Пример #1
0
 /**
  * Setup Middleware ApiKey
  * request is available if api-key exists
  * header must be contains
  * WWW-Authorization : base64(username/password)
  * API-Token : Token
  */
 public function call()
 {
     $unprotectedURIs = ['login', 'create-api-token', 'register'];
     $request = $this->app->request();
     $headers = $request->headers;
     $response = $this->app->response();
     $apiKey = $headers->get('API-Token');
     $authorization = $headers->get('WWW-Authorization');
     $currentRoute = $this->app->request()->getPathInfo();
     foreach ($unprotectedURIs as $value) {
         if (strpos($currentRoute, $value) !== false) {
             $this->next->call();
             return;
         }
     }
     $session = new APITokenAuth($this->app);
     // go ahead if the sessionid is valid
     if ($session->isApiKeyUserPassValid($apiKey, $authorization)) {
         $this->next->call();
         return;
     }
     $response['Content-type'] = 'application/json';
     $response->setBody(json_encode(['errmsg' => 'Authentication invalid']));
     $response->status(401);
     return;
 }
Пример #2
0
 /**
  * Setup routing request
  * @param Setup $app
  */
 public static function setupRouting(Setup $app)
 {
     $app->group('/v1', function () use($app) {
         // CREATE API KEY
         $app->post('/create-api-token', function () use($app) {
             $token = new APITokenAuth($app);
             $token->createNewToken();
         });
         // SAMPLE REQUEST
         $controller = new ExpControllerDataCustomer($app);
         ### GET REQUEST
         $app->get('/customers', function () use($controller) {
             $controller->getCustomers();
         });
         $app->get('/customer/:ID_CUSTOMER', function ($id_customer) use($controller) {
             $controller->getCustomers($id_customer);
         });
         $app->get('/customer_items/:ID_CUSTOMER', function ($id_customer) use($controller) {
             $controller->getCustomerItems($id_customer);
         });
         $app->get('/customer/filterby', function () use($controller) {
             $controller->filterCustomerBy();
         });
         $app->get('/customer_items/filterby', function () use($controller) {
             $controller->filterCustomerItems();
         });
         ### POST REQUEST
         $app->post('/customer', function () use($controller) {
             $controller->addNewCustomer();
         });
         $app->post('/customer_items', function () use($controller) {
             $controller->addCustomerItems();
         });
         ### PUT REQUEST
         $app->put('/customer_items/:ID_CUSTOMER', function ($id_customer) use($controller) {
             $controller->changeCustomerData($id_customer);
         });
         ### DELETE REQUEST
         $app->delete('/customer_items/:ID_CUSTOMER', function ($id_customer) use($controller) {
             $controller->removeCustomer($id_customer);
         });
     });
 }
Пример #3
0
 /**
  * Setup routing request
  * @param Setup $app
  */
 public static function setupRouting(Setup $app)
 {
     $app->group('/v1', function () use($app) {
         // CREATE API KEY
         $app->post('/create-api-token', function () use($app) {
             $token = new APITokenAuth($app);
             $token->createNewToken();
         });
         // ControllerBukaPintu
         $ctrlBukaPintu = new ControllerBukaPintu($app);
         ### GET
         $app->get('/bukapintu', function () use($ctrlBukaPintu) {
             $ctrlBukaPintu->bukaPintu();
         });
         $app->get('/stopbukapintu', function () use($ctrlBukaPintu) {
             $ctrlBukaPintu->stopBukaPintu();
         });
         // ControllerAuth
         $ctrlAuth = new ControllerAuth($app);
         ### POST
         $app->post('/login', function () use($ctrlAuth) {
             $ctrlAuth->loginToGetToken();
         });
         $app->post('/register', function () use($ctrlAuth) {
             $ctrlAuth->registerNewUser();
         });
         ### GET
         $app->get('/active/:USER_ID', function ($USER_ID) use($ctrlAuth) {
             $ctrlAuth->userActivation($USER_ID);
         });
         $app->get('/isexist/:EMAIL', function ($EMAIL) use($ctrlAuth) {
             $ctrlAuth->cekEmailIsExist($EMAIL);
         });
         $app->get('/pending-users', function () use($ctrlAuth) {
             $ctrlAuth->getAllPendingUser();
         });
         ### DELETE
         $app->delete('/user/:USER_ID', function ($USER_ID) use($ctrlAuth) {
             $ctrlAuth->removeUser($USER_ID);
         });
     });
 }
Пример #4
0
 public function userActivation($userId)
 {
     try {
         if ($this->getDB()->isJuruKunci($this->app->request()->headers->get('API-Token'))) {
             $getUser = $this->getDB()->where('id_auth', '=', $userId)->first()->toArray();
             $apiTokenAuth = new APITokenAuth($this->app);
             $token = $apiTokenAuth->createNewToken($getUser['email'], $getUser['password']);
             $setUserToActive = $this->getDB()->find($userId);
             $setUserToActive->active = 1;
             $setUserToActive->token = $token;
             if ($setUserToActive->save()) {
                 $this->writeToJSON(['active' => true, 'user_id' => $userId, 'token' => $token], 201);
             }
         } else {
             $this->writeToJSON(['errmsg' => 'dont have permission to active any users'], 500);
         }
     } catch (\Exception $ex) {
         $this->writeToJSON(['errmsg' => 'service unavailable'], 503);
     }
 }
 /**
  * Setup Middleware ApiKey
  * request is available if api-key exists
  * header must be contains
  * WWW-Authorization : base64(username/password)
  * API-Token : Token
  */
 public function call()
 {
     $request = $this->app->request();
     $headers = $request->headers;
     $response = $this->app->response();
     $apiKey = $headers->get('API-Token');
     $authorization = $headers->get('WWW-Authorization');
     $session = new APITokenAuth($this->app);
     if ($this->unprotectedURIs) {
         $this->next->call();
         return;
     }
     // go ahead if the sessionid is valid
     if ($session->isApiKeyUserPassValid($apiKey, $authorization)) {
         $this->next->call();
         return;
     }
     $response['Content-type'] = 'application/json';
     $response->setBody(json_encode(['errmsg' => 'Authentication invalid']));
     $response->status(401);
     return;
 }