public function handleRequest($method, $request)
{
if ($this->guard !== null && !$this->guard->isAuthenticated($request)) {
$response = new ApiResponse();
$response->failure('Not authenticated');
return $response;
}
return $this->methodList[$method]->invoke($this->implementation, $request);
}
public function login($request)
{
$token = '';
$loginSuccessful = $this->loginUser($request->user, $request->pass, $token);
$response = new ApiResponse();
if ($loginSuccessful) {
$response->payload = ['result' => 'success', 'token' => $token, 'id' => Security::getUserId()];
} else {
$response->failure('Access denied');
}
return $response;
}
/**
* @param string $resourceName
* @param Request $request
* @return ApiResponse
*/
public function handleApiResource($resourceName, $request)
{
$response = new ApiResponse();
$resourceDefinition = $this->getResource($resourceName);
$repo = $resourceDefinition->getRepository();
$guard = $resourceDefinition->getGuard();
if ($guard !== null && !$guard->isAuthenticated($request)) {
$response = new ApiResponse();
$response->failure('Not authenticated');
return $response;
}
// TODO: Das kann man sicher schöner lösen
// Das Problem hier ist, dass token ein Suchfilter im User-Objekt ist
unset($request->token);
try {
if ($request->methode === 'GET') {
if ($request->present('id')) {
$response->payload = $repo->find($request->id);
} else {
$response->payload = $repo->filter($request);
}
} elseif ($request->methode === 'POST') {
// TODO: Isses denn überhaupt JSON was da kommt?
$resourceObj = json_decode(file_get_contents('php://input'));
$entity = $repo->createOrUpdate($resourceObj);
if ($entity !== null) {
$response->payload = ['id' => $entity->id];
}
} elseif ($request->methode === 'DELETE') {
$response->payload = $repo->delete($request->id);
}
} catch (\InvalidArgumentException $e) {
$response = new ApiResponse();
$response->failure($e->getMessage());
}
return $response;
}