From 2811a0f8e6705ec76b742bc98a794b8611377c57 Mon Sep 17 00:00:00 2001 From: Thorsten Rinne Date: Sun, 30 Jul 2023 13:54:47 +0200 Subject: [PATCH] refactor: moved login API to controller --- phpmyfaq/.htaccess | 12 ++-- phpmyfaq/api.php | 33 ---------- phpmyfaq/src/api-routes.php | 5 ++ .../Api/Controller/AttachmentController.php | 15 +++++ .../Api/Controller/CommentController.php | 2 +- .../Api/Controller/LoginController.php | 65 +++++++++++++++++++ .../Api/Controller/NewsController.php | 15 +++++ .../Api/Controller/OpenQuestionController.php | 15 +++++ .../phpMyFAQ/Api/Controller/TagController.php | 15 +++++ 9 files changed, 136 insertions(+), 41 deletions(-) create mode 100644 phpmyfaq/src/phpMyFAQ/Api/Controller/LoginController.php diff --git a/phpmyfaq/.htaccess b/phpmyfaq/.htaccess index 284479acbf..00b24565ea 100644 --- a/phpmyfaq/.htaccess +++ b/phpmyfaq/.htaccess @@ -60,10 +60,6 @@ RewriteRule ^(.*)$ index.php?action=ask [L,QSA] RewriteCond %{REQUEST_URI} /open-questions\.html$ [NC] RewriteRule ^(.*)$ index.php?action=open-questions [L,QSA] -# the help page -RewriteCond %{REQUEST_URI} /help\.html$ [NC] -RewriteRule ^(.*)$ index.php?action=help [L,QSA] - # the contact page RewriteCond %{REQUEST_URI} /contact\.html$ [NC] RewriteRule ^(.*)$ index.php?action=contact [L,QSA] @@ -155,7 +151,7 @@ RewriteRule api/v2.0/open-questions api/index.php RewriteRule api/v2.0/comments/([0-9]+) api/index.php RewriteRule api/v2.0/attachments/([0-9]+) api/index.php RewriteRule api/v2.0/news api/index.php -RewriteRule api/v2.0/login api.php?action=login [L,QSA] +RewriteRule api/v2.0/login api/index.php RewriteRule api/v2.0/faqs/([0-9]+) api.php?action=faqs&categoryId=$1 [L,QSA] RewriteRule api/v2.0/faqs/popular api.php?action=faqs&filter=popular [L,QSA] RewriteRule api/v2.0/faqs/latest api.php?action=faqs&filter=latest [L,QSA] @@ -176,7 +172,7 @@ RewriteRule api/v2.1/open-questions api/index.php RewriteRule api/v2.1/comments/([0-9]+) api/index.php RewriteRule api/v2.1/attachments/([0-9]+) api/index.php RewriteRule api/v2.1/news api/index.php -RewriteRule api/v2.1/login api.php?action=login [L,QSA] +RewriteRule api/v2.1/login api/index.php RewriteRule api/v2.1/faqs/([0-9]+) api.php?action=faqs&categoryId=$1 [L,QSA] RewriteRule api/v2.1/faqs/popular api.php?action=faqs&filter=popular [L,QSA] RewriteRule api/v2.1/faqs/latest api.php?action=faqs&filter=latest [L,QSA] @@ -203,7 +199,7 @@ RewriteRule api/v2.2/open-questions api/index.php RewriteRule api/v2.2/comments/([0-9]+) api/index.php RewriteRule api/v2.2/attachments/([0-9]+) api/index.php RewriteRule api/v2.2/news api/index.php -RewriteRule api/v2.2/login api.php?action=login [L,QSA] +RewriteRule api/v2.2/login api/index.php RewriteRule api/v2.2/faqs/([0-9]+) api.php?action=faqs&categoryId=$1 [L,QSA] RewriteRule api/v2.2/faqs/popular api.php?action=faqs&filter=popular [L,QSA] RewriteRule api/v2.2/faqs/latest api.php?action=faqs&filter=latest [L,QSA] @@ -221,6 +217,8 @@ RewriteRule api/v2.3/categories api/index.php RewriteRule api/v2.3/comments/([0-9]+) api/index.php RewriteRule api/v2.3/groups api/index.php RewriteRule api/v2.3/language api/index.php +RewriteRule api/v2.3/login api/index.php +RewriteRule api/v2.3/news api/index.php RewriteRule api/v2.3/open-questions api/index.php RewriteRule api/v2.3/search api/index.php RewriteRule api/v2.3/searches/popular api/index.php diff --git a/phpmyfaq/api.php b/phpmyfaq/api.php index 120e7b83c7..de2e4c4393 100644 --- a/phpmyfaq/api.php +++ b/phpmyfaq/api.php @@ -221,15 +221,6 @@ $response->setData($result); break; - case 'news': - $news = new News($faqConfig); - $result = $news->getLatestData(false, true, true); - if ((is_countable($result) ? count($result) : 0) === 0) { - $response->setStatusCode(Response::HTTP_NOT_FOUND); - } - $response->setData($result); - break; - case 'faqs': $filter = Filter::filterInput(INPUT_GET, 'filter', FILTER_SANITIZE_SPECIAL_CHARS); $faq = new Faq($faqConfig); @@ -401,30 +392,6 @@ $response->setData($result); break; - case 'login': - $postData = json_decode(file_get_contents('php://input'), true, 512, JSON_THROW_ON_ERROR); - $faqUsername = Filter::filterVar($postData['username'], FILTER_SANITIZE_SPECIAL_CHARS); - $faqPassword = Filter::filterVar($postData['password'], FILTER_SANITIZE_SPECIAL_CHARS); - - $user = new CurrentUser($faqConfig); - $userAuth = new UserAuthentication($faqConfig, $user); - try { - $user = $userAuth->authenticate($faqUsername, $faqPassword); - $response->setStatusCode(Response::HTTP_OK); - $result = [ - 'loggedin' => true - ]; - } catch (Exception $e) { - $faqConfig->getLogger()->error('Failed login: ' . $e->getMessage()); - $response->setStatusCode(Response::HTTP_BAD_REQUEST); - $result = [ - 'loggedin' => false, - 'error' => Translation::get('ad_auth_fail') - ]; - } - $response->setData($result); - break; - case 'register': if ($faqConfig->get('api.apiClientToken') !== $request->headers->get('x-pmf-token')) { $response->setStatusCode(Response::HTTP_UNAUTHORIZED); diff --git a/phpmyfaq/src/api-routes.php b/phpmyfaq/src/api-routes.php index 5cc4fa2531..45dee196e9 100644 --- a/phpmyfaq/src/api-routes.php +++ b/phpmyfaq/src/api-routes.php @@ -20,6 +20,7 @@ use phpMyFAQ\Api\Controller\CommentController; use phpMyFAQ\Api\Controller\GroupController; use phpMyFAQ\Api\Controller\LanguageController; +use phpMyFAQ\Api\Controller\LoginController; use phpMyFAQ\Api\Controller\NewsController; use phpMyFAQ\Api\Controller\OpenQuestionController; use phpMyFAQ\Api\Controller\SearchController; @@ -56,6 +57,10 @@ 'api.language', new Route("v{$apiVersion}/language", ['_controller' => [LanguageController::class, 'index']]) ); +$routes->add( + 'api.login', + new Route("v{$apiVersion}/login", ['_controller' => [LoginController::class, 'login'], '_methods' => 'POST']) +); $routes->add( 'api.news', new Route("v{$apiVersion}/news", ['_controller' => [NewsController::class, 'list']]) diff --git a/phpmyfaq/src/phpMyFAQ/Api/Controller/AttachmentController.php b/phpmyfaq/src/phpMyFAQ/Api/Controller/AttachmentController.php index 883029bea5..a292980f40 100644 --- a/phpmyfaq/src/phpMyFAQ/Api/Controller/AttachmentController.php +++ b/phpmyfaq/src/phpMyFAQ/Api/Controller/AttachmentController.php @@ -1,5 +1,20 @@ + * @copyright 2023 phpMyFAQ Team + * @license https://www.mozilla.org/MPL/2.0/ Mozilla Public License Version 2.0 + * @link https://www.phpmyfaq.de + * @since 2023-07-30 + */ + namespace phpMyFAQ\Api\Controller; use phpMyFAQ\Attachment\AttachmentException; diff --git a/phpmyfaq/src/phpMyFAQ/Api/Controller/CommentController.php b/phpmyfaq/src/phpMyFAQ/Api/Controller/CommentController.php index cc2a03bf47..e892acccf6 100644 --- a/phpmyfaq/src/phpMyFAQ/Api/Controller/CommentController.php +++ b/phpmyfaq/src/phpMyFAQ/Api/Controller/CommentController.php @@ -1,7 +1,7 @@ + * @copyright 2023 phpMyFAQ Team + * @license https://www.mozilla.org/MPL/2.0/ Mozilla Public License Version 2.0 + * @link https://www.phpmyfaq.de + * @since 2023-07-30 + */ + +namespace phpMyFAQ\Api\Controller; + +use phpMyFAQ\Configuration; +use phpMyFAQ\Core\Exception; +use phpMyFAQ\Filter; +use phpMyFAQ\Translation; +use phpMyFAQ\User\CurrentUser; +use phpMyFAQ\User\UserAuthentication; +use Symfony\Component\HttpFoundation\JsonResponse; +use Symfony\Component\HttpFoundation\Request; +use Symfony\Component\HttpFoundation\Response; + +class LoginController +{ + /** + * @throws \JsonException + */ + public function login(Request $request): JsonResponse + { + $response = new JsonResponse(); + $faqConfig = Configuration::getConfigurationInstance(); + + $postBody = json_decode($request->getContent(), false, 512, JSON_THROW_ON_ERROR); + + $faqUsername = Filter::filterVar($postBody->username, FILTER_SANITIZE_SPECIAL_CHARS); + $faqPassword = Filter::filterVar($postBody->password, FILTER_SANITIZE_SPECIAL_CHARS); + + $user = new CurrentUser($faqConfig); + $userAuth = new UserAuthentication($faqConfig, $user); + try { + $user = $userAuth->authenticate($faqUsername, $faqPassword); + $response->setStatusCode(Response::HTTP_OK); + $result = [ + 'loggedin' => true + ]; + } catch (Exception $e) { + $faqConfig->getLogger()->error('Failed login: ' . $e->getMessage()); + $response->setStatusCode(Response::HTTP_BAD_REQUEST); + $result = [ + 'loggedin' => false, + 'error' => Translation::get('ad_auth_fail') + ]; + } + $response->setData($result); + + return $response; + } +} diff --git a/phpmyfaq/src/phpMyFAQ/Api/Controller/NewsController.php b/phpmyfaq/src/phpMyFAQ/Api/Controller/NewsController.php index 6ab8a25dbf..2ea437735c 100644 --- a/phpmyfaq/src/phpMyFAQ/Api/Controller/NewsController.php +++ b/phpmyfaq/src/phpMyFAQ/Api/Controller/NewsController.php @@ -1,5 +1,20 @@ + * @copyright 2023 phpMyFAQ Team + * @license https://www.mozilla.org/MPL/2.0/ Mozilla Public License Version 2.0 + * @link https://www.phpmyfaq.de + * @since 2023-07-30 + */ + namespace phpMyFAQ\Api\Controller; use phpMyFAQ\Configuration; diff --git a/phpmyfaq/src/phpMyFAQ/Api/Controller/OpenQuestionController.php b/phpmyfaq/src/phpMyFAQ/Api/Controller/OpenQuestionController.php index 8623581284..dd4380f6a1 100644 --- a/phpmyfaq/src/phpMyFAQ/Api/Controller/OpenQuestionController.php +++ b/phpmyfaq/src/phpMyFAQ/Api/Controller/OpenQuestionController.php @@ -1,5 +1,20 @@ + * @copyright 2023 phpMyFAQ Team + * @license https://www.mozilla.org/MPL/2.0/ Mozilla Public License Version 2.0 + * @link https://www.phpmyfaq.de + * @since 2023-07-29 + */ + namespace phpMyFAQ\Api\Controller; use phpMyFAQ\Configuration; diff --git a/phpmyfaq/src/phpMyFAQ/Api/Controller/TagController.php b/phpmyfaq/src/phpMyFAQ/Api/Controller/TagController.php index d4f7474f66..da71368ecb 100644 --- a/phpmyfaq/src/phpMyFAQ/Api/Controller/TagController.php +++ b/phpmyfaq/src/phpMyFAQ/Api/Controller/TagController.php @@ -1,5 +1,20 @@ + * @copyright 2023 phpMyFAQ Team + * @license https://www.mozilla.org/MPL/2.0/ Mozilla Public License Version 2.0 + * @link https://www.phpmyfaq.de + * @since 2023-07-29 + */ + namespace phpMyFAQ\Api\Controller; use phpMyFAQ\Configuration;