/** * Adds a backend routes * @param $appInstance * @return void */ public static function addRouteDefinitions(Slim $appInstance) { $appInstance->group('/admin', function () use($appInstance) { $appInstance->get('/', function () { print '<h1>A Simple Backend</h1>'; }); $appInstance->map("/chpass", function () use($appInstance) { if (EMA_ADMIN_CHPASS) { AdminPasswordChange_controller::process(); } else { $appInstance->pass(); } })->via('GET', 'POST'); $appInstance->map("/update", function () use($appInstance) { ClassAndMethodsDispatcher::updateGPMethods(); })->via('GET', 'POST'); $appInstance->post("/login", function () use($appInstance) { $appInstance->response->headers->set('Cache-Control', 'no-store'); if (isset($_POST['username']) && is_string($_POST['username']) && (isset($_POST['password']) && is_string($_POST['password']))) { try { try { $user = new UserAuth(); } catch (SessionExpired $e) { $user = new UserAuth(); } $user->userLogin($_POST['username'], $_POST['password']); if (!$user->isAdmin()) { $user->logout(); throw new LoginIncorrect('You are not allowed to login here'); } $appInstance->response->headers->set('Content-Type', 'application/json'); print json_encode($user->getSessionAuthData()); } catch (LoginIncorrect $e) { $appInstance->response->headers->set('Content-Type', 'text/plain'); $appInstance->response->setStatus(400); print $e->getMessage(); } } else { $appInstance->response->headers->set('Content-Type', 'text/plain'); $appInstance->response->setStatus(400); print 'Bad request'; } }); $appInstance->map('/logout', function () use($appInstance) { try { $user = new UserAuth(); if ($user->isUserLoggedInSimple()) { $user->logout(); } } catch (SessionExpired $e) { } })->via('GET', 'POST'); }); }
private static function otherCalls() { switch ($_POST['action']) { case "getXMLModel": if (isset($_POST['class']) === true && is_string($_POST['class'])) { self::getXMLModel($_POST['class']); } return self::APP_XML_TYPE; break; case 'getAjaxMethods': self::getAjaxMethods($_POST['class']); return self::APP_JSON_TYPE; break; case 'getViewModelData': if (!is_array($_POST['class'])) { throw new RuntimeException("Invalid Argument"); } self::getViewModels($_POST['class']); return self::APP_JSON_TYPE; break; case 'sessionCheck': try { if ($_POST['class'] === 'member') { $user = new MembersAuth(); } else { $user = new UserAuth(); } $result = false; if ($user->isUserLoggedInSimple()) { $result = $user->getSessionAuthData(); } } catch (SessionExpired $e) { $result = false; } print json_encode($result); return self::APP_JSON_TYPE; break; default: throw new Exception("Action not defined"); } }