Skip to content

P
projet-cdaw
Commit e66ffa47 authored by Zohten's avatar Zohten
Browse files
Options

prettier fix

parent 9e409e23
Hide whitespace changes
Inline Side-by-side
Showing with 395 additions and 329 deletions
BackEnd/TPs/tp4/controller/UserController.class.php
View file @ e66ffa47
...@@ -4,9 +4,11 @@ include_once __ROOT_DIR . '/libs/php-jwt/src/ExpiredException.php'; ...@@ -4,9 +4,11 @@ include_once __ROOT_DIR . '/libs/php-jwt/src/ExpiredException.php';
include_once __ROOT_DIR . '/libs/php-jwt/src/SignatureInvalidException.php'; include_once __ROOT_DIR . '/libs/php-jwt/src/SignatureInvalidException.php';
include_once __ROOT_DIR . '/libs/php-jwt/src/JWT.php'; include_once __ROOT_DIR . '/libs/php-jwt/src/JWT.php';
use \Firebase\JWT\JWT; use \Firebase\JWT\JWT;
class UserController extends Controller {
public function __construct($name, $request) { class UserController extends Controller
{
public function __construct($name, $request)
{
parent::__construct($name, $request); parent::__construct($name, $request);
} }
...@@ -16,16 +18,18 @@ class UserController extends Controller { ...@@ -16,16 +18,18 @@ class UserController extends Controller {
public function processRequest() public function processRequest()
{ {
switch ($this->request->getHttpMethod()) { switch ($this->request->getHttpMethod()) {
case 'GET': case 'GET':
if ($this->request->getUriParams()) if ($this->request->getUriParams()) {
return $this->getUser($this->request->getUriParams()[0]); return $this->getUser($this->request->getUriParams()[0]);
}
return $this->getAllUsers(); return $this->getAllUsers();
break; break;
case 'PUT': case 'PUT':
if ($this->request->getUriParams()) if ($this->request->getUriParams()) {
return $this->updateUser(array_merge($this->request->getData(),['id'=>$this->request->getUriParams()[0]])); return $this->updateUser(array_merge($this->request->getData(), ['id'=>$this->request->getUriParams()[0]]));
}
break; break;
} }
return Response::errorResponse("unsupported parameters or method in users"); return Response::errorResponse("unsupported parameters or method in users");
...@@ -40,25 +44,26 @@ class UserController extends Controller { ...@@ -40,25 +44,26 @@ class UserController extends Controller {
return $response; return $response;
} }
protected function getUser($id){ protected function getUser($id)
{
$user = User::getRow($id); $user = User::getRow($id);
$response = Response::okResponse(json_encode($user)); $response = Response::okResponse(json_encode($user));
return $response; return $response;
} }
protected function updateUser($array){ protected function updateUser($array)
{
try { try {
//var_dump($array);die; //var_dump($array);die;
$jwt_token = $this->request->getJwtToken(); $jwt_token = $this->request->getJwtToken();
// echo "jwt = $jwt_token"; // echo "jwt = $jwt_token";
$decodedJWT = JWT::decode($jwt_token, JWT_BACKEND_KEY, array('HS256')); $decodedJWT = JWT::decode($jwt_token, JWT_BACKEND_KEY, array('HS256'));
if($decodedJWT->data->id != $array['id']){ if ($decodedJWT->data->id != $array['id']) {
throw new Exception("You don't have access to this account.", 1); throw new Exception("You don't have access to this account.", 1);
} }
User::updateUser($array); User::updateUser($array);
} catch (Exception $e) {
} catch (Exception $e){
header('WWW-Authenticate: Bearer realm="'.JWT_ISSUER.'"'); header('WWW-Authenticate: Bearer realm="'.JWT_ISSUER.'"');
$jsonResult = json_encode(array( $jsonResult = json_encode(array(
...@@ -66,8 +71,8 @@ class UserController extends Controller { ...@@ -66,8 +71,8 @@ class UserController extends Controller {
"error" => $e->getMessage() "error" => $e->getMessage()
)); ));
return Response::unauthorizedResponse($jsonResult); return Response::unauthorizedResponse($jsonResult);
} }
$response = Response::okResponse('User succesfully updated !'); $response = Response::okResponse('User succesfully updated !');
return $response; return $response;
} }
} }
\ No newline at end of file
BackEnd/src/classes/AutoLoader.class.php
View file @ e66ffa47
<?php <?php
class AutoLoader { class AutoLoader
{
public function __construct()
public function __construct() { {
spl_autoload_register( array($this, 'load') ); spl_autoload_register(array($this, 'load'));
// spl_autoload_register(array($this, 'loadComplete')); // spl_autoload_register(array($this, 'loadComplete'));
} }
// This method will be automatically executed by PHP whenever it encounters an unknown class name in the source code // This method will be automatically executed by PHP whenever it encounters an unknown class name in the source code
private function load($className) { private function load($className)
if(in_array($className.'.class.php', scandir("model"))){ {
if (in_array($className.'.class.php', scandir("model"))) {
require_once "model/$className.class.php"; require_once "model/$className.class.php";
if (is_readable("sql/$className.sql.php")) if (is_readable("sql/$className.sql.php")) {
require_once "sql/$className.sql.php"; require_once "sql/$className.sql.php";
}
} }
if (in_array($className.'.class.php', scandir("classes"))) if (in_array($className.'.class.php', scandir("classes"))) {
require_once "classes/$className.class.php"; require_once "classes/$className.class.php";
}
if (in_array($className.'.class.php', scandir("controller"))) if (in_array($className.'.class.php', scandir("controller"))) {
require_once "controller/$className.class.php"; require_once "controller/$className.class.php";
}
// TODO : compute path of the file to load (cf. PHP function is_readable) // TODO : compute path of the file to load (cf. PHP function is_readable)
// it is in one of these subdirectory '/classes/', '/model/', '/controller/' // it is in one of these subdirectory '/classes/', '/model/', '/controller/'
// if it is a model, load its sql queries file too in sql/ directory // if it is a model, load its sql queries file too in sql/ directory
} }
} }
$__LOADER = new AutoLoader(); $__LOADER = new AutoLoader();
\ No newline at end of file
BackEnd/src/classes/DatabasePDO.class.php
View file @ e66ffa47
<?php <?php
class DatabasePDO extends PDO { class DatabasePDO extends PDO
{
protected static $singleton = null;
protected static $singleton = NULL; public static function singleton()
{
if (is_null(static::$singleton)) {
static::$singleton = new static();
}
public static function singleton(){ return static::$singleton;
if(is_null(static::$singleton)) }
static::$singleton = new static();
return static::$singleton; public function __construct()
} {
// $db = new PDO("sqlite::memory");
public function __construct() { $connectionString = "mysql:host=". DB_HOST;
// $db = new PDO("sqlite::memory");
$connectionString = "mysql:host=". DB_HOST; if (defined('DB_PORT')) {
$connectionString .= ";port=". DB_PORT;
}
if(defined('DB_PORT')) $connectionString .= ";dbname=" . DB_DATABASE;
$connectionString .= ";port=". DB_PORT; $connectionString .= ";charset=utf8";
$connectionString .= ";dbname=" . DB_DATABASE; parent::__construct($connectionString, DB_USERNAME, DB_PASSWORD);
$connectionString .= ";charset=utf8"; $this->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
}
parent::__construct($connectionString,DB_USERNAME,DB_PASSWORD); }
$this->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
}
}
\ No newline at end of file
BackEnd/src/classes/Dispatcher.class.php
View file @ e66ffa47
...@@ -4,18 +4,21 @@ ...@@ -4,18 +4,21 @@
* Analyses a request, created the right Controller passing it the request * Analyses a request, created the right Controller passing it the request
*/ */
class Dispatcher { class Dispatcher
{
public static function dispatch($request) { public static function dispatch($request)
return static::dispatchToController($request->getControllerName(),$request); {
return static::dispatchToController($request->getControllerName(), $request);
} }
public static function dispatchToController($controllerName, $request) { public static function dispatchToController($controllerName, $request)
{
$controllerClassName = ucfirst($controllerName) . 'Controller'; $controllerClassName = ucfirst($controllerName) . 'Controller';
if(!class_exists($controllerClassName)) if (!class_exists($controllerClassName)) {
throw(new Exception("Class $controllerName does not exist")); throw(new Exception("Class $controllerName does not exist"));
}
return new $controllerClassName($controllerName, $request); return new $controllerClassName($controllerName, $request);
} }
} }
\ No newline at end of file
BackEnd/src/classes/Request.class.php
View file @ e66ffa47
<?php <?php
class Request { class Request
{
protected $controllerName; protected $controllerName;
protected $uriParameters; protected $uriParameters;
protected $data; protected $data;
protected static $_instance; protected static $_instance;
public static function getCurrentRequest(){ public static function getCurrentRequest()
if(is_null(self::$_instance)) { {
self::$_instance = new Request(); if (is_null(self::$_instance)) {
} self::$_instance = new Request();
}
return self::$_instance; return self::$_instance;
}
public function __construct()
{
$this->initBaseURI();
$this->initControllerAndParametersFromURI();
$this->initData();
} }
public function __construct() { // intialise baseURI
$this->initBaseURI(); // e.g. http://eden.imt-lille-douai.fr/~luc.fabresse/api.php => __BASE_URI = /~luc.fabresse
$this->initControllerAndParametersFromURI(); // e.g. http://localhost/CDAW/api.php => __BASE_URI = /CDAW
$this->initData(); protected function initBaseURI()
} {
$this->baseURI = parse_url($_SERVER['REQUEST_URI'], PHP_URL_QUERY);
// intialise baseURI }
// e.g. http://eden.imt-lille-douai.fr/~luc.fabresse/api.php => __BASE_URI = /~luc.fabresse
// e.g. http://localhost/CDAW/api.php => __BASE_URI = /CDAW
protected function initBaseURI() {
$this->baseURI = parse_url($_SERVER['REQUEST_URI'], PHP_URL_QUERY);
}
// intialise controllerName et uriParameters
// controllerName contient chaîne 'default' ou le nom du controleur s'il est présent dans l'URI (la requête)
// uriParameters contient un tableau vide ou un tableau contenant les paramètres passés dans l'URI (la requête)
// e.g. http://eden.imt-lille-douai.fr/~luc.fabresse/api.php
// => controllerName == 'default'
// uriParameters == []
// e.g. http://eden.imt-lille-douai.fr/~luc.fabresse/api.php/user/1
// => controllerName == 'user'
// uriParameters == [ 1 ]
protected function initControllerAndParametersFromURI(){
// intialise controllerName et uriParameters
// controllerName contient chaîne 'default' ou le nom du controleur s'il est présent dans l'URI (la requête)
// uriParameters contient un tableau vide ou un tableau contenant les paramètres passés dans l'URI (la requête)
// e.g. http://eden.imt-lille-douai.fr/~luc.fabresse/api.php
// => controllerName == 'default'
// uriParameters == []
// e.g. http://eden.imt-lille-douai.fr/~luc.fabresse/api.php/user/1
// => controllerName == 'user'
// uriParameters == [ 1 ]
protected function initControllerAndParametersFromURI()
{
$prefix = $_SERVER['SCRIPT_NAME']; $prefix = $_SERVER['SCRIPT_NAME'];
$uriParameters = parse_url($_SERVER['REQUEST_URI'], PHP_URL_PATH); $uriParameters = parse_url($_SERVER['REQUEST_URI'], PHP_URL_PATH);
$i=0; $i=0;
while($i<strlen($prefix) && $i<strlen($uriParameters)) while ($i<strlen($prefix) && $i<strlen($uriParameters)) {
if($prefix[$i]===$uriParameters[$i]) if ($prefix[$i]===$uriParameters[$i]) {
$i++; $i++;
}
}
$uriParameters = substr($uriParameters, $i); $uriParameters = substr($uriParameters, $i);
...@@ -55,50 +60,53 @@ class Request { ...@@ -55,50 +60,53 @@ class Request {
$this->uriParameters = $uriSegments; $this->uriParameters = $uriSegments;
} }
// ============== // ==============
// Public API // Public API
// ============== // ==============
// retourne le name du controleur qui doit traiter la requête courante // retourne le name du controleur qui doit traiter la requête courante
public function getControllerName() { public function getControllerName()
return $this->controllerName; {
} return $this->controllerName;
}
public function getUriParams() {
return $this->uriParameters;
}
public function initData() {
if ($this->getHttpMethod() === 'PUT' || $this->getHttpMethod() === 'POST'){
$jsondata=file_get_contents("php://input");
$this->data = json_decode($jsondata, true);
}
}
// retourne la méthode HTTP utilisée dans la requête courante public function getUriParams()
public function getHttpMethod() { {
return $_SERVER["REQUEST_METHOD"]; return $this->uriParameters;
} }
public function getData() { public function initData()
return $this->data; {
} if ($this->getHttpMethod() === 'PUT' || $this->getHttpMethod() === 'POST') {
// returns JWT token in Authorization header or throw an exception $jsondata=file_get_contents("php://input");
public function getJwtToken() { $this->data = json_decode($jsondata, true);
$headers = getallheaders(); }
$autorization = $headers['Authorization']; }
$arr = explode(" ", $autorization);
if(count($arr)<2) // retourne la méthode HTTP utilisée dans la requête courante
throw new Exception("Missing JWT token"); public function getHttpMethod()
{
return $_SERVER["REQUEST_METHOD"];
}
$jwt_token = $arr[1]; public function getData()
{
return $this->data;
}
// returns JWT token in Authorization header or throw an exception
public function getJwtToken()
{
$headers = getallheaders();
$autorization = $headers['Authorization'];
$arr = explode(" ", $autorization);
return $jwt_token; if (count($arr)<2) {
} throw new Exception("Missing JWT token");
}
$jwt_token = $arr[1];
} return $jwt_token;
\ No newline at end of file }
}
BackEnd/src/classes/Response.class.php
View file @ e66ffa47
<?php <?php
class Response { class Response
protected $code; {
protected $body; protected $code;
protected $body;
public function __construct($code = 404, $msg = "") { public function __construct($code = 404, $msg = "")
$this->code = $code; {
$this->body = $msg; $this->code = $code;
} $this->body = $msg;
}
public static function errorResponse($message = "") { public static function errorResponse($message = "")
return new Response(400,$message); {
} return new Response(400, $message);
}
public static function serverErrorResponse($message = "") public static function serverErrorResponse($message = "")
{ {
return new Response(500,$message); return new Response(500, $message);
} }
public static function okResponse($message = "") public static function okResponse($message = "")
{ {
return new Response(200,$message); return new Response(200, $message);
} }
public static function notFoundResponse($message = "") public static function notFoundResponse($message = "")
{ {
return new Response(404,$message); return new Response(404, $message);
} }
public static function errorInParametersResponse($message = "") public static function errorInParametersResponse($message = "")
{ {
return new Response(400,$message); return new Response(400, $message);
} }
public static function unauthorizedResponse($message = "") public static function unauthorizedResponse($message = "")
{ {
return new Response(401,$message); return new Response(401, $message);
} }
public static function interceptEchos() { public static function interceptEchos()
ob_start(); {
} ob_start();
}
public static function getEchos() { public static function getEchos()
return ob_get_clean(); {
} return ob_get_clean();
}
public function send() { public function send()
// https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin {
header("Access-Control-Allow-Origin: *"); // https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin
header("Access-Control-Allow-Origin: *");
header("Content-Type: application/json; charset=UTF-8"); header("Content-Type: application/json; charset=UTF-8");
// https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Methods // https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Methods
header("Access-Control-Allow-Methods: GET,POST,PUT,DELETE"); header("Access-Control-Allow-Methods: GET,POST,PUT,DELETE");
header("Access-Control-Max-Age: 3600"); // Maximum number of seconds the results can be cached. header("Access-Control-Max-Age: 3600"); // Maximum number of seconds the results can be cached.
// https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Headers // https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Headers
header("Access-Control-Allow-Headers: Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With"); header("Access-Control-Allow-Headers: Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With");
http_response_code($this->code); http_response_code($this->code);
echo $this->body; echo $this->body;
exit; // do we keep that? exit; // do we keep that?
} }
} }
\ No newline at end of file
BackEnd/src/config/config.php
View file @ e66ffa47
<?php <?php
define('DB_HOST','127.0.0.1'); define('DB_HOST', '127.0.0.1');
define('DB_PORT',3306); define('DB_PORT', 3306);
define('DB_DATABASE','dbtest'); define('DB_DATABASE', 'dbtest');
define('DB_USERNAME','root'); define('DB_USERNAME', 'root');
define('DB_PASSWORD',''); define('DB_PASSWORD', '');
// define('__DEBUG', false); // define('__DEBUG', false);
define('__DEBUG', true); define('__DEBUG', true);
define( 'JWT_BACKEND_KEY', '6d8HbcZndVGNAbo4Ih1TGaKcuA1y2BKs-I5CmP' ); define('JWT_BACKEND_KEY', '6d8HbcZndVGNAbo4Ih1TGaKcuA1y2BKs-I5CmP');
define( 'JWT_ISSUER', $_SERVER['HTTP_HOST'] . $_SERVER['CONTEXT_PREFIX']); define('JWT_ISSUER', $_SERVER['HTTP_HOST'] . $_SERVER['CONTEXT_PREFIX']);
// ================================================================================ // ================================================================================
// Debug utilities // Debug utilities
// ================================================================================ // ================================================================================
if(__DEBUG) { if (__DEBUG) {
error_reporting(E_ALL); error_reporting(E_ALL);
ini_set("display_errors", E_ALL); ini_set("display_errors", E_ALL);
} else { } else {
...@@ -24,14 +24,16 @@ if(__DEBUG) { ...@@ -24,14 +24,16 @@ if(__DEBUG) {
ini_set("display_errors", 0); ini_set("display_errors", 0);
} }
function myLog($msg) { function myLog($msg)
if(__DEBUG) { {
if (__DEBUG) {
echo $msg; echo $msg;
} }
} }
function myDump($var) { function myDump($var)
if(__DEBUG) { {
if (__DEBUG) {
var_dump($var); var_dump($var);
} }
} }
\ No newline at end of file
BackEnd/src/controller/Controller.class.php
View file @ e66ffa47
...@@ -11,26 +11,26 @@ ...@@ -11,26 +11,26 @@
* - return the response * - return the response
*/ */
abstract class Controller { abstract class Controller
{
protected $name; protected $name;
protected $request; protected $request;
public function __construct($name, $request) { public function __construct($name, $request)
{
$this->request = $request; $this->request = $request;
$this->name = $name; $this->name = $name;
} }
public abstract function processRequest(); abstract public function processRequest();
public function execute() { public function execute()
{
$response = $this->processRequest(); $response = $this->processRequest();
if(empty($response)) { if (empty($response)) {
// $response = Response::serverErrorResponse("error processing request in ". self::class); // Oh my PHP! // $response = Response::serverErrorResponse("error processing request in ". self::class); // Oh my PHP!
$response = Response::serverErrorResponse("error processing request in ". static::class); $response = Response::serverErrorResponse("error processing request in ". static::class);
} }
return $response; return $response;
} }
}
}
\ No newline at end of file
BackEnd/src/controller/DefaultController.class.php
View file @ e66ffa47
<?php <?php
class DefaultController extends Controller { class DefaultController extends Controller
{
public function __construct($name, $request) { public function __construct($name, $request)
parent::__construct($name, $request); {
} parent::__construct($name, $request);
}
// ============== // ==============
// Actions // Actions
// ============== // ==============
public function processRequest() { public function processRequest()
return Response::errorResponse('{ "message" : "Unsupported endpoint"}' ); {
return Response::errorResponse('{ "message" : "Unsupported endpoint"}');
} }
}
}
\ No newline at end of file
BackEnd/src/controller/LoginController.class.php
View file @ e66ffa47
...@@ -5,33 +5,36 @@ include_once __ROOT_DIR . '/libs/php-jwt/src/SignatureInvalidException.php'; ...@@ -5,33 +5,36 @@ include_once __ROOT_DIR . '/libs/php-jwt/src/SignatureInvalidException.php';
include_once __ROOT_DIR . '/libs/php-jwt/src/JWT.php'; include_once __ROOT_DIR . '/libs/php-jwt/src/JWT.php';
use \Firebase\JWT\JWT; use \Firebase\JWT\JWT;
class LoginController extends Controller { class LoginController extends Controller
{
public function __construct($name, $request) { public function __construct($name, $request)
parent::__construct($name, $request); {
} parent::__construct($name, $request);
}
public function processRequest() { public function processRequest()
if($this->request->getHttpMethod() !== 'POST') {
return Response::errorResponse('{ "message" : "Unsupported endpoint" }' ); if ($this->request->getHttpMethod() !== 'POST') {
return Response::errorResponse('{ "message" : "Unsupported endpoint" }');
}
$json = $this->request->getData(); $json = $this->request->getData();
if(!isset($json['login']) || !isset($json['login'])) { if (!isset($json['login']) || !isset($json['login'])) {
$r = new Response(422,"login and pwd fields are mandatory"); $r = new Response(422, "login and pwd fields are mandatory");
$r->send(); $r->send();
} }
$user = User::tryLogin($json['login']); $user = User::tryLogin($json['login']);
if(empty($user) || !hash_equals($json['pwd'],$user->password())) { if (empty($user) || !hash_equals($json['pwd'], $user->password())) {
$r = new Response(422,"wrong credentials"); $r = new Response(422, "wrong credentials");
$r->send(); $r->send();
} }
// generate json web token // generate json web token
$issued_at = time(); $issued_at = time();
$expiration_time = $issued_at + (60 * 60); // valid for 1 hour $expiration_time = $issued_at + (60 * 60); // valid for 1 hour
$token = array( $token = array(
"iat" => $issued_at, "iat" => $issued_at,
"exp" => $expiration_time, "exp" => $expiration_time,
"iss" => JWT_ISSUER, "iss" => JWT_ISSUER,
...@@ -43,13 +46,13 @@ class LoginController extends Controller { ...@@ -43,13 +46,13 @@ class LoginController extends Controller {
) )
); );
$jwt = JWT::encode( $token, JWT_BACKEND_KEY ); $jwt = JWT::encode($token, JWT_BACKEND_KEY);
$jsonResult = json_encode( $jsonResult = json_encode(
array( array(
"jwt_token" => $jwt "jwt_token" => $jwt
) )
); );
return Response::okResponse($jsonResult); return Response::okResponse($jsonResult);
} }
} }
\ No newline at end of file
BackEnd/src/controller/UserController.class.php
View file @ e66ffa47
...@@ -4,9 +4,11 @@ include_once __ROOT_DIR . '/libs/php-jwt/src/ExpiredException.php'; ...@@ -4,9 +4,11 @@ include_once __ROOT_DIR . '/libs/php-jwt/src/ExpiredException.php';
include_once __ROOT_DIR . '/libs/php-jwt/src/SignatureInvalidException.php'; include_once __ROOT_DIR . '/libs/php-jwt/src/SignatureInvalidException.php';
include_once __ROOT_DIR . '/libs/php-jwt/src/JWT.php'; include_once __ROOT_DIR . '/libs/php-jwt/src/JWT.php';
use \Firebase\JWT\JWT; use \Firebase\JWT\JWT;
class UserController extends Controller {
public function __construct($name, $request) { class UserController extends Controller
{
public function __construct($name, $request)
{
parent::__construct($name, $request); parent::__construct($name, $request);
} }
...@@ -16,16 +18,18 @@ class UserController extends Controller { ...@@ -16,16 +18,18 @@ class UserController extends Controller {
public function processRequest() public function processRequest()
{ {
switch ($this->request->getHttpMethod()) { switch ($this->request->getHttpMethod()) {
case 'GET': case 'GET':
if ($this->request->getUriParams()) if ($this->request->getUriParams()) {
return $this->getUser($this->request->getUriParams()[0]); return $this->getUser($this->request->getUriParams()[0]);
}
return $this->getAllUsers(); return $this->getAllUsers();
break; break;
case 'PUT': case 'PUT':
if ($this->request->getUriParams()) if ($this->request->getUriParams()) {
return $this->updateUser(array_merge($this->request->getData(),['id'=>$this->request->getUriParams()[0]])); return $this->updateUser(array_merge($this->request->getData(), ['id'=>$this->request->getUriParams()[0]]));
}
break; break;
} }
return Response::errorResponse("unsupported parameters or method in users"); return Response::errorResponse("unsupported parameters or method in users");
...@@ -40,25 +44,26 @@ class UserController extends Controller { ...@@ -40,25 +44,26 @@ class UserController extends Controller {
return $response; return $response;
} }
protected function getUser($id){ protected function getUser($id)
{
$user = User::getRow($id); $user = User::getRow($id);
$response = Response::okResponse(json_encode($user)); $response = Response::okResponse(json_encode($user));
return $response; return $response;
} }
protected function updateUser($array){ protected function updateUser($array)
{
try { try {
//var_dump($array);die; //var_dump($array);die;
$jwt_token = $this->request->getJwtToken(); $jwt_token = $this->request->getJwtToken();
// echo "jwt = $jwt_token"; // echo "jwt = $jwt_token";
$decodedJWT = JWT::decode($jwt_token, JWT_BACKEND_KEY, array('HS256')); $decodedJWT = JWT::decode($jwt_token, JWT_BACKEND_KEY, array('HS256'));
if($decodedJWT->data->id != $array['id']){ if ($decodedJWT->data->id != $array['id']) {
throw new Exception("You don't have access to this account.", 1); throw new Exception("You don't have access to this account.", 1);
} }
User::updateUser($array); User::updateUser($array);
} catch (Exception $e) {
} catch (Exception $e){
header('WWW-Authenticate: Bearer realm="'.JWT_ISSUER.'"'); header('WWW-Authenticate: Bearer realm="'.JWT_ISSUER.'"');
$jsonResult = json_encode(array( $jsonResult = json_encode(array(
...@@ -66,8 +71,8 @@ class UserController extends Controller { ...@@ -66,8 +71,8 @@ class UserController extends Controller {
"error" => $e->getMessage() "error" => $e->getMessage()
)); ));
return Response::unauthorizedResponse($jsonResult); return Response::unauthorizedResponse($jsonResult);
} }
$response = Response::okResponse('User succesfully updated !'); $response = Response::okResponse('User succesfully updated !');
return $response; return $response;
} }
} }
\ No newline at end of file
BackEnd/src/controller/ValidateTokenController.class.php
View file @ e66ffa47
...@@ -6,32 +6,33 @@ include_once __ROOT_DIR . '/libs/php-jwt/src/SignatureInvalidException.php'; ...@@ -6,32 +6,33 @@ include_once __ROOT_DIR . '/libs/php-jwt/src/SignatureInvalidException.php';
include_once __ROOT_DIR . '/libs/php-jwt/src/JWT.php'; include_once __ROOT_DIR . '/libs/php-jwt/src/JWT.php';
use \Firebase\JWT\JWT; use \Firebase\JWT\JWT;
class ValidateTokenController extends Controller { class ValidateTokenController extends Controller
{
public function __construct($name, $request) { public function __construct($name, $request)
parent::__construct($name, $request); {
} parent::__construct($name, $request);
}
public function processRequest() { public function processRequest()
try { {
$jwt_token = $this->request->getJwtToken(); try {
// echo "jwt = $jwt_token"; $jwt_token = $this->request->getJwtToken();
$decodedJWT = JWT::decode($jwt_token, JWT_BACKEND_KEY, array('HS256')); // echo "jwt = $jwt_token";
$jsonResult = json_encode(array( $decodedJWT = JWT::decode($jwt_token, JWT_BACKEND_KEY, array('HS256'));
$jsonResult = json_encode(array(
"message" => "Access granted.", "message" => "Access granted.",
"data" => $decodedJWT "data" => $decodedJWT
)); ));
} catch (Exception $e) {
header('WWW-Authenticate: Bearer realm="'.JWT_ISSUER.'"');
} catch (Exception $e){ $jsonResult = json_encode(array(
header('WWW-Authenticate: Bearer realm="'.JWT_ISSUER.'"');
$jsonResult = json_encode(array(
"message" => "Access denied.", "message" => "Access denied.",
"error" => $e->getMessage() "error" => $e->getMessage()
)); ));
return Response::unauthorizedResponse($jsonResult); return Response::unauthorizedResponse($jsonResult);
} }
$response = Response::okResponse($jsonResult); $response = Response::okResponse($jsonResult);
return $response; return $response;
} }
} }
\ No newline at end of file
BackEnd/src/index.php
View file @ e66ffa47
...@@ -4,7 +4,7 @@ ...@@ -4,7 +4,7 @@
// of the directory that contains this file (index.php) // of the directory that contains this file (index.php)
// e.g. http://eden.imt-lille-douai.fr/~luc.fabresse/index.php => __ROOT_DIR = /home/luc.fabresse/public_html // e.g. http://eden.imt-lille-douai.fr/~luc.fabresse/index.php => __ROOT_DIR = /home/luc.fabresse/public_html
$rootDirectoryPath = realpath(dirname(__FILE__)); $rootDirectoryPath = realpath(dirname(__FILE__));
define ('__ROOT_DIR', $rootDirectoryPath ); define('__ROOT_DIR', $rootDirectoryPath);
// Load all application config // Load all application config
require_once(__ROOT_DIR . "/config/config.php"); require_once(__ROOT_DIR . "/config/config.php");
...@@ -25,4 +25,4 @@ ...@@ -25,4 +25,4 @@
$response = Response::errorResponse($log); $response = Response::errorResponse($log);
} }
$response->send(); $response->send();
\ No newline at end of file
BackEnd/src/model/Model.class.php
View file @ e66ffa47
<?php <?php
class Model { class Model
{
protected static function db(){ protected static function db()
{
return DatabasePDO::singleton(); return DatabasePDO::singleton();
} }
// *** Queries in sql/model.sql.php **** // *** Queries in sql/model.sql.php ****
protected static $requests = array(); protected static $requests = array();
public static function addSqlQuery($key, $sql){ public static function addSqlQuery($key, $sql)
{
static::$requests[$key] = $sql; static::$requests[$key] = $sql;
} }
public static function sqlQueryNamed($key){ public static function sqlQueryNamed($key)
{
return static::$requests[$key]; return static::$requests[$key];
} }
protected static function query($sql){ protected static function query($sql)
{
$st = static::db()->query($sql) or die("sql query error ! request : " . $sql); $st = static::db()->query($sql) or die("sql query error ! request : " . $sql);
$st->setFetchMode(PDO::FETCH_CLASS | PDO::FETCH_PROPS_LATE, get_called_class()); $st->setFetchMode(PDO::FETCH_CLASS | PDO::FETCH_PROPS_LATE, get_called_class());
return $st; return $st;
} }
protected static function exec($sqlKey,$values=array()){ protected static function exec($sqlKey, $values=array())
{
$sth = static::db()->prepare(static::sqlQueryNamed($sqlKey)); $sth = static::db()->prepare(static::sqlQueryNamed($sqlKey));
$sth->setFetchMode(PDO::FETCH_CLASS | PDO::FETCH_PROPS_LATE, get_called_class()); $sth->setFetchMode(PDO::FETCH_CLASS | PDO::FETCH_PROPS_LATE, get_called_class());
$sth->execute($values); $sth->execute($values);
return $sth; return $sth;
} }
} }
\ No newline at end of file
BackEnd/src/model/User.class.php
View file @ e66ffa47
<?php <?php
class User extends Model { class User extends Model
{
// =========== // ===========
// = Statics = // = Statics =
// =========== // ===========
protected static $table_name = 'USER'; protected static $table_name = 'USER';
// load all users from Db
public static function getList() {
$stm = parent::exec('USER_LIST');
return $stm->fetchAll();
}
public static function getRow($id) {
$stm = parent::exec('USER_GET_WITH_ID', ['id' => $id]);
return $stm->fetchAll();
}
public static function updateUser($array) { // load all users from Db
$stm = parent::exec('USER_UPDATE', $array); public static function getList()
} {
$stm = parent::exec('USER_LIST');
return $stm->fetchAll();
}
public static function getRow($id)
{
$stm = parent::exec('USER_GET_WITH_ID', ['id' => $id]);
return $stm->fetchAll();
}
public static function tryLogin($login){ public static function updateUser($array)
$stm = parent::exec('USER_GET_WITH_LOGIN', ['login' => $login]); {
return $stm->fetchAll(PDO::FETCH_CLASS, 'User')[0]; $stm = parent::exec('USER_UPDATE', $array);
} }
public function password(){ public static function tryLogin($login)
return trim($this->USER_PWD); {
} $stm = parent::exec('USER_GET_WITH_LOGIN', ['login' => $login]);
public function id(){ return $stm->fetchAll(PDO::FETCH_CLASS, 'User')[0];
return trim($this->USER_ID); }
}
public function firstname(){
return trim($this->USER_NAME);
}
public function lastname(){
return trim($this->USER_SURNAME);
}
public function email(){
return trim($this->USER_EMAIL);
}
} public function password()
\ No newline at end of file {
return trim($this->USER_PWD);
}
public function id()
{
return trim($this->USER_ID);
}
public function firstname()
{
return trim($this->USER_NAME);
}
public function lastname()
{
return trim($this->USER_SURNAME);
}
public function email()
{
return trim($this->USER_EMAIL);
}
}
BackEnd/src/sql/User.sql.php
View file @ e66ffa47
<?php <?php
User::addSqlQuery('USER_LIST', User::addSqlQuery(
'SELECT * FROM USER ORDER BY USER_LOGIN'); 'USER_LIST',
'SELECT * FROM USER ORDER BY USER_LOGIN'
);
User::addSqlQuery('USER_GET_WITH_LOGIN', User::addSqlQuery(
'SELECT * FROM USER WHERE USER_LOGIN=:login'); 'USER_GET_WITH_LOGIN',
'SELECT * FROM USER WHERE USER_LOGIN=:login'
);
User::addSqlQuery('USER_GET_WITH_ID', User::addSqlQuery(
'SELECT * FROM USER WHERE USER_ID=:id'); 'USER_GET_WITH_ID',
'SELECT * FROM USER WHERE USER_ID=:id'
);
User::addSqlQuery('USER_CREATE', User::addSqlQuery(
'INSERT INTO USER (USER_ID, USER_LOGIN, USER_EMAIL, USER_ROLE, USER_PWD, USER_NAME, USER_SURNAME) VALUES (NULL, :login, :email, :role, :pwd, :name, :surname)'); 'USER_CREATE',
'INSERT INTO USER (USER_ID, USER_LOGIN, USER_EMAIL, USER_ROLE, USER_PWD, USER_NAME, USER_SURNAME) VALUES (NULL, :login, :email, :role, :pwd, :name, :surname)'
);
User::addSqlQuery('USER_CONNECT', User::addSqlQuery(
'SELECT * FROM USER WHERE USER_LOGIN=:login and USER_PWD=:password'); 'USER_CONNECT',
'SELECT * FROM USER WHERE USER_LOGIN=:login and USER_PWD=:password'
);
User::addSqlQuery('USER_UPDATE', User::addSqlQuery(
'UPDATE USER SET USER_EMAIL = :email WHERE USER_ID = :id'); 'USER_UPDATE',
\ No newline at end of file 'UPDATE USER SET USER_EMAIL = :email WHERE USER_ID = :id'
);
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment