Moved all current routes to individual folders which use a class system and inherit from an interface. Moved rest of the files for a better structure and for readability. Each editable cms should have its own folder with a routes class file and data class file

Signed-off-by: rodude123 <rodude123@gmail.com>
This commit is contained in:
Rohit Pai 2023-06-08 15:10:27 +01:00
parent fb75dd2255
commit a3eb4678f9
26 changed files with 1189 additions and 931 deletions

4
.gitignore vendored
View File

@ -75,6 +75,6 @@ fabric.properties
.env
vendor/*
node_modules/*
src/api/config.php
dist/api/config.php
src/api/utils/config.php
dist/api/utils/config.php
dist/api/.htaccess

View File

@ -1,9 +1,8 @@
<?php
namespace api;
namespace api\blog;
use PDO;
use Psr\Http\Message\UploadedFileInterface;
require_once "./config.php";
require_once __DIR__ . "/../utils/config.php";
/**
* Blog Data Class

20
dist/api/blog/blogRoutes.php vendored Normal file
View File

@ -0,0 +1,20 @@
<?php
namespace api\blog;
use Slim\App;
class blogRoutes implements \api\utils\routesInterface
{
private blogData $blogData;
public function __construct(App $app)
{
$this->blogData = new blogData();
$this->createRoutes($app);
}
public function createRoutes(App $app): void
{
// TODO: Implement createRoutes() method.
}
}

449
dist/api/index.php vendored
View File

@ -1,28 +1,23 @@
<?php
error_reporting(E_ALL);
ini_set('display_errors', 1);
////////////////// Index file //////////////
/// Creates base routes and runs ///
/// respective functions ///
////////////////////////////////////////////
//require “routes.php”;
require "../vendor/autoload.php";
include "middleware.php";
include "timelineData.php";
include "projectData.php";
include "user.php";
include "blogData.php";
require "utils/middleware.php";
require "timeline/timelineRoutes.php";
require "project/projectRoutes.php";
require "user/userRoutes.php";
use api\blogData;
use api\middleware;
use api\projectData;
use api\timelineData;
use api\user;
use api\project\projectRoutes;
use api\timeline\timelineRoutes;
use api\user\userRoutes;
use api\utils\middleware;
use Psr\Http\Message\ResponseInterface as Response;
use Psr\Http\Message\ServerRequestInterface as Request;
use Selective\SameSiteCookie\SameSiteCookieConfiguration;
use Selective\SameSiteCookie\SameSiteCookieMiddleware;
use Slim\Factory\AppFactory;
use Tuupola\Middleware\JwtAuthentication;
// Start slim
$app = AppFactory::create();
@ -33,297 +28,11 @@ $app->setBasePath("/api");
// Add middleware
new middleware($app);
$timelineData = new timelineData();
$projectData = new projectData();
$blogData = new blogData();
$user = new user();
$app->get("/timelineData/{timeline}", function (Request $request, Response $response, array $args)
{
global $timelineData;
//check if route is available if it is get the data
//otherwise return an error
if($args["timeline"] == "edu")
{
$response->getBody()->write(json_encode($timelineData->getEduData()));
return $response;
}
if($args["timeline"] == "work")
{
$response->getBody()->write(json_encode($timelineData->getWorkData()));
return $response;
}
// something went wrong
$response->getBody()->write(json_encode(array("errorMessage" => "Error, timeline data not found")));
return $response->withStatus(404);
});
$app->patch("/timelineData/{timeline}/{id}", function (Request $request, Response $response, array $args)
{
global $timelineData;
$data = $request->getParsedBody();
if ($args["timeline"] == "edu" && $args["id"] != "undefined")
{
if (empty($data["dateFrom"]) || empty($data["dateTo"]) || empty($data["grade"]) || empty($data["course"]))
{
// uh oh sent some empty data
$response->getBody()->write(json_encode(array("error" => "Only some of the data was sent")));
return $response->withStatus(400);
}
if (!$timelineData->updateEduData($data["dateFrom"], $data["dateTo"], $data["grade"], $data["course"], $args["id"]))
{
// uh oh something went wrong
$response->getBody()->write(json_encode(array("error" => "Something went wrong")));
return $response->withStatus(500);
}
$response->withStatus(201);
return $response;
}
if ($args["timeline"] == "work" && $args["id"] != "undefined")
{
if (empty($data["dateFrom"]) || empty($data["dateTo"]) || empty($data["companyName"]) || empty($data["area"]) || empty($data["title"]))
{
// uh oh sent some empty data
$response->getBody()->write(json_encode(array("error" => "Only some of the data was sent")));
return $response->withStatus(400);
}
if (!$timelineData->updateWorkData($data["dateFrom"], $data["dateTo"], $data["companyName"], $data["area"], $data["title"], $args["id"]))
{
// uh oh something went wrong
$response->getBody()->write(json_encode(array("error" => "Something went wrong")));
return $response->withStatus(500);
}
$response->withStatus(201);
return $response;
}
$response->getBody()->write(json_encode(array("error" => "The correct data was not sent")));
return $response->withStatus(400);
});
$app->delete("/timelineData/{timeline}/{id}", function (Request $request, Response $response, array $args)
{
global $timelineData;
if ($args["timeline"] == "edu" && $args["id"] != null)
{
if (!$timelineData->deleteEduData($args["id"]))
{
// uh oh something went wrong
$response->getBody()->write(json_encode(array("error" => "Something went wrong")));
return $response->withStatus(500);
}
return $response;
}
if ($args["timeline"] == "work" && $args["id"] != null)
{
if (!$timelineData->deleteWorkData($args["id"]))
{
// uh oh something went wrong
$response->getBody()->write(json_encode(array("error" => "Something went wrong")));
return $response->withStatus(500);
}
return $response;
}
$response->getBody()->write(json_encode(array("error" => "The correct data was not sent")));
return $response->withStatus(400);
});
$app->post("/timelineData/{timeline}", function (Request $request, Response $response, array $args)
{
global $timelineData;
$data = $request->getParsedBody();
if ($args["timeline"] == "edu")
{
if (empty($data["dateFrom"]) || empty($data["dateTo"]) || empty($data["grade"]) || empty($data["course"]))
{
// uh oh sent some empty data
$response->getBody()->write(json_encode(array("error" => "Only some of the data was sent")));
return $response->withStatus(400);
}
$insertedID = $timelineData->addEduData($data["dateFrom"], $data["dateTo"], $data["grade"], $data["course"]);
if (!is_int($insertedID))
{
// uh oh something went wrong
$response->getBody()->write(json_encode(array("error" => "Something went wrong")));
return $response->withStatus(500);
}
$response->getBody()->write(json_encode(array("ID" => $insertedID)));
$response->withStatus(201);
return $response;
}
if ($args["timeline"] == "work")
{
if (empty($data["dateFrom"]) || empty($data["companyName"]) || empty($data["area"]) || empty($data["title"]))
{
// uh oh sent some empty data
$response->getBody()->write(json_encode(array("error" => "Only some of the data was sent")));
return $response->withStatus(400);
}
if (empty($data["dateTo"]))
{
$data["dateTo"] = "";
}
$insertedID = $timelineData->addWorkData($data["dateFrom"], $data["dateTo"], $data["companyName"], $data["area"], $data["title"]);
if (!is_int($insertedID))
{
// uh oh something went wrong
$response->getBody()->write(json_encode(array("error" => "Something went wrong")));
return $response->withStatus(500);
}
$response->getBody()->write(json_encode(array("ID" => $insertedID)));
$response->withStatus(201);
return $response;
}
$response->getBody()->write(json_encode(array("error" => "The correct data was not sent")));
return $response->withStatus(400);
});
$app->get("/projectData", function (Request $request, Response $response)
{
global $projectData;
$result = $projectData->getProjectData();
$json = json_encode($result);
$response->getBody()->write($json);
if(array_key_exists("errorMessage", $result))
{
$response = $response->withStatus(404);
}
//use content type json to indicate json data on frontend.
return $response;
});
$app->patch("/projectData/{id}", function (Request $request, Response $response, array $args)
{
global $projectData;
$data = $request->getParsedBody();
if ($args["id"] != "undefined")
{
if (empty($data["title"]) || empty($data["isMainProject"]) || empty($data["information"]) || empty($data["gitLink"]))
{
// uh oh sent some empty data
$response->getBody()->write(json_encode(array("error" => "Only some of the data was sent")));
return $response->withStatus(400);
}
$update = $projectData->updateProjectData($args["id"], $data["title"], $data["isMainProject"], $data["information"], $data["projectLink"], $data["gitLink"]);
if ($update === "unset main project")
{
// uh oh something went wrong
$response->getBody()->write(json_encode(array("error" => "Can't unset project as main project, try updating another project as the main project")));
return $response->withStatus(400);
}
if (!$update)
{
// uh oh something went wrong
$response->getBody()->write(json_encode(array("error" => "Something went wrong")));
return $response->withStatus(500);
}
return $response;
}
$response->getBody()->write(json_encode(array("error" => "Please provide an ID")));
return $response->withStatus(400);
});
$app->delete("/projectData/{id}", function (Request $request, Response $response, array $args)
{
global $projectData;
if ($args["id"] != null)
{
$message = $projectData->deleteProjectData($args["id"]);
if ($message === "error")
{
// uh oh something went wrong
$response->getBody()->write(json_encode(array("error" => "Something went wrong or the project with ID ".$args["id"]."does not exist")));
return $response->withStatus(500);
}
if ($message === "cannot delete")
{
//uh oh cannot delete the main project
$response->getBody()->write(json_encode(array("error" => "Cannot delete the main project")));
return $response->withStatus(409);
}
return $response;
}
$response->getBody()->write(json_encode(array("error" => "Please provide an ID")));
return $response->withStatus(400);
});
$app->post("/projectData", function (Request $request, Response $response)
{
global $projectData;
$data = $request->getParsedBody();
if (empty($data["title"]) || empty($data["isMainProject"]) || empty($data["information"]) || empty($data["gitLink"]))
{
// uh oh sent some empty data
$response->getBody()->write(json_encode(array("error" => "Only some of the data was sent")));
return $response->withStatus(400);
}
$insertedID = $projectData->addProjectData($data["title"], $data["isMainProject"], $data["information"], $data["projectLink"], $data["gitLink"]);
if (!is_int($insertedID))
{
// uh oh something went wrong
$response->getBody()->write(json_encode(array("error" => "Something went wrong", "message" => $insertedID)));
return $response->withStatus(500);
}
$response->getBody()->write(json_encode(array("ID" => $insertedID)));
return $response;
});
$app->post("/projectImage/{id}", function (Request $request, Response $response, array $args)
{
global $projectData;
$files = $request->getUploadedFiles();
if (empty($args["id"]) || empty($files))
{
// uh oh only some of the data was sent
$response->getBody()->write(json_encode(array("error" => "Only some of the data was sent")));
return $response->withStatus(400);
}
$message = $projectData->uploadImage($args["id"], $files["img"]);
if (!is_array($message))
{
// uh oh something went wrong
$response->getBody()->write(json_encode(array("error" => $message)));
return $response->withStatus(500);
}
$response->getBody()->write(json_encode($message));
return $response;
});
new timelineRoutes($app);
new projectRoutes($app);
new userRoutes($app);
// misc routes
$app->post("/contact", function (Request $request, Response $response)
{
$data = $request->getParsedBody();
@ -497,134 +206,4 @@ $app->post("/contact", function (Request $request, Response $response)
return $response->withStatus(201);
});
$app->post("/user/login", function (Request $request, Response $response)
{
global $user;
// get request data
$data = $request->getParsedBody();
if (empty($data["username"]) || empty($data["password"]))
{
// uh oh user sent empty data
return $response->withStatus(400);
}
if ($user->checkUser($data["username"], $data["password"]))
{
// yay, user is logged in
$_SESSION["token"] = $user->createToken($data["username"]);
$_SESSION["username"] = $data["username"];
$response->getBody()->write(json_encode(array("token" => $_SESSION["token"])));
return $response;
}
$response->getBody()->write(json_encode(array("error" => "Unauthorised")));
return $response->withStatus(401);
});
$app->get("/user/logout", function (Request $request, Response $response)
{
session_unset();
return $response;
});
$app->get("/user/isLoggedIn", function (Request $request, Response $response)
{
global $user;
if (empty($_SESSION["token"]) && empty($_SESSION["username"]))
{
// uh oh user not logged in
return $response->withStatus(401);
}
if (empty($_SESSION["token"]))
{
// user is logged in but no token was created
$_SESSION["token"] = $user->createToken($_SESSION["username"]);
return $response;
}
$response->getBody()->write(json_encode(array("token" => $_SESSION["token"])));
return $response;
});
$app->get("/user/checkResetEmail/{email}", function (Request $request, Response $response, array $args)
{
global $user;
if (empty($args["email"]))
{
// uh oh sent empty data
return $response->withStatus(400);
}
if ($user->checkEmail($args["email"]))
{
// yay email does exist
$_SESSION["resetToken"] = $user->sendResetEmail($args["email"]);
$_SESSION["resetEmail"] = $args["email"];
return $response;
}
return $response->withStatus(404);
});
$app->get("/user/resendEmail", function (Request $request, Response $response)
{
if (empty($_SESSION["resetToken"]))
{
// uh oh not authorized to resend email
return $response->withStatus(401);
}
global $user;
$_SESSION["resetToken"] = $user->sendResetEmail($_SESSION["resetEmail"]);
return $response;
});
$app->get("/user/checkResetCode/{code}", function (Request $request, Response $response, array $args)
{
if (empty($args["code"]))
{
// uh oh sent empty data
return $response->withStatus(400);
}
if ($_SESSION["resetToken"] === $args["code"])
{
// yay, code code matches
return $response;
}
return $response->withStatus(401);
});
$app->post("/user/changePassword", function (Request $request, Response $response)
{
global $user;
if (empty($_SESSION["resetToken"]) && empty($_SESSION["resetEmail"]))
{
// uh oh not authorized to change password
return $response->withStatus(401);
}
$data = $request->getParsedBody();
if (empty($data["password"]))
{
// uh oh sent empty data
return $response->withStatus(400);
}
if ($user->changePassword($_SESSION["resetEmail"], $data["password"]))
{
// yay, password changed
unset($_SESSION["resetToken"]);
unset($_SESSION["resetEmail"]);
return $response;
}
return $response->withStatus(500);
});
$app->run();

View File

@ -1,9 +1,9 @@
<?php
namespace api;
namespace api\project;
use PDO;
use Psr\Http\Message\UploadedFileInterface;
require_once "./config.php";
require_once __DIR__ . "/../utils/config.php";
/**
* Project Data Class

142
dist/api/project/projectRoutes.php vendored Normal file
View File

@ -0,0 +1,142 @@
<?php
namespace api\project;
require_once __DIR__ . "/../utils/routesInterface.php";
require_once "projectData.php";
use api\utils\routesInterface;
use Psr\Http\Message\ResponseInterface as Response;
use Psr\Http\Message\ServerRequestInterface as Request;
use Slim\App;
class projectRoutes implements routesInterface
{
private projectData $projectData;
public function __construct(App $app)
{
$this->projectData = new projectData();
$this->createRoutes($app);
}
public function createRoutes(App $app): void
{
$app->get("/projectData", function (Request $request, Response $response)
{
$result = $this->projectData->getProjectData();
$json = json_encode($result);
$response->getBody()->write($json);
if(array_key_exists("errorMessage", $result))
{
$response = $response->withStatus(404);
}
//use content type json to indicate json data on frontend.
return $response;
});
$app->patch("/projectData/{id}", function (Request $request, Response $response, array $args)
{
$data = $request->getParsedBody();
if ($args["id"] != "undefined")
{
if (empty($data["title"]) || empty($data["isMainProject"]) || empty($data["information"]) || empty($data["gitLink"]))
{
// uh oh sent some empty data
$response->getBody()->write(json_encode(array("error" => "Only some of the data was sent")));
return $response->withStatus(400);
}
$update = $this->projectData->updateProjectData($args["id"], $data["title"], $data["isMainProject"], $data["information"], $data["projectLink"], $data["gitLink"]);
if ($update === "unset main project")
{
// uh oh something went wrong
$response->getBody()->write(json_encode(array("error" => "Can't unset project as main project, try updating another project as the main project")));
return $response->withStatus(400);
}
if (!$update)
{
// uh oh something went wrong
$response->getBody()->write(json_encode(array("error" => "Something went wrong")));
return $response->withStatus(500);
}
return $response;
}
$response->getBody()->write(json_encode(array("error" => "Please provide an ID")));
return $response->withStatus(400);
});
$app->delete("/projectData/{id}", function (Request $request, Response $response, array $args)
{
if ($args["id"] != null)
{
$message = $this->projectData->deleteProjectData($args["id"]);
if ($message === "error")
{
// uh oh something went wrong
$response->getBody()->write(json_encode(array("error" => "Something went wrong or the project with ID ".$args["id"]."does not exist")));
return $response->withStatus(500);
}
if ($message === "cannot delete")
{
//uh oh cannot delete the main project
$response->getBody()->write(json_encode(array("error" => "Cannot delete the main project")));
return $response->withStatus(409);
}
return $response;
}
$response->getBody()->write(json_encode(array("error" => "Please provide an ID")));
return $response->withStatus(400);
});
$app->post("/projectData", function (Request $request, Response $response)
{
$data = $request->getParsedBody();
if (empty($data["title"]) || empty($data["isMainProject"]) || empty($data["information"]) || empty($data["gitLink"]))
{
// uh oh sent some empty data
$response->getBody()->write(json_encode(array("error" => "Only some of the data was sent")));
return $response->withStatus(400);
}
$insertedID = $this->projectData->addProjectData($data["title"], $data["isMainProject"], $data["information"], $data["projectLink"], $data["gitLink"]);
if (!is_int($insertedID))
{
// uh oh something went wrong
$response->getBody()->write(json_encode(array("error" => "Something went wrong", "message" => $insertedID)));
return $response->withStatus(500);
}
$response->getBody()->write(json_encode(array("ID" => $insertedID)));
return $response;
});
$app->post("/projectImage/{id}", function (Request $request, Response $response, array $args)
{
$files = $request->getUploadedFiles();
if (empty($args["id"]) || empty($files))
{
// uh oh only some of the data was sent
$response->getBody()->write(json_encode(array("error" => "Only some of the data was sent")));
return $response->withStatus(400);
}
$message = $this->projectData->uploadImage($args["id"], $files["img"]);
if (!is_array($message))
{
// uh oh something went wrong
$response->getBody()->write(json_encode(array("error" => $message)));
return $response->withStatus(500);
}
$response->getBody()->write(json_encode($message));
return $response;
});
}
}

View File

@ -1,10 +1,10 @@
<?php
namespace api;
namespace api\timeline;
use PDO;
require_once "./config.php";
require_once __DIR__ . "/../utils/config.php";
/**
* TimelineData class

176
dist/api/timeline/timelineRoutes.php vendored Normal file
View File

@ -0,0 +1,176 @@
<?php
namespace api\timeline;
require_once __DIR__ . "/../utils/routesInterface.php";
require_once "timelineData.php";
use api\utils\routesInterface;
use Psr\Http\Message\ResponseInterface as Response;
use Psr\Http\Message\ServerRequestInterface as Request;
use Slim\App;
class timelineRoutes implements routesInterface
{
private timelineData $timelineData;
public function __construct(App $app)
{
$this->timelineData = new timelineData();
$this->createRoutes($app);
}
public function createRoutes(App $app): void
{
$app->get("/timelineData/{timeline}", function (Request $request, Response $response, array $args)
{
//check if route is available if it is get the data
//otherwise return an error
if($args["timeline"] == "edu")
{
$response->getBody()->write(json_encode($this->timelineData->getEduData()));
return $response;
}
if($args["timeline"] == "work")
{
$response->getBody()->write(json_encode($this->timelineData->getWorkData()));
return $response;
}
// something went wrong
$response->getBody()->write(json_encode(array("errorMessage" => "Error, timeline data not found")));
return $response->withStatus(404);
});
$app->patch("/timelineData/{timeline}/{id}", function (Request $request, Response $response, array $args)
{
$data = $request->getParsedBody();
if ($args["timeline"] == "edu" && $args["id"] != "undefined")
{
if (empty($data["dateFrom"]) || empty($data["dateTo"]) || empty($data["grade"]) || empty($data["course"]))
{
// uh oh sent some empty data
$response->getBody()->write(json_encode(array("error" => "Only some of the data was sent")));
return $response->withStatus(400);
}
if (!$this->timelineData->updateEduData($data["dateFrom"], $data["dateTo"], $data["grade"], $data["course"], $args["id"]))
{
// uh oh something went wrong
$response->getBody()->write(json_encode(array("error" => "Something went wrong")));
return $response->withStatus(500);
}
$response->withStatus(201);
return $response;
}
if ($args["timeline"] == "work" && $args["id"] != "undefined")
{
if (empty($data["dateFrom"]) || empty($data["dateTo"]) || empty($data["companyName"]) || empty($data["area"]) || empty($data["title"]))
{
// uh oh sent some empty data
$response->getBody()->write(json_encode(array("error" => "Only some of the data was sent")));
return $response->withStatus(400);
}
if (!$this->timelineData->updateWorkData($data["dateFrom"], $data["dateTo"], $data["companyName"], $data["area"], $data["title"], $args["id"]))
{
// uh oh something went wrong
$response->getBody()->write(json_encode(array("error" => "Something went wrong")));
return $response->withStatus(500);
}
$response->withStatus(201);
return $response;
}
$response->getBody()->write(json_encode(array("error" => "The correct data was not sent")));
return $response->withStatus(400);
});
$app->delete("/timelineData/{timeline}/{id}", function (Request $request, Response $response, array $args)
{
if ($args["timeline"] == "edu" && $args["id"] != null)
{
if (!$this->timelineData->deleteEduData($args["id"]))
{
// uh oh something went wrong
$response->getBody()->write(json_encode(array("error" => "Something went wrong")));
return $response->withStatus(500);
}
return $response;
}
if ($args["timeline"] == "work" && $args["id"] != null)
{
if (!$this->timelineData->deleteWorkData($args["id"]))
{
// uh oh something went wrong
$response->getBody()->write(json_encode(array("error" => "Something went wrong")));
return $response->withStatus(500);
}
return $response;
}
$response->getBody()->write(json_encode(array("error" => "The correct data was not sent")));
return $response->withStatus(400);
});
$app->post("/timelineData/{timeline}", function (Request $request, Response $response, array $args)
{
$data = $request->getParsedBody();
if ($args["timeline"] == "edu")
{
if (empty($data["dateFrom"]) || empty($data["dateTo"]) || empty($data["grade"]) || empty($data["course"]))
{
// uh oh sent some empty data
$response->getBody()->write(json_encode(array("error" => "Only some of the data was sent")));
return $response->withStatus(400);
}
$insertedID = $this->timelineData->addEduData($data["dateFrom"], $data["dateTo"], $data["grade"], $data["course"]);
if (!is_int($insertedID))
{
// uh oh something went wrong
$response->getBody()->write(json_encode(array("error" => "Something went wrong")));
return $response->withStatus(500);
}
$response->getBody()->write(json_encode(array("ID" => $insertedID)));
$response->withStatus(201);
return $response;
}
if ($args["timeline"] == "work")
{
if (empty($data["dateFrom"]) || empty($data["companyName"]) || empty($data["area"]) || empty($data["title"]))
{
// uh oh sent some empty data
$response->getBody()->write(json_encode(array("error" => "Only some of the data was sent")));
return $response->withStatus(400);
}
if (empty($data["dateTo"]))
{
$data["dateTo"] = "";
}
$insertedID = $this->timelineData->addWorkData($data["dateFrom"], $data["dateTo"], $data["companyName"], $data["area"], $data["title"]);
if (!is_int($insertedID))
{
// uh oh something went wrong
$response->getBody()->write(json_encode(array("error" => "Something went wrong")));
return $response->withStatus(500);
}
$response->getBody()->write(json_encode(array("ID" => $insertedID)));
$response->withStatus(201);
return $response;
}
$response->getBody()->write(json_encode(array("error" => "The correct data was not sent")));
return $response->withStatus(400);
});
}
}

View File

@ -1,9 +1,9 @@
<?php
namespace api;
namespace api\user;
use Firebase\JWT\JWT;
use PDO;
require_once "./config.php";
require_once __DIR__ . "/../utils/config.php";
/**
* User Class

View File

@ -1,18 +1,18 @@
<?php
namespace api;
namespace api\user;
use Firebase\JWT\JWT;
use PDO;
require_once "./config.php";
require_once __DIR__ . "/../utils/config.php";
/**
* User Class
* Define all functions which either check, update or delete user data
* Define all functions which either check, update or delete userData data
*/
class user
class userData
{
/**
* Check if user exists and can be logged in
* Check if userData exists and can be logged in
* @param $username string - Username
* @param $password string - Password
* @return bool - True if logged in, false if not
@ -80,8 +80,8 @@ class user
}
/**
* Send a verification email to the user
* @param $email - email address of the user
* Send a verification email to the userData
* @param $email - email address of the userData
* @return string - verification code
*/
function sendResetEmail($email): string
@ -97,7 +97,7 @@ class user
<html lang='en'>
<head>
<meta charset='UTF-8'>
<meta name='viewport' content='width=device-width, user-scalable=no, initial-scale=1.0, maximum-scale=1.0, minimum-scale=1.0'>
<meta name='viewport' content='width=device-width, userData-scalable=no, initial-scale=1.0, maximum-scale=1.0, minimum-scale=1.0'>
<meta http-equiv='X-UA-Compatible' content='ie=edge'>
<title>Document</title>
</head>

144
dist/api/user/userRoutes.php vendored Normal file
View File

@ -0,0 +1,144 @@
<?php
namespace api\user;
require_once __DIR__ . "/../utils/routesInterface.php";
require_once "userData.php";
use api\utils\routesInterface;
use Psr\Http\Message\ResponseInterface as Response;
use Psr\Http\Message\ServerRequestInterface as Request;
use Slim\App;
class userRoutes implements routesInterface
{
private userData $user;
public function __construct(App $app)
{
$this->user = new userData();
$this->createRoutes($app);
}
public function createRoutes(App $app): void
{
$app->post("/user/login", function (Request $request, Response $response)
{
// get request data
$data = $request->getParsedBody();
if (empty($data["username"]) || empty($data["password"]))
{
// uh oh userData sent empty data
return $response->withStatus(400);
}
if ($this->user->checkUser($data["username"], $data["password"]))
{
// yay, userData is logged in
$_SESSION["token"] = $this->user->createToken($data["username"]);
$_SESSION["username"] = $data["username"];
$response->getBody()->write(json_encode(array("token" => $_SESSION["token"])));
return $response;
}
$response->getBody()->write(json_encode(array("error" => "Unauthorised")));
return $response->withStatus(401);
});
$app->get("/user/logout", function (Request $request, Response $response)
{
session_unset();
return $response;
});
$app->get("/user/isLoggedIn", function (Request $request, Response $response)
{
if (empty($_SESSION["token"]) && empty($_SESSION["username"]))
{
// uh oh userData not logged in
return $response->withStatus(401);
}
if (empty($_SESSION["token"]))
{
// userData is logged in but no token was created
$_SESSION["token"] = $this->user->createToken($_SESSION["username"]);
return $response;
}
$response->getBody()->write(json_encode(array("token" => $_SESSION["token"])));
return $response;
});
$app->get("/user/checkResetEmail/{email}", function (Request $request, Response $response, array $args)
{
if (empty($args["email"]))
{
// uh oh sent empty data
return $response->withStatus(400);
}
if ($this->user->checkEmail($args["email"]))
{
// yay email does exist
$_SESSION["resetToken"] = $this->user->sendResetEmail($args["email"]);
$_SESSION["resetEmail"] = $args["email"];
return $response;
}
return $response->withStatus(404);
});
$app->get("/user/resendEmail", function (Request $request, Response $response)
{
if (empty($_SESSION["resetToken"]))
{
// uh oh not authorized to resend email
return $response->withStatus(401);
}
$_SESSION["resetToken"] = $this->user->sendResetEmail($_SESSION["resetEmail"]);
return $response;
});
$app->get("/user/checkResetCode/{code}", function (Request $request, Response $response, array $args)
{
if (empty($args["code"]))
{
// uh oh sent empty data
return $response->withStatus(400);
}
if ($_SESSION["resetToken"] === $args["code"])
{
// yay, code code matches
return $response;
}
return $response->withStatus(401);
});
$app->post("/user/changePassword", function (Request $request, Response $response)
{
if (empty($_SESSION["resetToken"]) && empty($_SESSION["resetEmail"]))
{
// uh oh not authorized to change password
return $response->withStatus(401);
}
$data = $request->getParsedBody();
if (empty($data["password"]))
{
// uh oh sent empty data
return $response->withStatus(400);
}
if ($this->user->changePassword($_SESSION["resetEmail"], $data["password"]))
{
// yay, password changed
unset($_SESSION["resetToken"]);
unset($_SESSION["resetEmail"]);
return $response;
}
return $response->withStatus(500);
});
}
}

View File

@ -1,14 +1,14 @@
<?php
// middleware
namespace api;
namespace api\utils;
session_start();
use Psr\Http\Message\ServerRequestInterface;
use Psr\Http\Server\RequestHandlerInterface;
use Slim\App;
use Selective\SameSiteCookie\SameSiteCookieConfiguration;
use Selective\SameSiteCookie\SameSiteCookieMiddleware;
use Slim\App;
use Slim\Exception\HttpInternalServerErrorException;
use Slim\Exception\HttpMethodNotAllowedException;
use Slim\Exception\HttpNotFoundException;
@ -80,7 +80,7 @@ class middleware
"rules" => [
new RequestPathRule([
"path" => ["/api/projectData", "/api/timelineData/[a-z]*", "/api/projectImage/[0-9]*", "/api/logout"],
"ignore" => ["/api/contact", "/api/user/login", "/api/user/changePassword"]
"ignore" => ["/api/contact", "/api/userData/login", "/api/userData/changePassword"]
]),
new RequestMethodRule([
"ignore" => ["OPTIONS", "GET"]

10
dist/api/utils/routesInterface.php vendored Normal file
View File

@ -0,0 +1,10 @@
<?php
namespace api\utils;
use Slim\App;
interface routesInterface
{
public function createRoutes(App $app): void;
}

View File

@ -40,8 +40,8 @@ gulp.task("minifyJS", () =>
gulp.task("movePHPFiles", () =>
{
return gulp.src("src/api/*.php")
.pipe(gulp.dest("dist/api"))
return gulp.src("src/api/**/*.php")
.pipe(gulp.dest("dist/api/"))
});
gulp.task("watchFiles", () =>
@ -49,7 +49,7 @@ gulp.task("watchFiles", () =>
gulp.watch("src/**/*.html", gulp.task("minifyHTML"));
gulp.watch("src/**/*.css", gulp.task("minifyCSS"));
gulp.watch("src/**/*.js", gulp.task("minifyJS"));
gulp.watch("src/api/*.php", gulp.task("movePHPFiles"))
gulp.watch("src/api/**/*.php", gulp.task("movePHPFiles"))
});
gulp.task("browserSync", () =>

View File

@ -1,9 +1,8 @@
<?php
namespace api;
namespace api\blog;
use PDO;
use Psr\Http\Message\UploadedFileInterface;
require_once "./config.php";
require_once __DIR__ . "/../utils/config.php";
/**
* Blog Data Class

View File

@ -1,28 +1,23 @@
<?php
error_reporting(E_ALL);
ini_set('display_errors', 1);
////////////////// Index file //////////////
/// Creates base routes and runs ///
/// respective functions ///
////////////////////////////////////////////
//require “routes.php”;
require "../vendor/autoload.php";
include "middleware.php";
include "timelineData.php";
include "projectData.php";
include "user.php";
include "blogData.php";
require "utils/middleware.php";
require "timeline/timelineRoutes.php";
require "project/projectRoutes.php";
require "user/userRoutes.php";
use api\blogData;
use api\middleware;
use api\projectData;
use api\timelineData;
use api\user;
use api\project\projectRoutes;
use api\timeline\timelineRoutes;
use api\user\userRoutes;
use api\utils\middleware;
use Psr\Http\Message\ResponseInterface as Response;
use Psr\Http\Message\ServerRequestInterface as Request;
use Selective\SameSiteCookie\SameSiteCookieConfiguration;
use Selective\SameSiteCookie\SameSiteCookieMiddleware;
use Slim\Factory\AppFactory;
use Tuupola\Middleware\JwtAuthentication;
// Start slim
$app = AppFactory::create();
@ -33,297 +28,11 @@ $app->setBasePath("/api");
// Add middleware
new middleware($app);
$timelineData = new timelineData();
$projectData = new projectData();
$blogData = new blogData();
$user = new user();
$app->get("/timelineData/{timeline}", function (Request $request, Response $response, array $args)
{
global $timelineData;
//check if route is available if it is get the data
//otherwise return an error
if($args["timeline"] == "edu")
{
$response->getBody()->write(json_encode($timelineData->getEduData()));
return $response;
}
if($args["timeline"] == "work")
{
$response->getBody()->write(json_encode($timelineData->getWorkData()));
return $response;
}
// something went wrong
$response->getBody()->write(json_encode(array("errorMessage" => "Error, timeline data not found")));
return $response->withStatus(404);
});
$app->patch("/timelineData/{timeline}/{id}", function (Request $request, Response $response, array $args)
{
global $timelineData;
$data = $request->getParsedBody();
if ($args["timeline"] == "edu" && $args["id"] != "undefined")
{
if (empty($data["dateFrom"]) || empty($data["dateTo"]) || empty($data["grade"]) || empty($data["course"]))
{
// uh oh sent some empty data
$response->getBody()->write(json_encode(array("error" => "Only some of the data was sent")));
return $response->withStatus(400);
}
if (!$timelineData->updateEduData($data["dateFrom"], $data["dateTo"], $data["grade"], $data["course"], $args["id"]))
{
// uh oh something went wrong
$response->getBody()->write(json_encode(array("error" => "Something went wrong")));
return $response->withStatus(500);
}
$response->withStatus(201);
return $response;
}
if ($args["timeline"] == "work" && $args["id"] != "undefined")
{
if (empty($data["dateFrom"]) || empty($data["dateTo"]) || empty($data["companyName"]) || empty($data["area"]) || empty($data["title"]))
{
// uh oh sent some empty data
$response->getBody()->write(json_encode(array("error" => "Only some of the data was sent")));
return $response->withStatus(400);
}
if (!$timelineData->updateWorkData($data["dateFrom"], $data["dateTo"], $data["companyName"], $data["area"], $data["title"], $args["id"]))
{
// uh oh something went wrong
$response->getBody()->write(json_encode(array("error" => "Something went wrong")));
return $response->withStatus(500);
}
$response->withStatus(201);
return $response;
}
$response->getBody()->write(json_encode(array("error" => "The correct data was not sent")));
return $response->withStatus(400);
});
$app->delete("/timelineData/{timeline}/{id}", function (Request $request, Response $response, array $args)
{
global $timelineData;
if ($args["timeline"] == "edu" && $args["id"] != null)
{
if (!$timelineData->deleteEduData($args["id"]))
{
// uh oh something went wrong
$response->getBody()->write(json_encode(array("error" => "Something went wrong")));
return $response->withStatus(500);
}
return $response;
}
if ($args["timeline"] == "work" && $args["id"] != null)
{
if (!$timelineData->deleteWorkData($args["id"]))
{
// uh oh something went wrong
$response->getBody()->write(json_encode(array("error" => "Something went wrong")));
return $response->withStatus(500);
}
return $response;
}
$response->getBody()->write(json_encode(array("error" => "The correct data was not sent")));
return $response->withStatus(400);
});
$app->post("/timelineData/{timeline}", function (Request $request, Response $response, array $args)
{
global $timelineData;
$data = $request->getParsedBody();
if ($args["timeline"] == "edu")
{
if (empty($data["dateFrom"]) || empty($data["dateTo"]) || empty($data["grade"]) || empty($data["course"]))
{
// uh oh sent some empty data
$response->getBody()->write(json_encode(array("error" => "Only some of the data was sent")));
return $response->withStatus(400);
}
$insertedID = $timelineData->addEduData($data["dateFrom"], $data["dateTo"], $data["grade"], $data["course"]);
if (!is_int($insertedID))
{
// uh oh something went wrong
$response->getBody()->write(json_encode(array("error" => "Something went wrong")));
return $response->withStatus(500);
}
$response->getBody()->write(json_encode(array("ID" => $insertedID)));
$response->withStatus(201);
return $response;
}
if ($args["timeline"] == "work")
{
if (empty($data["dateFrom"]) || empty($data["companyName"]) || empty($data["area"]) || empty($data["title"]))
{
// uh oh sent some empty data
$response->getBody()->write(json_encode(array("error" => "Only some of the data was sent")));
return $response->withStatus(400);
}
if (empty($data["dateTo"]))
{
$data["dateTo"] = "";
}
$insertedID = $timelineData->addWorkData($data["dateFrom"], $data["dateTo"], $data["companyName"], $data["area"], $data["title"]);
if (!is_int($insertedID))
{
// uh oh something went wrong
$response->getBody()->write(json_encode(array("error" => "Something went wrong")));
return $response->withStatus(500);
}
$response->getBody()->write(json_encode(array("ID" => $insertedID)));
$response->withStatus(201);
return $response;
}
$response->getBody()->write(json_encode(array("error" => "The correct data was not sent")));
return $response->withStatus(400);
});
$app->get("/projectData", function (Request $request, Response $response)
{
global $projectData;
$result = $projectData->getProjectData();
$json = json_encode($result);
$response->getBody()->write($json);
if(array_key_exists("errorMessage", $result))
{
$response = $response->withStatus(404);
}
//use content type json to indicate json data on frontend.
return $response;
});
$app->patch("/projectData/{id}", function (Request $request, Response $response, array $args)
{
global $projectData;
$data = $request->getParsedBody();
if ($args["id"] != "undefined")
{
if (empty($data["title"]) || empty($data["isMainProject"]) || empty($data["information"]) || empty($data["gitLink"]))
{
// uh oh sent some empty data
$response->getBody()->write(json_encode(array("error" => "Only some of the data was sent")));
return $response->withStatus(400);
}
$update = $projectData->updateProjectData($args["id"], $data["title"], $data["isMainProject"], $data["information"], $data["projectLink"], $data["gitLink"]);
if ($update === "unset main project")
{
// uh oh something went wrong
$response->getBody()->write(json_encode(array("error" => "Can't unset project as main project, try updating another project as the main project")));
return $response->withStatus(400);
}
if (!$update)
{
// uh oh something went wrong
$response->getBody()->write(json_encode(array("error" => "Something went wrong")));
return $response->withStatus(500);
}
return $response;
}
$response->getBody()->write(json_encode(array("error" => "Please provide an ID")));
return $response->withStatus(400);
});
$app->delete("/projectData/{id}", function (Request $request, Response $response, array $args)
{
global $projectData;
if ($args["id"] != null)
{
$message = $projectData->deleteProjectData($args["id"]);
if ($message === "error")
{
// uh oh something went wrong
$response->getBody()->write(json_encode(array("error" => "Something went wrong or the project with ID ".$args["id"]."does not exist")));
return $response->withStatus(500);
}
if ($message === "cannot delete")
{
//uh oh cannot delete the main project
$response->getBody()->write(json_encode(array("error" => "Cannot delete the main project")));
return $response->withStatus(409);
}
return $response;
}
$response->getBody()->write(json_encode(array("error" => "Please provide an ID")));
return $response->withStatus(400);
});
$app->post("/projectData", function (Request $request, Response $response)
{
global $projectData;
$data = $request->getParsedBody();
if (empty($data["title"]) || empty($data["isMainProject"]) || empty($data["information"]) || empty($data["gitLink"]))
{
// uh oh sent some empty data
$response->getBody()->write(json_encode(array("error" => "Only some of the data was sent")));
return $response->withStatus(400);
}
$insertedID = $projectData->addProjectData($data["title"], $data["isMainProject"], $data["information"], $data["projectLink"], $data["gitLink"]);
if (!is_int($insertedID))
{
// uh oh something went wrong
$response->getBody()->write(json_encode(array("error" => "Something went wrong", "message" => $insertedID)));
return $response->withStatus(500);
}
$response->getBody()->write(json_encode(array("ID" => $insertedID)));
return $response;
});
$app->post("/projectImage/{id}", function (Request $request, Response $response, array $args)
{
global $projectData;
$files = $request->getUploadedFiles();
if (empty($args["id"]) || empty($files))
{
// uh oh only some of the data was sent
$response->getBody()->write(json_encode(array("error" => "Only some of the data was sent")));
return $response->withStatus(400);
}
$message = $projectData->uploadImage($args["id"], $files["img"]);
if (!is_array($message))
{
// uh oh something went wrong
$response->getBody()->write(json_encode(array("error" => $message)));
return $response->withStatus(500);
}
$response->getBody()->write(json_encode($message));
return $response;
});
new timelineRoutes($app);
new projectRoutes($app);
new userRoutes($app);
// misc routes
$app->post("/contact", function (Request $request, Response $response)
{
$data = $request->getParsedBody();
@ -497,134 +206,4 @@ $app->post("/contact", function (Request $request, Response $response)
return $response->withStatus(201);
});
$app->post("/user/login", function (Request $request, Response $response)
{
global $user;
// get request data
$data = $request->getParsedBody();
if (empty($data["username"]) || empty($data["password"]))
{
// uh oh user sent empty data
return $response->withStatus(400);
}
if ($user->checkUser($data["username"], $data["password"]))
{
// yay, user is logged in
$_SESSION["token"] = $user->createToken($data["username"]);
$_SESSION["username"] = $data["username"];
$response->getBody()->write(json_encode(array("token" => $_SESSION["token"])));
return $response;
}
$response->getBody()->write(json_encode(array("error" => "Unauthorised")));
return $response->withStatus(401);
});
$app->get("/user/logout", function (Request $request, Response $response)
{
session_unset();
return $response;
});
$app->get("/user/isLoggedIn", function (Request $request, Response $response)
{
global $user;
if (empty($_SESSION["token"]) && empty($_SESSION["username"]))
{
// uh oh user not logged in
return $response->withStatus(401);
}
if (empty($_SESSION["token"]))
{
// user is logged in but no token was created
$_SESSION["token"] = $user->createToken($_SESSION["username"]);
return $response;
}
$response->getBody()->write(json_encode(array("token" => $_SESSION["token"])));
return $response;
});
$app->get("/user/checkResetEmail/{email}", function (Request $request, Response $response, array $args)
{
global $user;
if (empty($args["email"]))
{
// uh oh sent empty data
return $response->withStatus(400);
}
if ($user->checkEmail($args["email"]))
{
// yay email does exist
$_SESSION["resetToken"] = $user->sendResetEmail($args["email"]);
$_SESSION["resetEmail"] = $args["email"];
return $response;
}
return $response->withStatus(404);
});
$app->get("/user/resendEmail", function (Request $request, Response $response)
{
if (empty($_SESSION["resetToken"]))
{
// uh oh not authorized to resend email
return $response->withStatus(401);
}
global $user;
$_SESSION["resetToken"] = $user->sendResetEmail($_SESSION["resetEmail"]);
return $response;
});
$app->get("/user/checkResetCode/{code}", function (Request $request, Response $response, array $args)
{
if (empty($args["code"]))
{
// uh oh sent empty data
return $response->withStatus(400);
}
if ($_SESSION["resetToken"] === $args["code"])
{
// yay, code code matches
return $response;
}
return $response->withStatus(401);
});
$app->post("/user/changePassword", function (Request $request, Response $response)
{
global $user;
if (empty($_SESSION["resetToken"]) && empty($_SESSION["resetEmail"]))
{
// uh oh not authorized to change password
return $response->withStatus(401);
}
$data = $request->getParsedBody();
if (empty($data["password"]))
{
// uh oh sent empty data
return $response->withStatus(400);
}
if ($user->changePassword($_SESSION["resetEmail"], $data["password"]))
{
// yay, password changed
unset($_SESSION["resetToken"]);
unset($_SESSION["resetEmail"]);
return $response;
}
return $response->withStatus(500);
});
$app->run();

View File

@ -1,9 +1,9 @@
<?php
namespace api;
namespace api\project;
use PDO;
use Psr\Http\Message\UploadedFileInterface;
require_once "./config.php";
require_once __DIR__ . "/../utils/config.php";
/**
* Project Data Class

View File

@ -0,0 +1,142 @@
<?php
namespace api\project;
require_once __DIR__ . "/../utils/routesInterface.php";
require_once "projectData.php";
use api\utils\routesInterface;
use Psr\Http\Message\ResponseInterface as Response;
use Psr\Http\Message\ServerRequestInterface as Request;
use Slim\App;
class projectRoutes implements routesInterface
{
private projectData $projectData;
public function __construct(App $app)
{
$this->projectData = new projectData();
$this->createRoutes($app);
}
public function createRoutes(App $app): void
{
$app->get("/projectData", function (Request $request, Response $response)
{
$result = $this->projectData->getProjectData();
$json = json_encode($result);
$response->getBody()->write($json);
if(array_key_exists("errorMessage", $result))
{
$response = $response->withStatus(404);
}
//use content type json to indicate json data on frontend.
return $response;
});
$app->patch("/projectData/{id}", function (Request $request, Response $response, array $args)
{
$data = $request->getParsedBody();
if ($args["id"] != "undefined")
{
if (empty($data["title"]) || empty($data["isMainProject"]) || empty($data["information"]) || empty($data["gitLink"]))
{
// uh oh sent some empty data
$response->getBody()->write(json_encode(array("error" => "Only some of the data was sent")));
return $response->withStatus(400);
}
$update = $this->projectData->updateProjectData($args["id"], $data["title"], $data["isMainProject"], $data["information"], $data["projectLink"], $data["gitLink"]);
if ($update === "unset main project")
{
// uh oh something went wrong
$response->getBody()->write(json_encode(array("error" => "Can't unset project as main project, try updating another project as the main project")));
return $response->withStatus(400);
}
if (!$update)
{
// uh oh something went wrong
$response->getBody()->write(json_encode(array("error" => "Something went wrong")));
return $response->withStatus(500);
}
return $response;
}
$response->getBody()->write(json_encode(array("error" => "Please provide an ID")));
return $response->withStatus(400);
});
$app->delete("/projectData/{id}", function (Request $request, Response $response, array $args)
{
if ($args["id"] != null)
{
$message = $this->projectData->deleteProjectData($args["id"]);
if ($message === "error")
{
// uh oh something went wrong
$response->getBody()->write(json_encode(array("error" => "Something went wrong or the project with ID ".$args["id"]."does not exist")));
return $response->withStatus(500);
}
if ($message === "cannot delete")
{
//uh oh cannot delete the main project
$response->getBody()->write(json_encode(array("error" => "Cannot delete the main project")));
return $response->withStatus(409);
}
return $response;
}
$response->getBody()->write(json_encode(array("error" => "Please provide an ID")));
return $response->withStatus(400);
});
$app->post("/projectData", function (Request $request, Response $response)
{
$data = $request->getParsedBody();
if (empty($data["title"]) || empty($data["isMainProject"]) || empty($data["information"]) || empty($data["gitLink"]))
{
// uh oh sent some empty data
$response->getBody()->write(json_encode(array("error" => "Only some of the data was sent")));
return $response->withStatus(400);
}
$insertedID = $this->projectData->addProjectData($data["title"], $data["isMainProject"], $data["information"], $data["projectLink"], $data["gitLink"]);
if (!is_int($insertedID))
{
// uh oh something went wrong
$response->getBody()->write(json_encode(array("error" => "Something went wrong", "message" => $insertedID)));
return $response->withStatus(500);
}
$response->getBody()->write(json_encode(array("ID" => $insertedID)));
return $response;
});
$app->post("/projectImage/{id}", function (Request $request, Response $response, array $args)
{
$files = $request->getUploadedFiles();
if (empty($args["id"]) || empty($files))
{
// uh oh only some of the data was sent
$response->getBody()->write(json_encode(array("error" => "Only some of the data was sent")));
return $response->withStatus(400);
}
$message = $this->projectData->uploadImage($args["id"], $files["img"]);
if (!is_array($message))
{
// uh oh something went wrong
$response->getBody()->write(json_encode(array("error" => $message)));
return $response->withStatus(500);
}
$response->getBody()->write(json_encode($message));
return $response;
});
}
}

View File

@ -1,10 +1,10 @@
<?php
namespace api;
namespace api\timeline;
use PDO;
require_once "./config.php";
require_once __DIR__ . "/../utils/config.php";
/**
* TimelineData class

View File

@ -0,0 +1,176 @@
<?php
namespace api\timeline;
require_once __DIR__ . "/../utils/routesInterface.php";
require_once "timelineData.php";
use api\utils\routesInterface;
use Psr\Http\Message\ResponseInterface as Response;
use Psr\Http\Message\ServerRequestInterface as Request;
use Slim\App;
class timelineRoutes implements routesInterface
{
private timelineData $timelineData;
public function __construct(App $app)
{
$this->timelineData = new timelineData();
$this->createRoutes($app);
}
public function createRoutes(App $app): void
{
$app->get("/timelineData/{timeline}", function (Request $request, Response $response, array $args)
{
//check if route is available if it is get the data
//otherwise return an error
if($args["timeline"] == "edu")
{
$response->getBody()->write(json_encode($this->timelineData->getEduData()));
return $response;
}
if($args["timeline"] == "work")
{
$response->getBody()->write(json_encode($this->timelineData->getWorkData()));
return $response;
}
// something went wrong
$response->getBody()->write(json_encode(array("errorMessage" => "Error, timeline data not found")));
return $response->withStatus(404);
});
$app->patch("/timelineData/{timeline}/{id}", function (Request $request, Response $response, array $args)
{
$data = $request->getParsedBody();
if ($args["timeline"] == "edu" && $args["id"] != "undefined")
{
if (empty($data["dateFrom"]) || empty($data["dateTo"]) || empty($data["grade"]) || empty($data["course"]))
{
// uh oh sent some empty data
$response->getBody()->write(json_encode(array("error" => "Only some of the data was sent")));
return $response->withStatus(400);
}
if (!$this->timelineData->updateEduData($data["dateFrom"], $data["dateTo"], $data["grade"], $data["course"], $args["id"]))
{
// uh oh something went wrong
$response->getBody()->write(json_encode(array("error" => "Something went wrong")));
return $response->withStatus(500);
}
$response->withStatus(201);
return $response;
}
if ($args["timeline"] == "work" && $args["id"] != "undefined")
{
if (empty($data["dateFrom"]) || empty($data["dateTo"]) || empty($data["companyName"]) || empty($data["area"]) || empty($data["title"]))
{
// uh oh sent some empty data
$response->getBody()->write(json_encode(array("error" => "Only some of the data was sent")));
return $response->withStatus(400);
}
if (!$this->timelineData->updateWorkData($data["dateFrom"], $data["dateTo"], $data["companyName"], $data["area"], $data["title"], $args["id"]))
{
// uh oh something went wrong
$response->getBody()->write(json_encode(array("error" => "Something went wrong")));
return $response->withStatus(500);
}
$response->withStatus(201);
return $response;
}
$response->getBody()->write(json_encode(array("error" => "The correct data was not sent")));
return $response->withStatus(400);
});
$app->delete("/timelineData/{timeline}/{id}", function (Request $request, Response $response, array $args)
{
if ($args["timeline"] == "edu" && $args["id"] != null)
{
if (!$this->timelineData->deleteEduData($args["id"]))
{
// uh oh something went wrong
$response->getBody()->write(json_encode(array("error" => "Something went wrong")));
return $response->withStatus(500);
}
return $response;
}
if ($args["timeline"] == "work" && $args["id"] != null)
{
if (!$this->timelineData->deleteWorkData($args["id"]))
{
// uh oh something went wrong
$response->getBody()->write(json_encode(array("error" => "Something went wrong")));
return $response->withStatus(500);
}
return $response;
}
$response->getBody()->write(json_encode(array("error" => "The correct data was not sent")));
return $response->withStatus(400);
});
$app->post("/timelineData/{timeline}", function (Request $request, Response $response, array $args)
{
$data = $request->getParsedBody();
if ($args["timeline"] == "edu")
{
if (empty($data["dateFrom"]) || empty($data["dateTo"]) || empty($data["grade"]) || empty($data["course"]))
{
// uh oh sent some empty data
$response->getBody()->write(json_encode(array("error" => "Only some of the data was sent")));
return $response->withStatus(400);
}
$insertedID = $this->timelineData->addEduData($data["dateFrom"], $data["dateTo"], $data["grade"], $data["course"]);
if (!is_int($insertedID))
{
// uh oh something went wrong
$response->getBody()->write(json_encode(array("error" => "Something went wrong")));
return $response->withStatus(500);
}
$response->getBody()->write(json_encode(array("ID" => $insertedID)));
$response->withStatus(201);
return $response;
}
if ($args["timeline"] == "work")
{
if (empty($data["dateFrom"]) || empty($data["companyName"]) || empty($data["area"]) || empty($data["title"]))
{
// uh oh sent some empty data
$response->getBody()->write(json_encode(array("error" => "Only some of the data was sent")));
return $response->withStatus(400);
}
if (empty($data["dateTo"]))
{
$data["dateTo"] = "";
}
$insertedID = $this->timelineData->addWorkData($data["dateFrom"], $data["dateTo"], $data["companyName"], $data["area"], $data["title"]);
if (!is_int($insertedID))
{
// uh oh something went wrong
$response->getBody()->write(json_encode(array("error" => "Something went wrong")));
return $response->withStatus(500);
}
$response->getBody()->write(json_encode(array("ID" => $insertedID)));
$response->withStatus(201);
return $response;
}
$response->getBody()->write(json_encode(array("error" => "The correct data was not sent")));
return $response->withStatus(400);
});
}
}

138
src/api/user/userData.php Normal file
View File

@ -0,0 +1,138 @@
<?php
namespace api\user;
use Firebase\JWT\JWT;
use PDO;
require_once __DIR__ . "/../utils/config.php";
/**
* User Class
* Define all functions which either check, update or delete userData data
*/
class userData
{
/**
* Check if userData exists and can be logged in
* @param $username string - Username
* @param $password string - Password
* @return bool - True if logged in, false if not
*/
function checkUser(string $username, string $password): bool
{
$conn = dbConn();
$stmt = $conn->prepare("SELECT * FROM users WHERE username = :username");
$stmt->bindParam(":username", $username);
$stmt->execute();
// set the resulting array to associative
$result = $stmt->fetchAll(PDO::FETCH_ASSOC);
if ($result)
{
if (password_verify($password, $result[0]["password"]))
{
return true;
}
return false;
}
return false;
}
/**
* Create a JWT token
* @param $username string - Username
* @return string - JWT token
*/
function createToken(string $username): string
{
$now = time();
$future = strtotime('+6 hour',$now);
$secretKey = getSecretKey();
$payload = [
"jti"=>$username,
"iat"=>$now,
"exp"=>$future
];
return JWT::encode($payload,$secretKey,"HS256");
}
/**
* Check if email is already in use
* @param string $email - Email to check
* @return bool - True if email exists, false if not
*/
function checkEmail(string $email): bool
{
$conn = dbConn();
$stmt = $conn->prepare("SELECT * FROM users WHERE email = :email");
$stmt->bindParam(":email", $email);
$stmt->execute();
// set the resulting array to associative
$result = $stmt->fetchAll(PDO::FETCH_ASSOC);
if ($result)
{
return true;
}
return false;
}
/**
* Send a verification email to the userData
* @param $email - email address of the userData
* @return string - verification code
*/
function sendResetEmail($email): string
{
//generate a random token and email the address
$token = uniqid("rpe-");
$headers1 = "From: noreply@rohitpai.co.uk\r\n";
$headers1 .= "MIME-Version: 1.0\r\n";
$headers1 .= "Content-Type: text/html; charset=UTF-8\r\n";
$message = "
<!doctype html>
<html lang='en'>
<head>
<meta charset='UTF-8'>
<meta name='viewport' content='width=device-width, userData-scalable=no, initial-scale=1.0, maximum-scale=1.0, minimum-scale=1.0'>
<meta http-equiv='X-UA-Compatible' content='ie=edge'>
<title>Document</title>
</head>
<body>
<h1>Reset Password Verification Code</h1>
<br>
<p>Please enter the following code to reset your password: $token</p>
</body>
</html>
";
mail($email, "Reset Password Verification Code", $message, $headers1);
return $token;
}
/**
* Change password for an email with new password
* @param $email string Email
* @param $password string Password
* @return bool - true if the password was changed, false if not
*/
function changePassword(string $email, string $password): bool
{
$conn = dbConn();
$stmt = $conn->prepare("UPDATE users SET password = :password WHERE email = :email");
$newPwd = password_hash($password, PASSWORD_BCRYPT);
$stmt->bindParam(":password", $newPwd);
$stmt->bindParam(":email", $email);
if ($stmt->execute())
{
return true;
}
return false;
}
}

144
src/api/user/userRoutes.php Normal file
View File

@ -0,0 +1,144 @@
<?php
namespace api\user;
require_once __DIR__ . "/../utils/routesInterface.php";
require_once "userData.php";
use api\utils\routesInterface;
use Psr\Http\Message\ResponseInterface as Response;
use Psr\Http\Message\ServerRequestInterface as Request;
use Slim\App;
class userRoutes implements routesInterface
{
private userData $user;
public function __construct(App $app)
{
$this->user = new userData();
$this->createRoutes($app);
}
public function createRoutes(App $app): void
{
$app->post("/user/login", function (Request $request, Response $response)
{
// get request data
$data = $request->getParsedBody();
if (empty($data["username"]) || empty($data["password"]))
{
// uh oh userData sent empty data
return $response->withStatus(400);
}
if ($this->user->checkUser($data["username"], $data["password"]))
{
// yay, userData is logged in
$_SESSION["token"] = $this->user->createToken($data["username"]);
$_SESSION["username"] = $data["username"];
$response->getBody()->write(json_encode(array("token" => $_SESSION["token"])));
return $response;
}
$response->getBody()->write(json_encode(array("error" => "Unauthorised")));
return $response->withStatus(401);
});
$app->get("/user/logout", function (Request $request, Response $response)
{
session_unset();
return $response;
});
$app->get("/user/isLoggedIn", function (Request $request, Response $response)
{
if (empty($_SESSION["token"]) && empty($_SESSION["username"]))
{
// uh oh userData not logged in
return $response->withStatus(401);
}
if (empty($_SESSION["token"]))
{
// userData is logged in but no token was created
$_SESSION["token"] = $this->user->createToken($_SESSION["username"]);
return $response;
}
$response->getBody()->write(json_encode(array("token" => $_SESSION["token"])));
return $response;
});
$app->get("/user/checkResetEmail/{email}", function (Request $request, Response $response, array $args)
{
if (empty($args["email"]))
{
// uh oh sent empty data
return $response->withStatus(400);
}
if ($this->user->checkEmail($args["email"]))
{
// yay email does exist
$_SESSION["resetToken"] = $this->user->sendResetEmail($args["email"]);
$_SESSION["resetEmail"] = $args["email"];
return $response;
}
return $response->withStatus(404);
});
$app->get("/user/resendEmail", function (Request $request, Response $response)
{
if (empty($_SESSION["resetToken"]))
{
// uh oh not authorized to resend email
return $response->withStatus(401);
}
$_SESSION["resetToken"] = $this->user->sendResetEmail($_SESSION["resetEmail"]);
return $response;
});
$app->get("/user/checkResetCode/{code}", function (Request $request, Response $response, array $args)
{
if (empty($args["code"]))
{
// uh oh sent empty data
return $response->withStatus(400);
}
if ($_SESSION["resetToken"] === $args["code"])
{
// yay, code code matches
return $response;
}
return $response->withStatus(401);
});
$app->post("/user/changePassword", function (Request $request, Response $response)
{
if (empty($_SESSION["resetToken"]) && empty($_SESSION["resetEmail"]))
{
// uh oh not authorized to change password
return $response->withStatus(401);
}
$data = $request->getParsedBody();
if (empty($data["password"]))
{
// uh oh sent empty data
return $response->withStatus(400);
}
if ($this->user->changePassword($_SESSION["resetEmail"], $data["password"]))
{
// yay, password changed
unset($_SESSION["resetToken"]);
unset($_SESSION["resetEmail"]);
return $response;
}
return $response->withStatus(500);
});
}
}

View File

@ -1,14 +1,14 @@
<?php
// middleware
namespace api;
namespace api\utils;
session_start();
use Psr\Http\Message\ServerRequestInterface;
use Psr\Http\Server\RequestHandlerInterface;
use Slim\App;
use Selective\SameSiteCookie\SameSiteCookieConfiguration;
use Selective\SameSiteCookie\SameSiteCookieMiddleware;
use Slim\App;
use Slim\Exception\HttpInternalServerErrorException;
use Slim\Exception\HttpMethodNotAllowedException;
use Slim\Exception\HttpNotFoundException;
@ -80,7 +80,7 @@ class middleware
"rules" => [
new RequestPathRule([
"path" => ["/api/projectData", "/api/timelineData/[a-z]*", "/api/projectImage/[0-9]*", "/api/logout"],
"ignore" => ["/api/contact", "/api/user/login", "/api/user/changePassword"]
"ignore" => ["/api/contact", "/api/userData/login", "/api/userData/changePassword"]
]),
new RequestMethodRule([
"ignore" => ["OPTIONS", "GET"]

View File

@ -0,0 +1,10 @@
<?php
namespace api\utils;
use Slim\App;
interface routesInterface
{
public function createRoutes(App $app): void;
}

View File

@ -3,7 +3,7 @@ let textareaLoaded = false;
document.addEventListener('DOMContentLoaded', () =>
{
// check if the user is logged in, if not redirect to log in
// check if the userData is logged in, if not redirect to log in
fetch('/api/user/isLoggedIn').then(res =>
{
if (!res.ok)

View File

@ -1,7 +1,7 @@
document.addEventListener("DOMContentLoaded", _ =>
{
// check if the user is logged in and if so load the editor
// check if the userData is logged in and if so load the editor
fetch("/api/user/isLoggedIn").then(res =>
{
if (res.ok)