From a3eb4678f9318cd8ef12fa54be2b91df44048a27 Mon Sep 17 00:00:00 2001 From: rodude123 Date: Thu, 8 Jun 2023 15:10:27 +0100 Subject: [PATCH] Moved all current routes to individual folders which use a class system and inherit from an interface. Moved rest of the files for a better structure and for readability. Each editable cms should have its own folder with a routes class file and data class file Signed-off-by: rodude123 --- .gitignore | 4 +- dist/api/{ => blog}/blogData.php | 5 +- dist/api/blog/blogRoutes.php | 20 + dist/api/index.php | 473 +----------------- {src/api => dist/api/project}/projectData.php | 4 +- dist/api/project/projectRoutes.php | 142 ++++++ .../api/timeline}/timelineData.php | 4 +- dist/api/timeline/timelineRoutes.php | 176 +++++++ dist/api/{ => user}/user.php | 4 +- .../user.php => dist/api/user/userData.php | 16 +- dist/api/user/userRoutes.php | 144 ++++++ {src/api => dist/api/utils}/middleware.php | 6 +- dist/api/utils/routesInterface.php | 10 + gulpfile.js | 6 +- src/api/{ => blog}/blogData.php | 5 +- src/api/index.php | 473 +----------------- {dist/api => src/api/project}/projectData.php | 4 +- src/api/project/projectRoutes.php | 142 ++++++ .../api => src/api/timeline}/timelineData.php | 4 +- src/api/timeline/timelineRoutes.php | 176 +++++++ src/api/user/userData.php | 138 +++++ src/api/user/userRoutes.php | 144 ++++++ {dist/api => src/api/utils}/middleware.php | 6 +- src/api/utils/routesInterface.php | 10 + src/editor/js/editor.js | 2 +- src/editor/js/index.js | 2 +- 26 files changed, 1189 insertions(+), 931 deletions(-) rename dist/api/{ => blog}/blogData.php (96%) create mode 100644 dist/api/blog/blogRoutes.php rename {src/api => dist/api/project}/projectData.php (99%) create mode 100644 dist/api/project/projectRoutes.php rename {src/api => dist/api/timeline}/timelineData.php (98%) create mode 100644 dist/api/timeline/timelineRoutes.php rename dist/api/{ => user}/user.php (98%) rename src/api/user.php => dist/api/user/userData.php (90%) create mode 100644 dist/api/user/userRoutes.php rename {src/api => dist/api/utils}/middleware.php (96%) create mode 100644 dist/api/utils/routesInterface.php rename src/api/{ => blog}/blogData.php (96%) rename {dist/api => src/api/project}/projectData.php (99%) create mode 100644 src/api/project/projectRoutes.php rename {dist/api => src/api/timeline}/timelineData.php (98%) create mode 100644 src/api/timeline/timelineRoutes.php create mode 100644 src/api/user/userData.php create mode 100644 src/api/user/userRoutes.php rename {dist/api => src/api/utils}/middleware.php (96%) create mode 100644 src/api/utils/routesInterface.php diff --git a/.gitignore b/.gitignore index ba6f1f9..112e045 100644 --- a/.gitignore +++ b/.gitignore @@ -75,6 +75,6 @@ fabric.properties .env vendor/* node_modules/* -src/api/config.php -dist/api/config.php +src/api/utils/config.php +dist/api/utils/config.php dist/api/.htaccess \ No newline at end of file diff --git a/dist/api/blogData.php b/dist/api/blog/blogData.php similarity index 96% rename from dist/api/blogData.php rename to dist/api/blog/blogData.php index cdd411d..ee66455 100644 --- a/dist/api/blogData.php +++ b/dist/api/blog/blogData.php @@ -1,9 +1,8 @@ blogData = new blogData(); + $this->createRoutes($app); + } + + public function createRoutes(App $app): void + { + // TODO: Implement createRoutes() method. + } +} \ No newline at end of file diff --git a/dist/api/index.php b/dist/api/index.php index d0e0152..bab7012 100644 --- a/dist/api/index.php +++ b/dist/api/index.php @@ -1,28 +1,23 @@ setBasePath("/api"); // Add middleware new middleware($app); -$timelineData = new timelineData(); -$projectData = new projectData(); -$blogData = new blogData(); -$user = new user(); - -$app->get("/timelineData/{timeline}", function (Request $request, Response $response, array $args) -{ - global $timelineData; - - //check if route is available if it is get the data - //otherwise return an error - if($args["timeline"] == "edu") - { - $response->getBody()->write(json_encode($timelineData->getEduData())); - return $response; - } - - if($args["timeline"] == "work") - { - $response->getBody()->write(json_encode($timelineData->getWorkData())); - return $response; - } - - // something went wrong - $response->getBody()->write(json_encode(array("errorMessage" => "Error, timeline data not found"))); - return $response->withStatus(404); -}); - -$app->patch("/timelineData/{timeline}/{id}", function (Request $request, Response $response, array $args) -{ - global $timelineData; - $data = $request->getParsedBody(); - if ($args["timeline"] == "edu" && $args["id"] != "undefined") - { - if (empty($data["dateFrom"]) || empty($data["dateTo"]) || empty($data["grade"]) || empty($data["course"])) - { - // uh oh sent some empty data - $response->getBody()->write(json_encode(array("error" => "Only some of the data was sent"))); - return $response->withStatus(400); - } - - if (!$timelineData->updateEduData($data["dateFrom"], $data["dateTo"], $data["grade"], $data["course"], $args["id"])) - { - // uh oh something went wrong - $response->getBody()->write(json_encode(array("error" => "Something went wrong"))); - return $response->withStatus(500); - } - - $response->withStatus(201); - return $response; - } - - if ($args["timeline"] == "work" && $args["id"] != "undefined") - { - if (empty($data["dateFrom"]) || empty($data["dateTo"]) || empty($data["companyName"]) || empty($data["area"]) || empty($data["title"])) - { - // uh oh sent some empty data - $response->getBody()->write(json_encode(array("error" => "Only some of the data was sent"))); - return $response->withStatus(400); - } - - if (!$timelineData->updateWorkData($data["dateFrom"], $data["dateTo"], $data["companyName"], $data["area"], $data["title"], $args["id"])) - { - // uh oh something went wrong - $response->getBody()->write(json_encode(array("error" => "Something went wrong"))); - return $response->withStatus(500); - } - - $response->withStatus(201); - return $response; - } - - $response->getBody()->write(json_encode(array("error" => "The correct data was not sent"))); - return $response->withStatus(400); -}); - -$app->delete("/timelineData/{timeline}/{id}", function (Request $request, Response $response, array $args) -{ - global $timelineData; - if ($args["timeline"] == "edu" && $args["id"] != null) - { - if (!$timelineData->deleteEduData($args["id"])) - { - // uh oh something went wrong - $response->getBody()->write(json_encode(array("error" => "Something went wrong"))); - return $response->withStatus(500); - } - - return $response; - } - - if ($args["timeline"] == "work" && $args["id"] != null) - { - if (!$timelineData->deleteWorkData($args["id"])) - { - // uh oh something went wrong - $response->getBody()->write(json_encode(array("error" => "Something went wrong"))); - return $response->withStatus(500); - } - - return $response; - } - - $response->getBody()->write(json_encode(array("error" => "The correct data was not sent"))); - return $response->withStatus(400); -}); - -$app->post("/timelineData/{timeline}", function (Request $request, Response $response, array $args) -{ - global $timelineData; - $data = $request->getParsedBody(); - if ($args["timeline"] == "edu") - { - if (empty($data["dateFrom"]) || empty($data["dateTo"]) || empty($data["grade"]) || empty($data["course"])) - { - // uh oh sent some empty data - $response->getBody()->write(json_encode(array("error" => "Only some of the data was sent"))); - return $response->withStatus(400); - } - - $insertedID = $timelineData->addEduData($data["dateFrom"], $data["dateTo"], $data["grade"], $data["course"]); - if (!is_int($insertedID)) - { - // uh oh something went wrong - $response->getBody()->write(json_encode(array("error" => "Something went wrong"))); - return $response->withStatus(500); - } - - $response->getBody()->write(json_encode(array("ID" => $insertedID))); - $response->withStatus(201); - return $response; - } - - if ($args["timeline"] == "work") - { - if (empty($data["dateFrom"]) || empty($data["companyName"]) || empty($data["area"]) || empty($data["title"])) - { - // uh oh sent some empty data - $response->getBody()->write(json_encode(array("error" => "Only some of the data was sent"))); - return $response->withStatus(400); - } - - if (empty($data["dateTo"])) - { - $data["dateTo"] = ""; - } - - $insertedID = $timelineData->addWorkData($data["dateFrom"], $data["dateTo"], $data["companyName"], $data["area"], $data["title"]); - if (!is_int($insertedID)) - { - // uh oh something went wrong - $response->getBody()->write(json_encode(array("error" => "Something went wrong"))); - return $response->withStatus(500); - } - - $response->getBody()->write(json_encode(array("ID" => $insertedID))); - $response->withStatus(201); - return $response; - } - - $response->getBody()->write(json_encode(array("error" => "The correct data was not sent"))); - return $response->withStatus(400); -}); - -$app->get("/projectData", function (Request $request, Response $response) -{ - global $projectData; - - $result = $projectData->getProjectData(); - - $json = json_encode($result); - - $response->getBody()->write($json); - - if(array_key_exists("errorMessage", $result)) - { - $response = $response->withStatus(404); - } - - //use content type json to indicate json data on frontend. - return $response; -}); - -$app->patch("/projectData/{id}", function (Request $request, Response $response, array $args) -{ - global $projectData; - $data = $request->getParsedBody(); - if ($args["id"] != "undefined") - { - if (empty($data["title"]) || empty($data["isMainProject"]) || empty($data["information"]) || empty($data["gitLink"])) - { - // uh oh sent some empty data - $response->getBody()->write(json_encode(array("error" => "Only some of the data was sent"))); - return $response->withStatus(400); - } - - $update = $projectData->updateProjectData($args["id"], $data["title"], $data["isMainProject"], $data["information"], $data["projectLink"], $data["gitLink"]); - - if ($update === "unset main project") - { - // uh oh something went wrong - $response->getBody()->write(json_encode(array("error" => "Can't unset project as main project, try updating another project as the main project"))); - return $response->withStatus(400); - } - - if (!$update) - { - // uh oh something went wrong - $response->getBody()->write(json_encode(array("error" => "Something went wrong"))); - return $response->withStatus(500); - } - return $response; - } - - $response->getBody()->write(json_encode(array("error" => "Please provide an ID"))); - return $response->withStatus(400); -}); - -$app->delete("/projectData/{id}", function (Request $request, Response $response, array $args) -{ - global $projectData; - if ($args["id"] != null) - { - $message = $projectData->deleteProjectData($args["id"]); - if ($message === "error") - { - // uh oh something went wrong - $response->getBody()->write(json_encode(array("error" => "Something went wrong or the project with ID ".$args["id"]."does not exist"))); - return $response->withStatus(500); - } - - if ($message === "cannot delete") - { - //uh oh cannot delete the main project - $response->getBody()->write(json_encode(array("error" => "Cannot delete the main project"))); - return $response->withStatus(409); - } - - return $response; - } - - $response->getBody()->write(json_encode(array("error" => "Please provide an ID"))); - return $response->withStatus(400); -}); - -$app->post("/projectData", function (Request $request, Response $response) -{ - global $projectData; - $data = $request->getParsedBody(); - if (empty($data["title"]) || empty($data["isMainProject"]) || empty($data["information"]) || empty($data["gitLink"])) - { - // uh oh sent some empty data - $response->getBody()->write(json_encode(array("error" => "Only some of the data was sent"))); - return $response->withStatus(400); - } - - $insertedID = $projectData->addProjectData($data["title"], $data["isMainProject"], $data["information"], $data["projectLink"], $data["gitLink"]); - if (!is_int($insertedID)) - { - // uh oh something went wrong - $response->getBody()->write(json_encode(array("error" => "Something went wrong", "message" => $insertedID))); - return $response->withStatus(500); - } - - $response->getBody()->write(json_encode(array("ID" => $insertedID))); - return $response; -}); - -$app->post("/projectImage/{id}", function (Request $request, Response $response, array $args) -{ - global $projectData; - $files = $request->getUploadedFiles(); - if (empty($args["id"]) || empty($files)) - { - // uh oh only some of the data was sent - $response->getBody()->write(json_encode(array("error" => "Only some of the data was sent"))); - return $response->withStatus(400); - } - - $message = $projectData->uploadImage($args["id"], $files["img"]); - if (!is_array($message)) - { - // uh oh something went wrong - $response->getBody()->write(json_encode(array("error" => $message))); - return $response->withStatus(500); - } - - $response->getBody()->write(json_encode($message)); - return $response; -}); +new timelineRoutes($app); +new projectRoutes($app); +new userRoutes($app); +// misc routes $app->post("/contact", function (Request $request, Response $response) { $data = $request->getParsedBody(); if(empty($data["fName"]) || empty($data["lName"]) || empty($data["email"]) || empty($data["subject"]) || empty($data["message"])) { - $response->getBody()->write(json_encode(array("errorMessage" => "Please fill out all the fields"))); - return $response->withStatus(400); + $response->getBody()->write(json_encode(array("errorMessage" => "Please fill out all the fields"))); + return $response->withStatus(400); } - - if (!filter_var($data["email"], FILTER_VALIDATE_EMAIL)) + + if (!filter_var($data["email"], FILTER_VALIDATE_EMAIL)) { - $response->getBody()->write(json_encode(array("errorMessage" => "Email is not the correct format"))); - return $response->withStatus(400); + $response->getBody()->write(json_encode(array("errorMessage" => "Email is not the correct format"))); + return $response->withStatus(400); } - + // email form filler/conatcter $headers1 = "From: noreply@rohitpai.co.uk\r\n"; $headers1 .= "Reply-To: rohit@rohitpai.co.uk\r\n"; $headers1 .= "MIME-Version: 1.0\r\n"; $headers1 .= "Content-Type: text/html; charset=UTF-8\r\n"; - + $message1 = << @@ -417,15 +126,15 @@ $app->post("/contact", function (Request $request, Response $response) HEREA; - + mail($data["email"], $data["subject"], $message1, $headers1); - + // email to me $headers2 = "From: noreply@rohitpai.co.uk\r\n"; $headers2 .= "Reply-To: {$data['email']}\r\n"; $headers2 .= "MIME-Version: 1.0\r\n"; $headers2 .= "Content-Type: text/html; charset=UTF-8\r\n"; - + $message2 = << @@ -492,139 +201,9 @@ $app->post("/contact", function (Request $request, Response $response) HEREB; - + mail("rohit@rohitpai.co.uk", "{$data['fName']} {$data['lName']} filled in the form", $message2, $headers2); return $response->withStatus(201); }); -$app->post("/user/login", function (Request $request, Response $response) -{ - - global $user; - - // get request data - $data = $request->getParsedBody(); - - if (empty($data["username"]) || empty($data["password"])) - { - // uh oh user sent empty data - return $response->withStatus(400); - } - - if ($user->checkUser($data["username"], $data["password"])) - { - // yay, user is logged in - $_SESSION["token"] = $user->createToken($data["username"]); - $_SESSION["username"] = $data["username"]; - $response->getBody()->write(json_encode(array("token" => $_SESSION["token"]))); - return $response; - } - $response->getBody()->write(json_encode(array("error" => "Unauthorised"))); - return $response->withStatus(401); -}); - -$app->get("/user/logout", function (Request $request, Response $response) -{ - session_unset(); - return $response; -}); - -$app->get("/user/isLoggedIn", function (Request $request, Response $response) -{ - global $user; - - if (empty($_SESSION["token"]) && empty($_SESSION["username"])) - { - // uh oh user not logged in - return $response->withStatus(401); - } - - if (empty($_SESSION["token"])) - { - // user is logged in but no token was created - $_SESSION["token"] = $user->createToken($_SESSION["username"]); - return $response; - } - - $response->getBody()->write(json_encode(array("token" => $_SESSION["token"]))); - return $response; - -}); - -$app->get("/user/checkResetEmail/{email}", function (Request $request, Response $response, array $args) -{ - global $user; - - if (empty($args["email"])) - { - // uh oh sent empty data - return $response->withStatus(400); - } - - if ($user->checkEmail($args["email"])) - { - // yay email does exist - $_SESSION["resetToken"] = $user->sendResetEmail($args["email"]); - $_SESSION["resetEmail"] = $args["email"]; - return $response; - } - return $response->withStatus(404); -}); - -$app->get("/user/resendEmail", function (Request $request, Response $response) -{ - if (empty($_SESSION["resetToken"])) - { - // uh oh not authorized to resend email - return $response->withStatus(401); - } - global $user; - $_SESSION["resetToken"] = $user->sendResetEmail($_SESSION["resetEmail"]); - return $response; -}); - -$app->get("/user/checkResetCode/{code}", function (Request $request, Response $response, array $args) -{ - if (empty($args["code"])) - { - // uh oh sent empty data - return $response->withStatus(400); - } - - if ($_SESSION["resetToken"] === $args["code"]) - { - // yay, code code matches - return $response; - } - - return $response->withStatus(401); -}); - -$app->post("/user/changePassword", function (Request $request, Response $response) -{ - global $user; - if (empty($_SESSION["resetToken"]) && empty($_SESSION["resetEmail"])) - { - // uh oh not authorized to change password - return $response->withStatus(401); - } - - $data = $request->getParsedBody(); - if (empty($data["password"])) - { - // uh oh sent empty data - return $response->withStatus(400); - } - - if ($user->changePassword($_SESSION["resetEmail"], $data["password"])) - { - // yay, password changed - unset($_SESSION["resetToken"]); - unset($_SESSION["resetEmail"]); - return $response; - } - - return $response->withStatus(500); -}); - $app->run(); diff --git a/src/api/projectData.php b/dist/api/project/projectData.php similarity index 99% rename from src/api/projectData.php rename to dist/api/project/projectData.php index d1ea1dc..f0cbabe 100644 --- a/src/api/projectData.php +++ b/dist/api/project/projectData.php @@ -1,9 +1,9 @@ projectData = new projectData(); + $this->createRoutes($app); + } + public function createRoutes(App $app): void + { + $app->get("/projectData", function (Request $request, Response $response) + { + $result = $this->projectData->getProjectData(); + + $json = json_encode($result); + + $response->getBody()->write($json); + + if(array_key_exists("errorMessage", $result)) + { + $response = $response->withStatus(404); + } + + //use content type json to indicate json data on frontend. + return $response; + }); + + $app->patch("/projectData/{id}", function (Request $request, Response $response, array $args) + { + $data = $request->getParsedBody(); + if ($args["id"] != "undefined") + { + if (empty($data["title"]) || empty($data["isMainProject"]) || empty($data["information"]) || empty($data["gitLink"])) + { + // uh oh sent some empty data + $response->getBody()->write(json_encode(array("error" => "Only some of the data was sent"))); + return $response->withStatus(400); + } + + $update = $this->projectData->updateProjectData($args["id"], $data["title"], $data["isMainProject"], $data["information"], $data["projectLink"], $data["gitLink"]); + + if ($update === "unset main project") + { + // uh oh something went wrong + $response->getBody()->write(json_encode(array("error" => "Can't unset project as main project, try updating another project as the main project"))); + return $response->withStatus(400); + } + + if (!$update) + { + // uh oh something went wrong + $response->getBody()->write(json_encode(array("error" => "Something went wrong"))); + return $response->withStatus(500); + } + return $response; + } + + $response->getBody()->write(json_encode(array("error" => "Please provide an ID"))); + return $response->withStatus(400); + }); + + $app->delete("/projectData/{id}", function (Request $request, Response $response, array $args) + { + if ($args["id"] != null) + { + $message = $this->projectData->deleteProjectData($args["id"]); + if ($message === "error") + { + // uh oh something went wrong + $response->getBody()->write(json_encode(array("error" => "Something went wrong or the project with ID ".$args["id"]."does not exist"))); + return $response->withStatus(500); + } + + if ($message === "cannot delete") + { + //uh oh cannot delete the main project + $response->getBody()->write(json_encode(array("error" => "Cannot delete the main project"))); + return $response->withStatus(409); + } + + return $response; + } + + $response->getBody()->write(json_encode(array("error" => "Please provide an ID"))); + return $response->withStatus(400); + }); + + $app->post("/projectData", function (Request $request, Response $response) + { + $data = $request->getParsedBody(); + if (empty($data["title"]) || empty($data["isMainProject"]) || empty($data["information"]) || empty($data["gitLink"])) + { + // uh oh sent some empty data + $response->getBody()->write(json_encode(array("error" => "Only some of the data was sent"))); + return $response->withStatus(400); + } + + $insertedID = $this->projectData->addProjectData($data["title"], $data["isMainProject"], $data["information"], $data["projectLink"], $data["gitLink"]); + if (!is_int($insertedID)) + { + // uh oh something went wrong + $response->getBody()->write(json_encode(array("error" => "Something went wrong", "message" => $insertedID))); + return $response->withStatus(500); + } + + $response->getBody()->write(json_encode(array("ID" => $insertedID))); + return $response; + }); + + $app->post("/projectImage/{id}", function (Request $request, Response $response, array $args) + { + $files = $request->getUploadedFiles(); + if (empty($args["id"]) || empty($files)) + { + // uh oh only some of the data was sent + $response->getBody()->write(json_encode(array("error" => "Only some of the data was sent"))); + return $response->withStatus(400); + } + + $message = $this->projectData->uploadImage($args["id"], $files["img"]); + if (!is_array($message)) + { + // uh oh something went wrong + $response->getBody()->write(json_encode(array("error" => $message))); + return $response->withStatus(500); + } + + $response->getBody()->write(json_encode($message)); + return $response; + }); + } +} \ No newline at end of file diff --git a/src/api/timelineData.php b/dist/api/timeline/timelineData.php similarity index 98% rename from src/api/timelineData.php rename to dist/api/timeline/timelineData.php index fe62458..acfe463 100644 --- a/src/api/timelineData.php +++ b/dist/api/timeline/timelineData.php @@ -1,10 +1,10 @@ timelineData = new timelineData(); + $this->createRoutes($app); + } + + public function createRoutes(App $app): void + { + $app->get("/timelineData/{timeline}", function (Request $request, Response $response, array $args) + { + //check if route is available if it is get the data + //otherwise return an error + if($args["timeline"] == "edu") + { + $response->getBody()->write(json_encode($this->timelineData->getEduData())); + return $response; + } + + if($args["timeline"] == "work") + { + $response->getBody()->write(json_encode($this->timelineData->getWorkData())); + return $response; + } + + // something went wrong + $response->getBody()->write(json_encode(array("errorMessage" => "Error, timeline data not found"))); + return $response->withStatus(404); + }); + + $app->patch("/timelineData/{timeline}/{id}", function (Request $request, Response $response, array $args) + { + $data = $request->getParsedBody(); + if ($args["timeline"] == "edu" && $args["id"] != "undefined") + { + if (empty($data["dateFrom"]) || empty($data["dateTo"]) || empty($data["grade"]) || empty($data["course"])) + { + // uh oh sent some empty data + $response->getBody()->write(json_encode(array("error" => "Only some of the data was sent"))); + return $response->withStatus(400); + } + + if (!$this->timelineData->updateEduData($data["dateFrom"], $data["dateTo"], $data["grade"], $data["course"], $args["id"])) + { + // uh oh something went wrong + $response->getBody()->write(json_encode(array("error" => "Something went wrong"))); + return $response->withStatus(500); + } + + $response->withStatus(201); + return $response; + } + + if ($args["timeline"] == "work" && $args["id"] != "undefined") + { + if (empty($data["dateFrom"]) || empty($data["dateTo"]) || empty($data["companyName"]) || empty($data["area"]) || empty($data["title"])) + { + // uh oh sent some empty data + $response->getBody()->write(json_encode(array("error" => "Only some of the data was sent"))); + return $response->withStatus(400); + } + + if (!$this->timelineData->updateWorkData($data["dateFrom"], $data["dateTo"], $data["companyName"], $data["area"], $data["title"], $args["id"])) + { + // uh oh something went wrong + $response->getBody()->write(json_encode(array("error" => "Something went wrong"))); + return $response->withStatus(500); + } + + $response->withStatus(201); + return $response; + } + + $response->getBody()->write(json_encode(array("error" => "The correct data was not sent"))); + return $response->withStatus(400); + }); + + $app->delete("/timelineData/{timeline}/{id}", function (Request $request, Response $response, array $args) + { + if ($args["timeline"] == "edu" && $args["id"] != null) + { + if (!$this->timelineData->deleteEduData($args["id"])) + { + // uh oh something went wrong + $response->getBody()->write(json_encode(array("error" => "Something went wrong"))); + return $response->withStatus(500); + } + + return $response; + } + + if ($args["timeline"] == "work" && $args["id"] != null) + { + if (!$this->timelineData->deleteWorkData($args["id"])) + { + // uh oh something went wrong + $response->getBody()->write(json_encode(array("error" => "Something went wrong"))); + return $response->withStatus(500); + } + + return $response; + } + + $response->getBody()->write(json_encode(array("error" => "The correct data was not sent"))); + return $response->withStatus(400); + }); + + $app->post("/timelineData/{timeline}", function (Request $request, Response $response, array $args) + { + $data = $request->getParsedBody(); + if ($args["timeline"] == "edu") + { + if (empty($data["dateFrom"]) || empty($data["dateTo"]) || empty($data["grade"]) || empty($data["course"])) + { + // uh oh sent some empty data + $response->getBody()->write(json_encode(array("error" => "Only some of the data was sent"))); + return $response->withStatus(400); + } + + $insertedID = $this->timelineData->addEduData($data["dateFrom"], $data["dateTo"], $data["grade"], $data["course"]); + if (!is_int($insertedID)) + { + // uh oh something went wrong + $response->getBody()->write(json_encode(array("error" => "Something went wrong"))); + return $response->withStatus(500); + } + + $response->getBody()->write(json_encode(array("ID" => $insertedID))); + $response->withStatus(201); + return $response; + } + + if ($args["timeline"] == "work") + { + if (empty($data["dateFrom"]) || empty($data["companyName"]) || empty($data["area"]) || empty($data["title"])) + { + // uh oh sent some empty data + $response->getBody()->write(json_encode(array("error" => "Only some of the data was sent"))); + return $response->withStatus(400); + } + + if (empty($data["dateTo"])) + { + $data["dateTo"] = ""; + } + + $insertedID = $this->timelineData->addWorkData($data["dateFrom"], $data["dateTo"], $data["companyName"], $data["area"], $data["title"]); + if (!is_int($insertedID)) + { + // uh oh something went wrong + $response->getBody()->write(json_encode(array("error" => "Something went wrong"))); + return $response->withStatus(500); + } + + $response->getBody()->write(json_encode(array("ID" => $insertedID))); + $response->withStatus(201); + return $response; + } + + $response->getBody()->write(json_encode(array("error" => "The correct data was not sent"))); + return $response->withStatus(400); + }); + } +} \ No newline at end of file diff --git a/dist/api/user.php b/dist/api/user/user.php similarity index 98% rename from dist/api/user.php rename to dist/api/user/user.php index d8093e4..44e0523 100644 --- a/dist/api/user.php +++ b/dist/api/user/user.php @@ -1,9 +1,9 @@ - + Document diff --git a/dist/api/user/userRoutes.php b/dist/api/user/userRoutes.php new file mode 100644 index 0000000..1bc3114 --- /dev/null +++ b/dist/api/user/userRoutes.php @@ -0,0 +1,144 @@ +user = new userData(); + $this->createRoutes($app); + } + + public function createRoutes(App $app): void + { + $app->post("/user/login", function (Request $request, Response $response) + { + // get request data + $data = $request->getParsedBody(); + + if (empty($data["username"]) || empty($data["password"])) + { + // uh oh userData sent empty data + return $response->withStatus(400); + } + + if ($this->user->checkUser($data["username"], $data["password"])) + { + // yay, userData is logged in + $_SESSION["token"] = $this->user->createToken($data["username"]); + $_SESSION["username"] = $data["username"]; + $response->getBody()->write(json_encode(array("token" => $_SESSION["token"]))); + return $response; + } + $response->getBody()->write(json_encode(array("error" => "Unauthorised"))); + return $response->withStatus(401); + }); + + $app->get("/user/logout", function (Request $request, Response $response) + { + session_unset(); + return $response; + }); + + $app->get("/user/isLoggedIn", function (Request $request, Response $response) + { + if (empty($_SESSION["token"]) && empty($_SESSION["username"])) + { + // uh oh userData not logged in + return $response->withStatus(401); + } + + if (empty($_SESSION["token"])) + { + // userData is logged in but no token was created + $_SESSION["token"] = $this->user->createToken($_SESSION["username"]); + return $response; + } + + $response->getBody()->write(json_encode(array("token" => $_SESSION["token"]))); + return $response; + + }); + + $app->get("/user/checkResetEmail/{email}", function (Request $request, Response $response, array $args) + { + if (empty($args["email"])) + { + // uh oh sent empty data + return $response->withStatus(400); + } + + if ($this->user->checkEmail($args["email"])) + { + // yay email does exist + $_SESSION["resetToken"] = $this->user->sendResetEmail($args["email"]); + $_SESSION["resetEmail"] = $args["email"]; + return $response; + } + return $response->withStatus(404); + }); + + $app->get("/user/resendEmail", function (Request $request, Response $response) + { + if (empty($_SESSION["resetToken"])) + { + // uh oh not authorized to resend email + return $response->withStatus(401); + } + + $_SESSION["resetToken"] = $this->user->sendResetEmail($_SESSION["resetEmail"]); + return $response; + }); + + $app->get("/user/checkResetCode/{code}", function (Request $request, Response $response, array $args) + { + if (empty($args["code"])) + { + // uh oh sent empty data + return $response->withStatus(400); + } + + if ($_SESSION["resetToken"] === $args["code"]) + { + // yay, code code matches + return $response; + } + + return $response->withStatus(401); + }); + + $app->post("/user/changePassword", function (Request $request, Response $response) + { + if (empty($_SESSION["resetToken"]) && empty($_SESSION["resetEmail"])) + { + // uh oh not authorized to change password + return $response->withStatus(401); + } + + $data = $request->getParsedBody(); + if (empty($data["password"])) + { + // uh oh sent empty data + return $response->withStatus(400); + } + + if ($this->user->changePassword($_SESSION["resetEmail"], $data["password"])) + { + // yay, password changed + unset($_SESSION["resetToken"]); + unset($_SESSION["resetEmail"]); + return $response; + } + + return $response->withStatus(500); + }); + } +} \ No newline at end of file diff --git a/src/api/middleware.php b/dist/api/utils/middleware.php similarity index 96% rename from src/api/middleware.php rename to dist/api/utils/middleware.php index 2183984..d79f3ea 100644 --- a/src/api/middleware.php +++ b/dist/api/utils/middleware.php @@ -1,14 +1,14 @@ [ new RequestPathRule([ "path" => ["/api/projectData", "/api/timelineData/[a-z]*", "/api/projectImage/[0-9]*", "/api/logout"], - "ignore" => ["/api/contact", "/api/user/login", "/api/user/changePassword"] + "ignore" => ["/api/contact", "/api/userData/login", "/api/userData/changePassword"] ]), new RequestMethodRule([ "ignore" => ["OPTIONS", "GET"] diff --git a/dist/api/utils/routesInterface.php b/dist/api/utils/routesInterface.php new file mode 100644 index 0000000..bd42934 --- /dev/null +++ b/dist/api/utils/routesInterface.php @@ -0,0 +1,10 @@ + gulp.task("movePHPFiles", () => { - return gulp.src("src/api/*.php") - .pipe(gulp.dest("dist/api")) + return gulp.src("src/api/**/*.php") + .pipe(gulp.dest("dist/api/")) }); gulp.task("watchFiles", () => @@ -49,7 +49,7 @@ gulp.task("watchFiles", () => gulp.watch("src/**/*.html", gulp.task("minifyHTML")); gulp.watch("src/**/*.css", gulp.task("minifyCSS")); gulp.watch("src/**/*.js", gulp.task("minifyJS")); - gulp.watch("src/api/*.php", gulp.task("movePHPFiles")) + gulp.watch("src/api/**/*.php", gulp.task("movePHPFiles")) }); gulp.task("browserSync", () => diff --git a/src/api/blogData.php b/src/api/blog/blogData.php similarity index 96% rename from src/api/blogData.php rename to src/api/blog/blogData.php index cdd411d..ee66455 100644 --- a/src/api/blogData.php +++ b/src/api/blog/blogData.php @@ -1,9 +1,8 @@ setBasePath("/api"); // Add middleware new middleware($app); -$timelineData = new timelineData(); -$projectData = new projectData(); -$blogData = new blogData(); -$user = new user(); - -$app->get("/timelineData/{timeline}", function (Request $request, Response $response, array $args) -{ - global $timelineData; - - //check if route is available if it is get the data - //otherwise return an error - if($args["timeline"] == "edu") - { - $response->getBody()->write(json_encode($timelineData->getEduData())); - return $response; - } - - if($args["timeline"] == "work") - { - $response->getBody()->write(json_encode($timelineData->getWorkData())); - return $response; - } - - // something went wrong - $response->getBody()->write(json_encode(array("errorMessage" => "Error, timeline data not found"))); - return $response->withStatus(404); -}); - -$app->patch("/timelineData/{timeline}/{id}", function (Request $request, Response $response, array $args) -{ - global $timelineData; - $data = $request->getParsedBody(); - if ($args["timeline"] == "edu" && $args["id"] != "undefined") - { - if (empty($data["dateFrom"]) || empty($data["dateTo"]) || empty($data["grade"]) || empty($data["course"])) - { - // uh oh sent some empty data - $response->getBody()->write(json_encode(array("error" => "Only some of the data was sent"))); - return $response->withStatus(400); - } - - if (!$timelineData->updateEduData($data["dateFrom"], $data["dateTo"], $data["grade"], $data["course"], $args["id"])) - { - // uh oh something went wrong - $response->getBody()->write(json_encode(array("error" => "Something went wrong"))); - return $response->withStatus(500); - } - - $response->withStatus(201); - return $response; - } - - if ($args["timeline"] == "work" && $args["id"] != "undefined") - { - if (empty($data["dateFrom"]) || empty($data["dateTo"]) || empty($data["companyName"]) || empty($data["area"]) || empty($data["title"])) - { - // uh oh sent some empty data - $response->getBody()->write(json_encode(array("error" => "Only some of the data was sent"))); - return $response->withStatus(400); - } - - if (!$timelineData->updateWorkData($data["dateFrom"], $data["dateTo"], $data["companyName"], $data["area"], $data["title"], $args["id"])) - { - // uh oh something went wrong - $response->getBody()->write(json_encode(array("error" => "Something went wrong"))); - return $response->withStatus(500); - } - - $response->withStatus(201); - return $response; - } - - $response->getBody()->write(json_encode(array("error" => "The correct data was not sent"))); - return $response->withStatus(400); -}); - -$app->delete("/timelineData/{timeline}/{id}", function (Request $request, Response $response, array $args) -{ - global $timelineData; - if ($args["timeline"] == "edu" && $args["id"] != null) - { - if (!$timelineData->deleteEduData($args["id"])) - { - // uh oh something went wrong - $response->getBody()->write(json_encode(array("error" => "Something went wrong"))); - return $response->withStatus(500); - } - - return $response; - } - - if ($args["timeline"] == "work" && $args["id"] != null) - { - if (!$timelineData->deleteWorkData($args["id"])) - { - // uh oh something went wrong - $response->getBody()->write(json_encode(array("error" => "Something went wrong"))); - return $response->withStatus(500); - } - - return $response; - } - - $response->getBody()->write(json_encode(array("error" => "The correct data was not sent"))); - return $response->withStatus(400); -}); - -$app->post("/timelineData/{timeline}", function (Request $request, Response $response, array $args) -{ - global $timelineData; - $data = $request->getParsedBody(); - if ($args["timeline"] == "edu") - { - if (empty($data["dateFrom"]) || empty($data["dateTo"]) || empty($data["grade"]) || empty($data["course"])) - { - // uh oh sent some empty data - $response->getBody()->write(json_encode(array("error" => "Only some of the data was sent"))); - return $response->withStatus(400); - } - - $insertedID = $timelineData->addEduData($data["dateFrom"], $data["dateTo"], $data["grade"], $data["course"]); - if (!is_int($insertedID)) - { - // uh oh something went wrong - $response->getBody()->write(json_encode(array("error" => "Something went wrong"))); - return $response->withStatus(500); - } - - $response->getBody()->write(json_encode(array("ID" => $insertedID))); - $response->withStatus(201); - return $response; - } - - if ($args["timeline"] == "work") - { - if (empty($data["dateFrom"]) || empty($data["companyName"]) || empty($data["area"]) || empty($data["title"])) - { - // uh oh sent some empty data - $response->getBody()->write(json_encode(array("error" => "Only some of the data was sent"))); - return $response->withStatus(400); - } - - if (empty($data["dateTo"])) - { - $data["dateTo"] = ""; - } - - $insertedID = $timelineData->addWorkData($data["dateFrom"], $data["dateTo"], $data["companyName"], $data["area"], $data["title"]); - if (!is_int($insertedID)) - { - // uh oh something went wrong - $response->getBody()->write(json_encode(array("error" => "Something went wrong"))); - return $response->withStatus(500); - } - - $response->getBody()->write(json_encode(array("ID" => $insertedID))); - $response->withStatus(201); - return $response; - } - - $response->getBody()->write(json_encode(array("error" => "The correct data was not sent"))); - return $response->withStatus(400); -}); - -$app->get("/projectData", function (Request $request, Response $response) -{ - global $projectData; - - $result = $projectData->getProjectData(); - - $json = json_encode($result); - - $response->getBody()->write($json); - - if(array_key_exists("errorMessage", $result)) - { - $response = $response->withStatus(404); - } - - //use content type json to indicate json data on frontend. - return $response; -}); - -$app->patch("/projectData/{id}", function (Request $request, Response $response, array $args) -{ - global $projectData; - $data = $request->getParsedBody(); - if ($args["id"] != "undefined") - { - if (empty($data["title"]) || empty($data["isMainProject"]) || empty($data["information"]) || empty($data["gitLink"])) - { - // uh oh sent some empty data - $response->getBody()->write(json_encode(array("error" => "Only some of the data was sent"))); - return $response->withStatus(400); - } - - $update = $projectData->updateProjectData($args["id"], $data["title"], $data["isMainProject"], $data["information"], $data["projectLink"], $data["gitLink"]); - - if ($update === "unset main project") - { - // uh oh something went wrong - $response->getBody()->write(json_encode(array("error" => "Can't unset project as main project, try updating another project as the main project"))); - return $response->withStatus(400); - } - - if (!$update) - { - // uh oh something went wrong - $response->getBody()->write(json_encode(array("error" => "Something went wrong"))); - return $response->withStatus(500); - } - return $response; - } - - $response->getBody()->write(json_encode(array("error" => "Please provide an ID"))); - return $response->withStatus(400); -}); - -$app->delete("/projectData/{id}", function (Request $request, Response $response, array $args) -{ - global $projectData; - if ($args["id"] != null) - { - $message = $projectData->deleteProjectData($args["id"]); - if ($message === "error") - { - // uh oh something went wrong - $response->getBody()->write(json_encode(array("error" => "Something went wrong or the project with ID ".$args["id"]."does not exist"))); - return $response->withStatus(500); - } - - if ($message === "cannot delete") - { - //uh oh cannot delete the main project - $response->getBody()->write(json_encode(array("error" => "Cannot delete the main project"))); - return $response->withStatus(409); - } - - return $response; - } - - $response->getBody()->write(json_encode(array("error" => "Please provide an ID"))); - return $response->withStatus(400); -}); - -$app->post("/projectData", function (Request $request, Response $response) -{ - global $projectData; - $data = $request->getParsedBody(); - if (empty($data["title"]) || empty($data["isMainProject"]) || empty($data["information"]) || empty($data["gitLink"])) - { - // uh oh sent some empty data - $response->getBody()->write(json_encode(array("error" => "Only some of the data was sent"))); - return $response->withStatus(400); - } - - $insertedID = $projectData->addProjectData($data["title"], $data["isMainProject"], $data["information"], $data["projectLink"], $data["gitLink"]); - if (!is_int($insertedID)) - { - // uh oh something went wrong - $response->getBody()->write(json_encode(array("error" => "Something went wrong", "message" => $insertedID))); - return $response->withStatus(500); - } - - $response->getBody()->write(json_encode(array("ID" => $insertedID))); - return $response; -}); - -$app->post("/projectImage/{id}", function (Request $request, Response $response, array $args) -{ - global $projectData; - $files = $request->getUploadedFiles(); - if (empty($args["id"]) || empty($files)) - { - // uh oh only some of the data was sent - $response->getBody()->write(json_encode(array("error" => "Only some of the data was sent"))); - return $response->withStatus(400); - } - - $message = $projectData->uploadImage($args["id"], $files["img"]); - if (!is_array($message)) - { - // uh oh something went wrong - $response->getBody()->write(json_encode(array("error" => $message))); - return $response->withStatus(500); - } - - $response->getBody()->write(json_encode($message)); - return $response; -}); +new timelineRoutes($app); +new projectRoutes($app); +new userRoutes($app); +// misc routes $app->post("/contact", function (Request $request, Response $response) { $data = $request->getParsedBody(); if(empty($data["fName"]) || empty($data["lName"]) || empty($data["email"]) || empty($data["subject"]) || empty($data["message"])) { - $response->getBody()->write(json_encode(array("errorMessage" => "Please fill out all the fields"))); - return $response->withStatus(400); + $response->getBody()->write(json_encode(array("errorMessage" => "Please fill out all the fields"))); + return $response->withStatus(400); } - - if (!filter_var($data["email"], FILTER_VALIDATE_EMAIL)) + + if (!filter_var($data["email"], FILTER_VALIDATE_EMAIL)) { - $response->getBody()->write(json_encode(array("errorMessage" => "Email is not the correct format"))); - return $response->withStatus(400); + $response->getBody()->write(json_encode(array("errorMessage" => "Email is not the correct format"))); + return $response->withStatus(400); } - + // email form filler/conatcter $headers1 = "From: noreply@rohitpai.co.uk\r\n"; $headers1 .= "Reply-To: rohit@rohitpai.co.uk\r\n"; $headers1 .= "MIME-Version: 1.0\r\n"; $headers1 .= "Content-Type: text/html; charset=UTF-8\r\n"; - + $message1 = << @@ -417,15 +126,15 @@ $app->post("/contact", function (Request $request, Response $response) HEREA; - + mail($data["email"], $data["subject"], $message1, $headers1); - + // email to me $headers2 = "From: noreply@rohitpai.co.uk\r\n"; $headers2 .= "Reply-To: {$data['email']}\r\n"; $headers2 .= "MIME-Version: 1.0\r\n"; $headers2 .= "Content-Type: text/html; charset=UTF-8\r\n"; - + $message2 = << @@ -492,139 +201,9 @@ $app->post("/contact", function (Request $request, Response $response) HEREB; - + mail("rohit@rohitpai.co.uk", "{$data['fName']} {$data['lName']} filled in the form", $message2, $headers2); return $response->withStatus(201); }); -$app->post("/user/login", function (Request $request, Response $response) -{ - - global $user; - - // get request data - $data = $request->getParsedBody(); - - if (empty($data["username"]) || empty($data["password"])) - { - // uh oh user sent empty data - return $response->withStatus(400); - } - - if ($user->checkUser($data["username"], $data["password"])) - { - // yay, user is logged in - $_SESSION["token"] = $user->createToken($data["username"]); - $_SESSION["username"] = $data["username"]; - $response->getBody()->write(json_encode(array("token" => $_SESSION["token"]))); - return $response; - } - $response->getBody()->write(json_encode(array("error" => "Unauthorised"))); - return $response->withStatus(401); -}); - -$app->get("/user/logout", function (Request $request, Response $response) -{ - session_unset(); - return $response; -}); - -$app->get("/user/isLoggedIn", function (Request $request, Response $response) -{ - global $user; - - if (empty($_SESSION["token"]) && empty($_SESSION["username"])) - { - // uh oh user not logged in - return $response->withStatus(401); - } - - if (empty($_SESSION["token"])) - { - // user is logged in but no token was created - $_SESSION["token"] = $user->createToken($_SESSION["username"]); - return $response; - } - - $response->getBody()->write(json_encode(array("token" => $_SESSION["token"]))); - return $response; - -}); - -$app->get("/user/checkResetEmail/{email}", function (Request $request, Response $response, array $args) -{ - global $user; - - if (empty($args["email"])) - { - // uh oh sent empty data - return $response->withStatus(400); - } - - if ($user->checkEmail($args["email"])) - { - // yay email does exist - $_SESSION["resetToken"] = $user->sendResetEmail($args["email"]); - $_SESSION["resetEmail"] = $args["email"]; - return $response; - } - return $response->withStatus(404); -}); - -$app->get("/user/resendEmail", function (Request $request, Response $response) -{ - if (empty($_SESSION["resetToken"])) - { - // uh oh not authorized to resend email - return $response->withStatus(401); - } - global $user; - $_SESSION["resetToken"] = $user->sendResetEmail($_SESSION["resetEmail"]); - return $response; -}); - -$app->get("/user/checkResetCode/{code}", function (Request $request, Response $response, array $args) -{ - if (empty($args["code"])) - { - // uh oh sent empty data - return $response->withStatus(400); - } - - if ($_SESSION["resetToken"] === $args["code"]) - { - // yay, code code matches - return $response; - } - - return $response->withStatus(401); -}); - -$app->post("/user/changePassword", function (Request $request, Response $response) -{ - global $user; - if (empty($_SESSION["resetToken"]) && empty($_SESSION["resetEmail"])) - { - // uh oh not authorized to change password - return $response->withStatus(401); - } - - $data = $request->getParsedBody(); - if (empty($data["password"])) - { - // uh oh sent empty data - return $response->withStatus(400); - } - - if ($user->changePassword($_SESSION["resetEmail"], $data["password"])) - { - // yay, password changed - unset($_SESSION["resetToken"]); - unset($_SESSION["resetEmail"]); - return $response; - } - - return $response->withStatus(500); -}); - $app->run(); diff --git a/dist/api/projectData.php b/src/api/project/projectData.php similarity index 99% rename from dist/api/projectData.php rename to src/api/project/projectData.php index d1ea1dc..f0cbabe 100644 --- a/dist/api/projectData.php +++ b/src/api/project/projectData.php @@ -1,9 +1,9 @@ projectData = new projectData(); + $this->createRoutes($app); + } + public function createRoutes(App $app): void + { + $app->get("/projectData", function (Request $request, Response $response) + { + $result = $this->projectData->getProjectData(); + + $json = json_encode($result); + + $response->getBody()->write($json); + + if(array_key_exists("errorMessage", $result)) + { + $response = $response->withStatus(404); + } + + //use content type json to indicate json data on frontend. + return $response; + }); + + $app->patch("/projectData/{id}", function (Request $request, Response $response, array $args) + { + $data = $request->getParsedBody(); + if ($args["id"] != "undefined") + { + if (empty($data["title"]) || empty($data["isMainProject"]) || empty($data["information"]) || empty($data["gitLink"])) + { + // uh oh sent some empty data + $response->getBody()->write(json_encode(array("error" => "Only some of the data was sent"))); + return $response->withStatus(400); + } + + $update = $this->projectData->updateProjectData($args["id"], $data["title"], $data["isMainProject"], $data["information"], $data["projectLink"], $data["gitLink"]); + + if ($update === "unset main project") + { + // uh oh something went wrong + $response->getBody()->write(json_encode(array("error" => "Can't unset project as main project, try updating another project as the main project"))); + return $response->withStatus(400); + } + + if (!$update) + { + // uh oh something went wrong + $response->getBody()->write(json_encode(array("error" => "Something went wrong"))); + return $response->withStatus(500); + } + return $response; + } + + $response->getBody()->write(json_encode(array("error" => "Please provide an ID"))); + return $response->withStatus(400); + }); + + $app->delete("/projectData/{id}", function (Request $request, Response $response, array $args) + { + if ($args["id"] != null) + { + $message = $this->projectData->deleteProjectData($args["id"]); + if ($message === "error") + { + // uh oh something went wrong + $response->getBody()->write(json_encode(array("error" => "Something went wrong or the project with ID ".$args["id"]."does not exist"))); + return $response->withStatus(500); + } + + if ($message === "cannot delete") + { + //uh oh cannot delete the main project + $response->getBody()->write(json_encode(array("error" => "Cannot delete the main project"))); + return $response->withStatus(409); + } + + return $response; + } + + $response->getBody()->write(json_encode(array("error" => "Please provide an ID"))); + return $response->withStatus(400); + }); + + $app->post("/projectData", function (Request $request, Response $response) + { + $data = $request->getParsedBody(); + if (empty($data["title"]) || empty($data["isMainProject"]) || empty($data["information"]) || empty($data["gitLink"])) + { + // uh oh sent some empty data + $response->getBody()->write(json_encode(array("error" => "Only some of the data was sent"))); + return $response->withStatus(400); + } + + $insertedID = $this->projectData->addProjectData($data["title"], $data["isMainProject"], $data["information"], $data["projectLink"], $data["gitLink"]); + if (!is_int($insertedID)) + { + // uh oh something went wrong + $response->getBody()->write(json_encode(array("error" => "Something went wrong", "message" => $insertedID))); + return $response->withStatus(500); + } + + $response->getBody()->write(json_encode(array("ID" => $insertedID))); + return $response; + }); + + $app->post("/projectImage/{id}", function (Request $request, Response $response, array $args) + { + $files = $request->getUploadedFiles(); + if (empty($args["id"]) || empty($files)) + { + // uh oh only some of the data was sent + $response->getBody()->write(json_encode(array("error" => "Only some of the data was sent"))); + return $response->withStatus(400); + } + + $message = $this->projectData->uploadImage($args["id"], $files["img"]); + if (!is_array($message)) + { + // uh oh something went wrong + $response->getBody()->write(json_encode(array("error" => $message))); + return $response->withStatus(500); + } + + $response->getBody()->write(json_encode($message)); + return $response; + }); + } +} \ No newline at end of file diff --git a/dist/api/timelineData.php b/src/api/timeline/timelineData.php similarity index 98% rename from dist/api/timelineData.php rename to src/api/timeline/timelineData.php index fe62458..acfe463 100644 --- a/dist/api/timelineData.php +++ b/src/api/timeline/timelineData.php @@ -1,10 +1,10 @@ timelineData = new timelineData(); + $this->createRoutes($app); + } + + public function createRoutes(App $app): void + { + $app->get("/timelineData/{timeline}", function (Request $request, Response $response, array $args) + { + //check if route is available if it is get the data + //otherwise return an error + if($args["timeline"] == "edu") + { + $response->getBody()->write(json_encode($this->timelineData->getEduData())); + return $response; + } + + if($args["timeline"] == "work") + { + $response->getBody()->write(json_encode($this->timelineData->getWorkData())); + return $response; + } + + // something went wrong + $response->getBody()->write(json_encode(array("errorMessage" => "Error, timeline data not found"))); + return $response->withStatus(404); + }); + + $app->patch("/timelineData/{timeline}/{id}", function (Request $request, Response $response, array $args) + { + $data = $request->getParsedBody(); + if ($args["timeline"] == "edu" && $args["id"] != "undefined") + { + if (empty($data["dateFrom"]) || empty($data["dateTo"]) || empty($data["grade"]) || empty($data["course"])) + { + // uh oh sent some empty data + $response->getBody()->write(json_encode(array("error" => "Only some of the data was sent"))); + return $response->withStatus(400); + } + + if (!$this->timelineData->updateEduData($data["dateFrom"], $data["dateTo"], $data["grade"], $data["course"], $args["id"])) + { + // uh oh something went wrong + $response->getBody()->write(json_encode(array("error" => "Something went wrong"))); + return $response->withStatus(500); + } + + $response->withStatus(201); + return $response; + } + + if ($args["timeline"] == "work" && $args["id"] != "undefined") + { + if (empty($data["dateFrom"]) || empty($data["dateTo"]) || empty($data["companyName"]) || empty($data["area"]) || empty($data["title"])) + { + // uh oh sent some empty data + $response->getBody()->write(json_encode(array("error" => "Only some of the data was sent"))); + return $response->withStatus(400); + } + + if (!$this->timelineData->updateWorkData($data["dateFrom"], $data["dateTo"], $data["companyName"], $data["area"], $data["title"], $args["id"])) + { + // uh oh something went wrong + $response->getBody()->write(json_encode(array("error" => "Something went wrong"))); + return $response->withStatus(500); + } + + $response->withStatus(201); + return $response; + } + + $response->getBody()->write(json_encode(array("error" => "The correct data was not sent"))); + return $response->withStatus(400); + }); + + $app->delete("/timelineData/{timeline}/{id}", function (Request $request, Response $response, array $args) + { + if ($args["timeline"] == "edu" && $args["id"] != null) + { + if (!$this->timelineData->deleteEduData($args["id"])) + { + // uh oh something went wrong + $response->getBody()->write(json_encode(array("error" => "Something went wrong"))); + return $response->withStatus(500); + } + + return $response; + } + + if ($args["timeline"] == "work" && $args["id"] != null) + { + if (!$this->timelineData->deleteWorkData($args["id"])) + { + // uh oh something went wrong + $response->getBody()->write(json_encode(array("error" => "Something went wrong"))); + return $response->withStatus(500); + } + + return $response; + } + + $response->getBody()->write(json_encode(array("error" => "The correct data was not sent"))); + return $response->withStatus(400); + }); + + $app->post("/timelineData/{timeline}", function (Request $request, Response $response, array $args) + { + $data = $request->getParsedBody(); + if ($args["timeline"] == "edu") + { + if (empty($data["dateFrom"]) || empty($data["dateTo"]) || empty($data["grade"]) || empty($data["course"])) + { + // uh oh sent some empty data + $response->getBody()->write(json_encode(array("error" => "Only some of the data was sent"))); + return $response->withStatus(400); + } + + $insertedID = $this->timelineData->addEduData($data["dateFrom"], $data["dateTo"], $data["grade"], $data["course"]); + if (!is_int($insertedID)) + { + // uh oh something went wrong + $response->getBody()->write(json_encode(array("error" => "Something went wrong"))); + return $response->withStatus(500); + } + + $response->getBody()->write(json_encode(array("ID" => $insertedID))); + $response->withStatus(201); + return $response; + } + + if ($args["timeline"] == "work") + { + if (empty($data["dateFrom"]) || empty($data["companyName"]) || empty($data["area"]) || empty($data["title"])) + { + // uh oh sent some empty data + $response->getBody()->write(json_encode(array("error" => "Only some of the data was sent"))); + return $response->withStatus(400); + } + + if (empty($data["dateTo"])) + { + $data["dateTo"] = ""; + } + + $insertedID = $this->timelineData->addWorkData($data["dateFrom"], $data["dateTo"], $data["companyName"], $data["area"], $data["title"]); + if (!is_int($insertedID)) + { + // uh oh something went wrong + $response->getBody()->write(json_encode(array("error" => "Something went wrong"))); + return $response->withStatus(500); + } + + $response->getBody()->write(json_encode(array("ID" => $insertedID))); + $response->withStatus(201); + return $response; + } + + $response->getBody()->write(json_encode(array("error" => "The correct data was not sent"))); + return $response->withStatus(400); + }); + } +} \ No newline at end of file diff --git a/src/api/user/userData.php b/src/api/user/userData.php new file mode 100644 index 0000000..e1fc9c8 --- /dev/null +++ b/src/api/user/userData.php @@ -0,0 +1,138 @@ +prepare("SELECT * FROM users WHERE username = :username"); + $stmt->bindParam(":username", $username); + $stmt->execute(); + + // set the resulting array to associative + $result = $stmt->fetchAll(PDO::FETCH_ASSOC); + + if ($result) + { + if (password_verify($password, $result[0]["password"])) + { + return true; + } + return false; + } + return false; + } + + /** + * Create a JWT token + * @param $username string - Username + * @return string - JWT token + */ + function createToken(string $username): string + { + $now = time(); + $future = strtotime('+6 hour',$now); + $secretKey = getSecretKey(); + $payload = [ + "jti"=>$username, + "iat"=>$now, + "exp"=>$future + ]; + + return JWT::encode($payload,$secretKey,"HS256"); + } + + /** + * Check if email is already in use + * @param string $email - Email to check + * @return bool - True if email exists, false if not + */ + function checkEmail(string $email): bool + { + $conn = dbConn(); + $stmt = $conn->prepare("SELECT * FROM users WHERE email = :email"); + $stmt->bindParam(":email", $email); + $stmt->execute(); + + // set the resulting array to associative + $result = $stmt->fetchAll(PDO::FETCH_ASSOC); + + if ($result) + { + return true; + } + return false; + } + + /** + * Send a verification email to the userData + * @param $email - email address of the userData + * @return string - verification code + */ + function sendResetEmail($email): string + { + //generate a random token and email the address + $token = uniqid("rpe-"); + $headers1 = "From: noreply@rohitpai.co.uk\r\n"; + $headers1 .= "MIME-Version: 1.0\r\n"; + $headers1 .= "Content-Type: text/html; charset=UTF-8\r\n"; + + $message = " + + + + + + + Document + + +

Reset Password Verification Code

+
+

Please enter the following code to reset your password: $token

+ + + "; + + mail($email, "Reset Password Verification Code", $message, $headers1); + return $token; + } + + /** + * Change password for an email with new password + * @param $email string Email + * @param $password string Password + * @return bool - true if the password was changed, false if not + */ + function changePassword(string $email, string $password): bool + { + $conn = dbConn(); + $stmt = $conn->prepare("UPDATE users SET password = :password WHERE email = :email"); + $newPwd = password_hash($password, PASSWORD_BCRYPT); + $stmt->bindParam(":password", $newPwd); + $stmt->bindParam(":email", $email); + + if ($stmt->execute()) + { + return true; + } + return false; + } + + +} \ No newline at end of file diff --git a/src/api/user/userRoutes.php b/src/api/user/userRoutes.php new file mode 100644 index 0000000..1bc3114 --- /dev/null +++ b/src/api/user/userRoutes.php @@ -0,0 +1,144 @@ +user = new userData(); + $this->createRoutes($app); + } + + public function createRoutes(App $app): void + { + $app->post("/user/login", function (Request $request, Response $response) + { + // get request data + $data = $request->getParsedBody(); + + if (empty($data["username"]) || empty($data["password"])) + { + // uh oh userData sent empty data + return $response->withStatus(400); + } + + if ($this->user->checkUser($data["username"], $data["password"])) + { + // yay, userData is logged in + $_SESSION["token"] = $this->user->createToken($data["username"]); + $_SESSION["username"] = $data["username"]; + $response->getBody()->write(json_encode(array("token" => $_SESSION["token"]))); + return $response; + } + $response->getBody()->write(json_encode(array("error" => "Unauthorised"))); + return $response->withStatus(401); + }); + + $app->get("/user/logout", function (Request $request, Response $response) + { + session_unset(); + return $response; + }); + + $app->get("/user/isLoggedIn", function (Request $request, Response $response) + { + if (empty($_SESSION["token"]) && empty($_SESSION["username"])) + { + // uh oh userData not logged in + return $response->withStatus(401); + } + + if (empty($_SESSION["token"])) + { + // userData is logged in but no token was created + $_SESSION["token"] = $this->user->createToken($_SESSION["username"]); + return $response; + } + + $response->getBody()->write(json_encode(array("token" => $_SESSION["token"]))); + return $response; + + }); + + $app->get("/user/checkResetEmail/{email}", function (Request $request, Response $response, array $args) + { + if (empty($args["email"])) + { + // uh oh sent empty data + return $response->withStatus(400); + } + + if ($this->user->checkEmail($args["email"])) + { + // yay email does exist + $_SESSION["resetToken"] = $this->user->sendResetEmail($args["email"]); + $_SESSION["resetEmail"] = $args["email"]; + return $response; + } + return $response->withStatus(404); + }); + + $app->get("/user/resendEmail", function (Request $request, Response $response) + { + if (empty($_SESSION["resetToken"])) + { + // uh oh not authorized to resend email + return $response->withStatus(401); + } + + $_SESSION["resetToken"] = $this->user->sendResetEmail($_SESSION["resetEmail"]); + return $response; + }); + + $app->get("/user/checkResetCode/{code}", function (Request $request, Response $response, array $args) + { + if (empty($args["code"])) + { + // uh oh sent empty data + return $response->withStatus(400); + } + + if ($_SESSION["resetToken"] === $args["code"]) + { + // yay, code code matches + return $response; + } + + return $response->withStatus(401); + }); + + $app->post("/user/changePassword", function (Request $request, Response $response) + { + if (empty($_SESSION["resetToken"]) && empty($_SESSION["resetEmail"])) + { + // uh oh not authorized to change password + return $response->withStatus(401); + } + + $data = $request->getParsedBody(); + if (empty($data["password"])) + { + // uh oh sent empty data + return $response->withStatus(400); + } + + if ($this->user->changePassword($_SESSION["resetEmail"], $data["password"])) + { + // yay, password changed + unset($_SESSION["resetToken"]); + unset($_SESSION["resetEmail"]); + return $response; + } + + return $response->withStatus(500); + }); + } +} \ No newline at end of file diff --git a/dist/api/middleware.php b/src/api/utils/middleware.php similarity index 96% rename from dist/api/middleware.php rename to src/api/utils/middleware.php index 2183984..d79f3ea 100644 --- a/dist/api/middleware.php +++ b/src/api/utils/middleware.php @@ -1,14 +1,14 @@ [ new RequestPathRule([ "path" => ["/api/projectData", "/api/timelineData/[a-z]*", "/api/projectImage/[0-9]*", "/api/logout"], - "ignore" => ["/api/contact", "/api/user/login", "/api/user/changePassword"] + "ignore" => ["/api/contact", "/api/userData/login", "/api/userData/changePassword"] ]), new RequestMethodRule([ "ignore" => ["OPTIONS", "GET"] diff --git a/src/api/utils/routesInterface.php b/src/api/utils/routesInterface.php new file mode 100644 index 0000000..bd42934 --- /dev/null +++ b/src/api/utils/routesInterface.php @@ -0,0 +1,10 @@ + { - // check if the user is logged in, if not redirect to log in + // check if the userData is logged in, if not redirect to log in fetch('/api/user/isLoggedIn').then(res => { if (!res.ok) diff --git a/src/editor/js/index.js b/src/editor/js/index.js index 6c6ff5f..2ff3f5c 100644 --- a/src/editor/js/index.js +++ b/src/editor/js/index.js @@ -1,7 +1,7 @@ document.addEventListener("DOMContentLoaded", _ => { - // check if the user is logged in and if so load the editor + // check if the userData is logged in and if so load the editor fetch("/api/user/isLoggedIn").then(res => { if (res.ok)