Пример #1
0
 static function addRoutes($app, $authenticateForRole)
 {
     /////
     // System Admin
     // TODO: Create system functions route
     /////
     $app->map("/admin/auth/delete/expired-tokens/", $authenticateForRole('admin'), function () use($app) {
         AuthController::deleteExpiredAuthTokens($app);
     })->via(['DELETE', 'POST']);
     /**
      * @api {post} /user/update/password Manage user password.
      * @apiName ChangeUserPassword
      * @apiGroup Auth
      *
      * @apiParam {String} apiKey User session key.
      * @apiParam {String} apiToken User session unhashed token.
      * 
      * @apiParam {Integer} userId optional but Required if the User Email was not provided. Used to select the user.
      * @apiParam {String} email optional but Required if the User ID was not provided. Used to select the user.
      * @apiParam {String} current Current user password for user authentication.
      * @apiParam {String} new New password for the user to change it too.
      *
      * @apiSuccessExample {json} Success-Response:
      *      HTTP/1.1 200: OK
      *      {
      *          "data": {
      *              "msg": "Password successfully changed."
      *          },
      *          "meta": {
      *              "error": false,
      *              "status": 200
      *          }
      *      }
      * 
      * @apiErrorExample {json} Error-Missing-Parameters:
      *      HTTP/1.1 400: Bad Request
      *      {
      *          "data": {
      *              "msg": "Password could not be changed. Check your parameters and try again."
      *          },
      *          "meta": {
      *              "error": true,
      *              "status": 400
      *          }
      *      }
      * 
      * @apiErrorExample {json} Error-Invalid-New-Password:
      *      HTTP/1.1 400: Bad Request
      *      {
      *          "data": {
      *              "msg": "Invalid Password. Check your parameters and try again."
      *          },
      *          "meta": {
      *              "error": true,
      *              "status": 400
      *          }
      *      }
      * 
      * @apiErrorExample {json} Error-User-Id-Not-Found:
      *      HTTP/1.1 400: Bad Request
      *      {
      *          "data": {
      *              "msg": "User not found. Check your parameters and try again."
      *          },
      *          "meta": {
      *              "error": true,
      *              "status": 400
      *          }
      *      }
      * 
      * @apiErrorExample {json} Error-Unauthorized:
      *      HTTP/1.1 401: Unauthorized
      *      {
      *          "data": {
      *              "msg": "Invalid user password. Unable to verify request."
      *          },
      *          "meta": {
      *              "error": true,
      *              "status": 401
      *          }
      *      }
      * 
      * @apiErrorExample {json} Error-Unknown-DB-Update:
      *      HTTP/1.1 400: Bad Request
      *      {
      *          "data": {
      *              "msg": "Password could not be changed. Try again later."
      *          },
      *          "meta": {
      *              "error": true,
      *              "status": 400
      *          }
      *      }
      */
     $app->post("/user/update/password/", $authenticateForRole('member'), function () use($app) {
         AuthController::changeUserPassword($app);
     });
     //* /auth/ routes - publicly accessable
     $app->group('/auth', $authenticateForRole('public'), function () use($app) {
         /**
          * @api {post} /auth/authenticate Confirm api key and token pair represents an active user login session.
          * @apiName Authenticate
          * @apiGroup Auth
          *
          * @apiParam {String} apiKey User session key.
          * @apiParam {String} apiToken User session unhashed token.
          *
          * @apiSuccessExample {json} Success-Response:
          *      HTTP/1.1 200: OK
          *      {
          *          "data": {
          *              "authenticated": true,
          *              "sessionLifeHours": 1
          *              "user": {
          *                  "id": "28",
          *                  "nameFirst": "Rachel",
          *                  "nameLast": "Testing",
          *                  "email": "*****@*****.**",
          *                  "displayName": "Rachel",
          *                  "roles": ['3'],
          *                  "apiKey": "caf02551768a09e1aed8946ecacce3b01f253884a08bded1f1a76520b8f0c4e847914a1daea072ab957582a2c32beceacd62b5e6842f18ef2b21a3f13b16c374",
          *                  "apiToken": "c88e7640de8f34c18d7d07d6d0a26b0d9896f188766e445bac32a44cb275ba89"
          *              }
          *          },
          *          "meta": {
          *              "error": false,
          *              "status": 200
          *          }
          *      }
          * 
          * 
          * @apiErrorExample {json} Error-Missing-Parameters:
          *      HTTP/1.1 401: Unauthorized
          *      {
          *          "data": {
          *              "authenticated": false,
          *              "msg": "Unauthenticated: Invalid request. Check your parameters and try again."
          *          },
          *          "meta": {
          *              "error": true,
          *              "status": 401
          *          }
          *      }
          * 
          * 
          * @apiErrorExample {json} Error-Incorrect-Values:
          *      HTTP/1.1 401: Unauthorized
          *      {
          *          "data": {
          *              "authenticated": false,
          *              "msg": "Unauthenticated: No User"
          *          },
          *          "meta": {
          *              "error": true,
          *              "status": 401
          *          }
          *      }
          */
         $app->post("/authenticate/", function () use($app) {
             AuthController::isAuthenticated($app);
         });
         /**
          * @api {post} /auth/signup Standard user signup.
          * @apiName Signup
          * @apiGroup Auth
          *
          * @apiParam {String} email User email address.
          * @apiParam {String} passowrd User unencrypted password.
          * @apiParam {String} nameFirst User first name.
          * @apiParam {String} nameLast User last name.
          * @apiParam {Integer} teamId optional Team to add the new player too.
          *
          * @apiSuccessExample {json} Success-Response:
          *      HTTP/1.1 200: OK
          *      {
          *          "data": {
          *              "registered": true,
          *              "sessionLifeHours": 1
          *              "user": {
          *                  "id": "28",
          *                  "nameFirst": "Rachel",
          *                  "nameLast": "Testing",
          *                  "email": "*****@*****.**",
          *                  "displayName": "Rachel",
          *                  "roles": ['3'],
          *                  "apiKey": "caf02551768a09e1aed8946ecacce3b01f253884a08bded1f1a76520b8f0c4e847914a1daea072ab957582a2c32beceacd62b5e6842f18ef2b21a3f13b16c374",
          *                  "apiToken": "c88e7640de8f34c18d7d07d6d0a26b0d9896f188766e445bac32a44cb275ba89"
          *              }
          *          },
          *          "meta": {
          *              "error": false,
          *              "status": 200
          *          }
          *      }
          * 
          * @apiErrorExample {json} Error-Missing-Parameters:
          *      HTTP/1.1 400: Bad Request
          *      {
          *          "data": {
          *              "registered": false,
          *              "msg": "Signup failed. Check your parameters and try again."
          *          },
          *          "meta": {
          *              "error": true,
          *              "status": 400
          *          }
          *      }
          * 
          * @apiErrorExample {json} Error-Duplicate-Email:
          *      HTTP/1.1 400: Bad Request
          *      {
          *          "data": {
          *              "registered": false,
          *              "msg": "Signup failed. A user with that email already exists."
          *          },
          *          "meta": {
          *              "error": true,
          *              "status": 400
          *          }
          *      }
          */
         $app->post("/signup/", function () use($app) {
             AuthController::signup($app);
         });
         /* email, nameFirst, nameLast, facebookId, accessToken */
         $app->post("/signup/facebook/", function () use($app) {
             AuthController::facebookSignup($app);
         });
         /* email, nameFirst, nameLast, password, venue, address, city, state, zip */
         /* OPTIONAL: addressb, phone, website, facebook, logo, hours, referralCode */
         $app->post("/venue/signup/", function () use($app) {
             AuthController::venueSignup($app);
         });
         /* email, nameFirst, nameLast, facebookId, accessToken, venue, address, city, state, zip */
         /* OPTIONAL: addressb, phone, website, facebook, logo, hours, referralCode */
         $app->post("/venue/signup/facebook/", function () use($app) {
             AuthController::venueFacebookSignup($app);
         });
         $app->post("/signup/additional/", function () use($app) {
             InfoController::saveAdditional($app);
         });
         /**
          * @api {post} /auth/login Standard user login.
          * @apiName Login
          * @apiGroup Auth
          *
          * @apiParam {String} email User email address.
          * @apiParam {String} passowrd User unencrypted password.
          *
          * @apiSuccessExample {json} Success-Response:
          *      HTTP/1.1 200: OK
          *      {
          *          "data": {
          *              "authenticated": true,
          *              "sessionLifeHours": 1
          *              "user": {
          *                  "id": "28",
          *                  "nameFirst": "Rachel",
          *                  "nameLast": "Testing",
          *                  "email": "*****@*****.**",
          *                  "displayName": "Rachel",
          *                  "roles": ['3'],
          *                  "apiKey": "caf02551768a09e1aed8946ecacce3b01f253884a08bded1f1a76520b8f0c4e847914a1daea072ab957582a2c32beceacd62b5e6842f18ef2b21a3f13b16c374",
          *                  "apiToken": "c88e7640de8f34c18d7d07d6d0a26b0d9896f188766e445bac32a44cb275ba89"
          *              }
          *          },
          *          "meta": {
          *              "error": false,
          *              "status": 200
          *          }
          *      }
          * 
          * @apiErrorExample {json} Error-Missing-Parameters:
          *      HTTP/1.1 401: Unauthorized
          *      {
          *          "data": {
          *              "authenticated": false,
          *              "msg": "Login failed. Check your parameters and try again."
          *          },
          *          "meta": {
          *              "error": true,
          *              "status": 401
          *          }
          *      }
          * 
          * @apiErrorExample {json} Error-Unregistered-Email:
          *      HTTP/1.1 401: Unauthorized
          *      {
          *          "data": {
          *              "authenticated": false,
          *              "msg": "Unauthenticated: No User"
          *          },
          *          "meta": {
          *              "error": true,
          *              "status": 401
          *          }
          *      }
          * 
          * @apiErrorExample {json} Error-Incorrect-Password:
          *      HTTP/1.1 401: Unauthorized
          *      {
          *          "data": {
          *              "authenticated": false,
          *              "maxattempts": 6,
          *              "msg": "Login failed. Username and password combination did not match."
          *          },
          *          "meta": {
          *              "error": true,
          *              "status": 401
          *          }
          *      }
          */
         $app->post("/login/", function () use($app) {
             AuthController::login($app);
         });
         $app->post("/forgotpassword/", function () use($app) {
             AuthController::forgotpassword($app);
         });
         $app->post("/getforgotpasswordemail/", function () use($app) {
             AuthController::getforgotpasswordemail($app);
         });
         $app->post("/resetpassword/", function () use($app) {
             AuthController::resetpassword($app);
         });
         /* email, nameFirst, nameLast, facebookId, accessToken */
         $app->post("/login/facebook/", function () use($app) {
             AuthController::facebookLogin($app);
         });
         /////
         ///// Logout
         /////
         $app->post("/logout/", function () use($app) {
             AuthController::logout($app);
         });
     });
 }