($app);
### POST
$app->post('/login', function () use($ctrlAuth) {
$ctrlAuth->loginToGetToken();
});
$app->post('/register', function () use($ctrlAuth) {
$ctrlAuth->registerNewUser();
});
### GET
$app->get('/active/:USER_ID', function ($USER_ID) use($ctrlAuth) {
$ctrlAuth->userActivation($USER_ID);
});
$app->get('/isexist/:EMAIL', function ($EMAIL) use($ctrlAuth) {
$ctrlAuth->cekEmailIsExist($EMAIL);
});
$app->get('/pending-users', function () use($ctrlAuth) {
$ctrlAuth->getAllPendingUser();
});
### DELETE
$app->delete('/user/:USER_ID', function ($USER_ID) use($ctrlAuth) {
$ctrlAuth->removeUser($USER_ID);
});
});
}
public function userActivation($userId)
{
try {
if ($this->getDB()->isJuruKunci($this->app->request()->headers->get('API-Token'))) {
$getUser = $this->getDB()->where('id_auth', '=', $userId)->first()->toArray();
$apiTokenAuth = new APITokenAuth($this->app);
$token = $apiTokenAuth->createNewToken($getUser['email'], $getUser['password']);
$setUserToActive = $this->getDB()->find($userId);
$setUserToActive->active = 1;
$setUserToActive->token = $token;
if ($setUserToActive->save()) {
$this->writeToJSON(['active' => true, 'user_id' => $userId, 'token' => $token], 201);
}
} else {
$this->writeToJSON(['errmsg' => 'dont have permission to active any users'], 500);
}
} catch (\Exception $ex) {
$this->writeToJSON(['errmsg' => 'service unavailable'], 503);
}
}
/**
* Setup Middleware ApiKey
* request is available if api-key exists
* header must be contains
* WWW-Authorization : base64(username/password)
* API-Token : Token
*/
public function call()
{
$request = $this->app->request();
$headers = $request->headers;
$response = $this->app->response();
$apiKey = $headers->get('API-Token');
$authorization = $headers->get('WWW-Authorization');
$session = new APITokenAuth($this->app);
if ($this->unprotectedURIs) {
$this->next->call();
return;
}
// go ahead if the sessionid is valid
if ($session->isApiKeyUserPassValid($apiKey, $authorization)) {
$this->next->call();
return;
}
$response['Content-type'] = 'application/json';
$response->setBody(json_encode(['errmsg' => 'Authentication invalid']));
$response->status(401);
return;
}
