Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
P
projet-cdaw
Project
Project
Details
Activity
Releases
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
Thibaut Felten
projet-cdaw
Commits
c9b788aa
Commit
c9b788aa
authored
Nov 22, 2020
by
thibaut-felten
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Authenticated PUT + Doc
parent
9d22d3c8
Changes
4
Hide whitespace changes
Inline
Side-by-side
Showing
4 changed files
with
125 additions
and
37 deletions
+125
-37
README.md
backend/MVC/README.md
+64
-4
config.php
backend/MVC/config/config.php
+11
-0
LoginController.class.php
backend/MVC/controller/LoginController.class.php
+0
-2
UserController.class.php
backend/MVC/controller/UserController.class.php
+50
-31
No files found.
backend/MVC/README.md
View file @
c9b788aa
...
@@ -4,13 +4,73 @@
...
@@ -4,13 +4,73 @@
Open endpoints require no Authentication.
Open endpoints require no Authentication.
*
Login :
`POST /api/login/`
*
[
Login
](
#Login
)
:
`POST /api/login/`
*
Get all users infos :
`GET /api.php/users/`
*
Get all users data :
`GET /api.php/users/`
*
Show info :
`GET /api/user/{id}`
*
Show data of a user :
`GET /api.php/user/{id}`
*
Update info :
`PUT /api/user/{id}`
*
Create a new user :
`POST /api.php/user/{id}`
*
Delete a user :
`DELETE /api.php/user/{id}`
Should be a closed endpoint.
## Endpoints that require Authentication
## Endpoints that require Authentication
Closed endpoints require a valid Token to be included in the header of the
Closed endpoints require a valid Token to be included in the header of the
request.
request.
*
Update data :
`PUT /api.php/user/{id}`
<!-- LOGIN -->
# Login
Used to collect a Token for a registered User.
**URL**
:
`/api/login/`
**Method**
:
`POST`
**Auth required**
: NO
**Data constraints**
```
json
{
"username"
:
"[valid email address]"
,
"password"
:
"[password in plain text]"
}
```
**Data example**
```
json
{
"username"
:
"iloveauth@example.com"
,
"password"
:
"abcd1234"
}
```
## Success Response
**Code**
:
`200 OK`
**Content example**
```
json
{
"token"
:
"93144b288eb1fdccbe46d6fc0f241a51766ecd3d"
}
```
## Error Response
**Condition**
: If 'username' and 'password' combination is wrong.
**Code**
:
`400 BAD REQUEST`
**Content**
:
```
json
{
"non_field_errors"
:
[
"Unable to login with provided credentials."
]
}
```
\ No newline at end of file
backend/MVC/config/config.php
View file @
c9b788aa
<?php
<?php
// Config Eden
define
(
'DB_HOST'
,
'localhost'
);
define
(
'DB_HOST'
,
'localhost'
);
define
(
'DB_PORT'
,
3306
);
define
(
'DB_PORT'
,
3306
);
define
(
'DB_DBNAME'
,
'thibaut_felten'
);
define
(
'DB_DBNAME'
,
'thibaut_felten'
);
define
(
'DB_USER'
,
'thibaut.felten'
);
define
(
'DB_USER'
,
'thibaut.felten'
);
define
(
'DB_PASSWORD'
,
'YpIaegvG'
);
define
(
'DB_PASSWORD'
,
'YpIaegvG'
);
//Config local
// define('DB_HOST','localhost');
// define('DB_PORT',3306);
// define('DB_DBNAME','dbtest');
// define('DB_USER','root');
// define('DB_PASSWORD','root');
define
(
'JWT_BACKEND_KEY'
,
'6d8HbcZndVGNAbo4Ih1TGaKcuA1y2BKs-I5CmP'
);
define
(
'JWT_BACKEND_KEY'
,
'6d8HbcZndVGNAbo4Ih1TGaKcuA1y2BKs-I5CmP'
);
define
(
'JWT_ISSUER'
,
$_SERVER
[
'HTTP_HOST'
]
.
$_SERVER
[
'CONTEXT_PREFIX'
]);
define
(
'JWT_ISSUER'
,
$_SERVER
[
'HTTP_HOST'
]
.
$_SERVER
[
'CONTEXT_PREFIX'
]);
\ No newline at end of file
backend/MVC/controller/LoginController.class.php
View file @
c9b788aa
...
@@ -23,8 +23,6 @@ class LoginController extends Controller {
...
@@ -23,8 +23,6 @@ class LoginController extends Controller {
}
}
$user
=
User
::
tryLogin
(
$json
->
login
);
$user
=
User
::
tryLogin
(
$json
->
login
);
// print_r($user);
// exit;
if
(
empty
(
$user
)
||
!
hash_equals
(
$json
->
pwd
,
$user
->
USER_PASSWORD
))
{
if
(
empty
(
$user
)
||
!
hash_equals
(
$json
->
pwd
,
$user
->
USER_PASSWORD
))
{
$r
=
new
Response
(
422
,
"wrong credentials"
);
$r
=
new
Response
(
422
,
"wrong credentials"
);
$r
->
send
();
$r
->
send
();
...
...
backend/MVC/controller/UserController.class.php
View file @
c9b788aa
<?php
<?php
include_once
__ROOT_DIR
.
'/libs/php-jwt/src/BeforeValidException.php'
;
include_once
__ROOT_DIR
.
'/libs/php-jwt/src/ExpiredException.php'
;
include_once
__ROOT_DIR
.
'/libs/php-jwt/src/SignatureInvalidException.php'
;
include_once
__ROOT_DIR
.
'/libs/php-jwt/src/JWT.php'
;
use
\Firebase\JWT\JWT
;
class
UserController
extends
Controller
{
class
UserController
extends
Controller
{
public
function
__construct
(
$name
,
$request
)
{
public
function
__construct
(
$name
,
$request
)
{
...
@@ -52,44 +58,57 @@ class UserController extends Controller {
...
@@ -52,44 +58,57 @@ class UserController extends Controller {
return
$response
;
return
$response
;
}
}
protected
function
updateUser
(
$id
,
$data
)
protected
function
updateUser
(
$id
,
$data
){
{
try
{
$userValues
=
User
::
getUserById
(
$id
);
$jwt_token
=
$this
->
request
->
getJwtToken
();
$userValues
=
(
$userValues
[
0
]);
// print_r($userValues);
// exit;
if
(
$userValues
==
[]){
$response
=
Response
::
errorResponse
(
"User not found"
);
return
$response
;
}
else
{
if
(
array_key_exists
(
'USER_LOGIN'
,
$data
)){
$login
=
$data
[
'USER_LOGIN'
];
}
else
{
$login
=
$userValues
->
USER_LOGIN
;
}
if
(
array_key_exists
(
'USER_EMAIL'
,
$data
)){
$decodedJWT
=
JWT
::
decode
(
$jwt_token
,
JWT_BACKEND_KEY
,
array
(
'HS256'
));
$email
=
$data
[
'USER_EMAIL'
];
}
else
{
$email
=
$userValues
->
USER_EMAIL
;
}
if
(
array_key_exists
(
'USER_LASTNAME'
,
$data
)){
$userValues
=
User
::
getUserById
(
$id
);
$lastname
=
$data
[
'USER_LASTNAME'
];
$userValues
=
(
$userValues
[
0
]);
if
(
$userValues
==
[]){
$response
=
Response
::
errorResponse
(
"User not found"
);
return
$response
;
}
else
{
}
else
{
$lastname
=
$userValues
->
USER_LASTNAME
;
if
(
array_key_exists
(
'USER_LOGIN'
,
$data
)){
}
$login
=
$data
[
'USER_LOGIN'
];
}
else
{
$login
=
$userValues
->
USER_LOGIN
;
}
if
(
array_key_exists
(
'USER_FIRSTNAME'
,
$data
)){
if
(
array_key_exists
(
'USER_EMAIL'
,
$data
)){
$firstname
=
$data
[
'USER_FIRSTNAME'
];
$email
=
$data
[
'USER_EMAIL'
];
}
else
{
}
else
{
$firstname
=
$userValues
->
USER_FIRSTNAME
;
$email
=
$userValues
->
USER_EMAIL
;
}
if
(
array_key_exists
(
'USER_LASTNAME'
,
$data
)){
$lastname
=
$data
[
'USER_LASTNAME'
];
}
else
{
$lastname
=
$userValues
->
USER_LASTNAME
;
}
if
(
array_key_exists
(
'USER_FIRSTNAME'
,
$data
)){
$firstname
=
$data
[
'USER_FIRSTNAME'
];
}
else
{
$firstname
=
$userValues
->
USER_FIRSTNAME
;
}
$user
=
User
::
updateUser
(
array
(
"id"
=>
$id
,
"login"
=>
$login
,
"email"
=>
$email
,
"lastname"
=>
$lastname
,
"firstname"
=>
$firstname
));
$response
=
new
Response
(
200
,
json_encode
(
$user
));
return
$response
;
}
}
$user
=
User
::
updateUser
(
array
(
"id"
=>
$id
,
"login"
=>
$login
,
"email"
=>
$email
,
"lastname"
=>
$lastname
,
"firstname"
=>
$firstname
));
}
catch
(
Exception
$e
){
$response
=
new
Response
(
200
,
json_encode
(
$user
));
header
(
'WWW-Authenticate: Bearer realm="'
.
JWT_ISSUER
.
'"'
);
return
$response
;
$jsonResult
=
json_encode
(
array
(
"message"
=>
"Access denied."
,
"error"
=>
$e
->
getMessage
()
));
return
Response
::
unauthorizedResponse
(
$jsonResult
);
}
}
}
}
protected
function
createUser
(
$data
)
protected
function
createUser
(
$data
)
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment
