-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathindex.php
More file actions
151 lines (126 loc) · 4.97 KB
/
index.php
File metadata and controls
151 lines (126 loc) · 4.97 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
<?php
use NozCore\Authenticator;
use NozCore\Endpoint;
use NozCore\Message\Error;
use NozCore\Validator;
if(empty($_SESSION)) {
session_start();
}
$http_origin = (isset($_SERVER['HTTP_ORIGIN']) ? $_SERVER['HTTP_ORIGIN'] : '*');
$config = [
'allowedOrigins' => [
'http://localhost',
'https://localhost',
'http://eldrios.com',
'https://eldrios.com',
'http://localhost:4200',
'https://wrapper.beta.eldrios.com'
],
'fileRoot' => '::SITEROOT::/files/',
'authyKey' => false,
'database' => [
'username' => 'root',
'password' => '',
'database' => 'rsps_dev',
'host' => 'localhost',
'port' => 3306,
'prefix' => ''
]
];
$configFile = json_decode(file_get_contents(__DIR__ . '/config.json'), true);
foreach($configFile as $property => $value) {
if(is_array($value)) {
foreach($value as $property2 => $value2) {
$config[$property][$property2] = $value2;
}
} else {
$config[$property] = $value;
}
}
$config = (object) $config;
$GLOBALS['config'] = $config;
$GLOBALS['rootDir'] = __DIR__;
$allowedOrigins = $config->allowedOrigins;
if(!in_array($http_origin, $allowedOrigins)) {
$http_origin = '*';
}
$allowCredentials = 'true';
if($http_origin == '*') {
$allowCredentials = 'false';
}
header("Access-Control-Allow-Origin: {$http_origin}");
header("Access-Control-Allow-Credentials: {$allowCredentials}");
header("Content-Type: application/json; charset=UTF-8");
header("Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE");
header("Access-Control-Max-Age: 3600");
header("Access-Control-Allow-Headers: Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With");
if ($_SERVER["REQUEST_METHOD"] === "OPTIONS") {
exit; // OPTIONS request wants only the policy, we can stop here
}
require('./global.php');
require('./vendor/autoload.php');
if(!isset($_REQUEST['endpoint'])) {
new Error('No endpoint was specified.');
}
$GLOBALS['data'] = [];
if(is_array(json_decode(file_get_contents('php://input'), true))) {
$GLOBALS['data'] = json_decode(file_get_contents('php://input'), true);
}
function connectToDb($host, $name, $user, $pass, $port = 3306) {
try {
$GLOBALS['pdo'] = new PDO('mysql:host=' . $host . ':' . $port . ';dbname=' . $name . ';charset=utf8', $user, $pass);
} catch(PDOException $ex) {
new Error('Your database configuration is incorrect. Please configure your database credentials correctly.');
}
$pdoConnection = $GLOBALS['pdo'];
$GLOBALS['hydra'] = new \ClanCats\Hydrahon\Builder('mysql', function($query, $queryString, $queryParameters) use($pdoConnection) {
$statement = $pdoConnection->prepare($queryString);
$statement->execute($queryParameters);
if($query instanceof \ClanCats\Hydrahon\Query\Sql\FetchableInterface) {
return $statement->fetchAll(\PDO::FETCH_ASSOC);
}
return true;
});
}
connectToDb($config->database['host'], $config->database['database'], $config->database['username'], $config->database['password']);
try {
$auth = new Authenticator();
$token = $auth->getBearerToken();
if (!$auth->authenticateToken($token) && isset($_SESSION['user']['token'])) {
$auth->authenticateToken($_SESSION['user']['token']);
}
} catch (\ClanCats\Hydrahon\Query\Sql\Exception $e) {
new Error('Something went wrong with the authentication query.');
die();
} catch (ReflectionException $e) {
new Error('Something went wrong while authenticating.');
die();
}
// We need to map each endpoint in here so we know which class to use.
$endpointMap = json_decode(file_get_contents(__DIR__ . '/endpoints.json'), true);
// We need to know which type of request it is,
// whether it is a GET, POST, PUT or DELETE request.
$method = $_SERVER['REQUEST_METHOD'];
// Then we check if the currently requested endpoint is mapped.
if(array_key_exists($_REQUEST['endpoint'], $endpointMap)) {
// We want to get the mapped class name of the requested endpoint.
$endpoint = $endpointMap[$_REQUEST['endpoint']];
// We want to check if that endpoint class actually exists.
if(class_exists($endpoint)) {
/** @var Endpoint $endpointClass */
$endpointClass = new $endpoint();
$validator = new Validator();
if($validator->validateEndpoint($endpointClass)) {
$method = strtolower($method);
$endpointClass->$method();
$endpointClass->printResult();
} else {
new Error('Somehow the endpoint class was invalid.');
}
} else {
new Error('Endpoint ' . $_REQUEST['endpoint'] . ' not found.');
}
} else {
// If endpoint isn't mapped, we'll return this error message.
new Error('Endpoint ' . $_REQUEST['endpoint'] . ' not mapped to an endpoint class.');
}