r31k
/
bludit
2
0
Fork 0
Code Issues 1 Pull Requests Releases Wiki Activity

API improves

This commit is contained in:
Diego 2017-07-19 22:50:08 +02:00
parent 48a4077ebb
commit b7bb0449b9
1 changed files with 47 additions and 62 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

109
bl-plugins/api/plugin.php
View File

@ -47,7 +47,7 @@ class pluginAPI extends Plugin {
// CHECK URL // CHECK URL
// ------------------------------------------------------------ // ------------------------------------------------------------
$URI = $this->webhook('api', $returnsAfterURI=true); $URI = $this->webhook('api', $returnsAfterURI=true);
if( $URI===false ) { if ($URI===false) {
return false; return false;
} }
@ -55,26 +55,20 @@ class pluginAPI extends Plugin {
// ------------------------------------------------------------ // ------------------------------------------------------------
$method = $this->getMethod(); $method = $this->getMethod();
// INPUTS // METHOD INPUTS
// ------------------------------------------------------------ // ------------------------------------------------------------
$inputs = $this->getInputs(); $inputs = $this->getMethodInputs();
if( empty($inputs) ) { if ( empty($inputs) ) {
$this->response(array( $this->response(404,'Not Found', array('message'=>'Missing method inputs.'));
'status'=>'1',
'message'=>'Missing inputs.'
));
} }
// PARAMETERS // ENDPOINT PARAMETERS
// ------------------------------------------------------------ // ------------------------------------------------------------
$parameters = $this->getParameters($URI); $parameters = $this->getEndpointParameters($URI);
if( empty($parameters) ) { if ( empty($parameters) ) {
$this->response(array( $this->response(404,'Not Found', array('message'=>'Missing endpoint parameters.'));
'status'=>'1',
'message'=>'Missing parameters.'
));
} }
// API TOKEN // API TOKEN
@ -82,56 +76,47 @@ class pluginAPI extends Plugin {
$tokenAPI = $this->getValue('token'); $tokenAPI = $this->getValue('token');
// Check empty token // Check empty token
if( empty($inputs['token']) ) { if ( empty($inputs['token']) ) {
$this->response(array( $this->response(404,'Not Found', array('message'=>'Missing API token.'));
'status'=>'1',
'message'=>'Missing API token.'
));
} }
// Check the token is valid // Check the token is valid
if( $inputs['token']!=$tokenAPI ) { if ($inputs['token']!==$tokenAPI) {
$this->response(array( $this->response(401, 'Unauthorized', array('message'=>'Invalid API token.'));
'status'=>'1',
'message'=>'Invalid API token.'
));
} }
// AUTHENTICATION TOKEN // AUTHENTICATION TOKEN
// ------------------------------------------------------------ // ------------------------------------------------------------
$writePermissions = false; $writePermissions = false;
if( !empty($inputs['authentication']) ) { if ( !empty($inputs['authentication']) ) {
// Get the user with the authentication token // Get the user with the authentication token
$username = $dbUsers->getByAuthToken($inputs['authentication']); $username = $dbUsers->getByAuthToken($inputs['authentication']);
if( $username!==false ) { if ($username!==false) {
// Enable write permissions // Enable write permissions
$writePermissions = true; $writePermissions = true;
} }
} }
// REQUESTS // ENDPOINTS
// ------------------------------------------------------------ // ------------------------------------------------------------
// (GET) /api/pages // (GET) /api/pages
if( ($method==='GET') && ($parameters[0]==='pages') && empty($parameters[1]) ) { if ( ($method==='GET') && ($parameters[0]==='pages') && empty($parameters[1]) ) {
$data = $this->getPages(); $data = $this->getPages();
} }
// (GET) /api/pages/<key> // (GET) /api/pages/<key>
elseif( ($method==='GET') && ($parameters[0]==='pages') && !empty($parameters[1]) ) { elseif ( ($method==='GET') && ($parameters[0]==='pages') && !empty($parameters[1]) ) {
$data = $this->getPage($parameters[1]); $data = $this->getPage($parameters[1]);
} }
// (POST) /api/pages // (POST) /api/pages
elseif( ($method==='POST') && ($parameters[0]==='pages') && empty($parameters[1]) && $writePermissions ) { elseif ( ($method==='POST') && ($parameters[0]==='pages') && empty($parameters[1]) && $writePermissions ) {
$data = $this->newPage($inputs); $data = $this->newPage($inputs);
} }
else { else {
$data = array( $this->response(401, 'Unauthorized', array('message'=>'Access denied or invalid endpoint.'));
'status'=>'1',
'message'=>'Error: URI not found or Access denied.'
);
} }
$this->response($data); $this->response(200, 'OK', $data);
} }
// PRIVATE METHODS // PRIVATE METHODS
@ -150,25 +135,7 @@ class pluginAPI extends Plugin {
return $this->method; return $this->method;
} }
private function getParameters($URI) private function getMethodInputs()
{
// PARAMETERS
// ------------------------------------------------------------
// /api/pages | GET | returns all pages
// /api/pages/{key} | GET | returns the page with the {key}
// /api/cli/regenerate | POST | check for new posts and pages
$parameters = explode('/', $URI);
// Sanitize parameters
foreach($parameters as $key=>$value) {
$parameters[$key] = Sanitize::html($value);
}
return $parameters;
}
private function getInputs()
{ {
switch($this->method) { switch($this->method) {
case "POST": case "POST":
@ -189,15 +156,32 @@ class pluginAPI extends Plugin {
return $this->cleanInputs($inputs); return $this->cleanInputs($inputs);
} }
private function getEndpointParameters($URI)
{
// ENDPOINT Parameters
// ------------------------------------------------------------
// /api/pages | GET | returns all pages
// /api/pages/{key} | GET | returns the page with the {key}
// /api/pages | POST | create a new page
$parameters = explode('/', $URI);
// Sanitize parameters
foreach ($parameters as $key=>$value) {
$parameters[$key] = Sanitize::html($value);
}
return $parameters;
}
private function cleanInputs($inputs) private function cleanInputs($inputs)
{ {
$tmp = array(); $tmp = array();
if( is_array($inputs) ) { if ( is_array($inputs) ) {
foreach($inputs as $key=>$value) { foreach($inputs as $key=>$value) {
$tmp[$key] = Sanitize::html($value); $tmp[$key] = Sanitize::html($value);
} }
} } elseif ( is_string($inputs) ) {
elseif( is_string($inputs) ) {
$tmp = json_decode($inputs, true); $tmp = json_decode($inputs, true);
if(json_last_error()===0) { if(json_last_error()===0) {
$tmp = array(); $tmp = array();
@ -206,10 +190,11 @@ class pluginAPI extends Plugin {
return $tmp; return $tmp;
} }
private function response($data=array()) private function response($code=200, $message='OK', $data=array())
{ {
$json = json_encode($data); header('HTTP/1.1 '.$code.' '.$message);
header('Content-Type: application/json'); header('Content-Type: application/json');
$json = json_encode($data);
exit($json); exit($json);
} }
@ -218,7 +203,7 @@ class pluginAPI extends Plugin {
// Generate the object Page // Generate the object Page
$Page = buildPage($key); $Page = buildPage($key);
if(!$Page) { if (!$Page) {
return array( return array(
'status'=>'1', 'status'=>'1',
'message'=>'Page not found.' 'message'=>'Page not found.'
@ -250,7 +235,7 @@ class pluginAPI extends Plugin {
// Get keys of pages // Get keys of pages
$keys = array_keys($list); $keys = array_keys($list);
foreach($keys as $pageKey) { foreach ($keys as $pageKey) {
// Create the page object from the page key // Create the page object from the page key
$page = buildPage($pageKey); $page = buildPage($pageKey);
array_push($tmp['data'], $page->json( $returnsArray=true )); array_push($tmp['data'], $page->json( $returnsArray=true ));