intial-blog-setup #33
4
.gitignore
vendored
4
.gitignore
vendored
@ -75,6 +75,6 @@ fabric.properties
|
|||||||
.env
|
.env
|
||||||
vendor/*
|
vendor/*
|
||||||
node_modules/*
|
node_modules/*
|
||||||
src/api/config.php
|
src/api/utils/config.php
|
||||||
dist/api/config.php
|
dist/api/utils/config.php
|
||||||
dist/api/.htaccess
|
dist/api/.htaccess
|
@ -1,9 +1,8 @@
|
|||||||
<?php
|
<?php
|
||||||
namespace api;
|
namespace api\blog;
|
||||||
use PDO;
|
use PDO;
|
||||||
use Psr\Http\Message\UploadedFileInterface;
|
|
||||||
|
|
||||||
require_once "./config.php";
|
require_once __DIR__ . "/../utils/config.php";
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Blog Data Class
|
* Blog Data Class
|
20
dist/api/blog/blogRoutes.php
vendored
Normal file
20
dist/api/blog/blogRoutes.php
vendored
Normal file
@ -0,0 +1,20 @@
|
|||||||
|
<?php
|
||||||
|
|
||||||
|
namespace api\blog;
|
||||||
|
|
||||||
|
use Slim\App;
|
||||||
|
|
||||||
|
class blogRoutes implements \api\utils\routesInterface
|
||||||
|
{
|
||||||
|
private blogData $blogData;
|
||||||
|
public function __construct(App $app)
|
||||||
|
{
|
||||||
|
$this->blogData = new blogData();
|
||||||
|
$this->createRoutes($app);
|
||||||
|
}
|
||||||
|
|
||||||
|
public function createRoutes(App $app): void
|
||||||
|
{
|
||||||
|
// TODO: Implement createRoutes() method.
|
||||||
|
}
|
||||||
|
}
|
449
dist/api/index.php
vendored
449
dist/api/index.php
vendored
@ -1,28 +1,23 @@
|
|||||||
<?php
|
<?php
|
||||||
|
error_reporting(E_ALL);
|
||||||
|
ini_set('display_errors', 1);
|
||||||
////////////////// Index file //////////////
|
////////////////// Index file //////////////
|
||||||
/// Creates base routes and runs ///
|
/// Creates base routes and runs ///
|
||||||
/// respective functions ///
|
/// respective functions ///
|
||||||
////////////////////////////////////////////
|
////////////////////////////////////////////
|
||||||
//require “routes.php”;
|
|
||||||
require "../vendor/autoload.php";
|
require "../vendor/autoload.php";
|
||||||
include "middleware.php";
|
require "utils/middleware.php";
|
||||||
include "timelineData.php";
|
require "timeline/timelineRoutes.php";
|
||||||
include "projectData.php";
|
require "project/projectRoutes.php";
|
||||||
include "user.php";
|
require "user/userRoutes.php";
|
||||||
include "blogData.php";
|
|
||||||
|
|
||||||
use api\blogData;
|
use api\project\projectRoutes;
|
||||||
use api\middleware;
|
use api\timeline\timelineRoutes;
|
||||||
use api\projectData;
|
use api\user\userRoutes;
|
||||||
use api\timelineData;
|
use api\utils\middleware;
|
||||||
use api\user;
|
|
||||||
use Psr\Http\Message\ResponseInterface as Response;
|
use Psr\Http\Message\ResponseInterface as Response;
|
||||||
use Psr\Http\Message\ServerRequestInterface as Request;
|
use Psr\Http\Message\ServerRequestInterface as Request;
|
||||||
use Selective\SameSiteCookie\SameSiteCookieConfiguration;
|
|
||||||
use Selective\SameSiteCookie\SameSiteCookieMiddleware;
|
|
||||||
use Slim\Factory\AppFactory;
|
use Slim\Factory\AppFactory;
|
||||||
use Tuupola\Middleware\JwtAuthentication;
|
|
||||||
|
|
||||||
// Start slim
|
// Start slim
|
||||||
$app = AppFactory::create();
|
$app = AppFactory::create();
|
||||||
@ -33,297 +28,11 @@ $app->setBasePath("/api");
|
|||||||
// Add middleware
|
// Add middleware
|
||||||
new middleware($app);
|
new middleware($app);
|
||||||
|
|
||||||
$timelineData = new timelineData();
|
new timelineRoutes($app);
|
||||||
$projectData = new projectData();
|
new projectRoutes($app);
|
||||||
$blogData = new blogData();
|
new userRoutes($app);
|
||||||
$user = new user();
|
|
||||||
|
|
||||||
$app->get("/timelineData/{timeline}", function (Request $request, Response $response, array $args)
|
|
||||||
{
|
|
||||||
global $timelineData;
|
|
||||||
|
|
||||||
//check if route is available if it is get the data
|
|
||||||
//otherwise return an error
|
|
||||||
if($args["timeline"] == "edu")
|
|
||||||
{
|
|
||||||
$response->getBody()->write(json_encode($timelineData->getEduData()));
|
|
||||||
return $response;
|
|
||||||
}
|
|
||||||
|
|
||||||
if($args["timeline"] == "work")
|
|
||||||
{
|
|
||||||
$response->getBody()->write(json_encode($timelineData->getWorkData()));
|
|
||||||
return $response;
|
|
||||||
}
|
|
||||||
|
|
||||||
// something went wrong
|
|
||||||
$response->getBody()->write(json_encode(array("errorMessage" => "Error, timeline data not found")));
|
|
||||||
return $response->withStatus(404);
|
|
||||||
});
|
|
||||||
|
|
||||||
$app->patch("/timelineData/{timeline}/{id}", function (Request $request, Response $response, array $args)
|
|
||||||
{
|
|
||||||
global $timelineData;
|
|
||||||
$data = $request->getParsedBody();
|
|
||||||
if ($args["timeline"] == "edu" && $args["id"] != "undefined")
|
|
||||||
{
|
|
||||||
if (empty($data["dateFrom"]) || empty($data["dateTo"]) || empty($data["grade"]) || empty($data["course"]))
|
|
||||||
{
|
|
||||||
// uh oh sent some empty data
|
|
||||||
$response->getBody()->write(json_encode(array("error" => "Only some of the data was sent")));
|
|
||||||
return $response->withStatus(400);
|
|
||||||
}
|
|
||||||
|
|
||||||
if (!$timelineData->updateEduData($data["dateFrom"], $data["dateTo"], $data["grade"], $data["course"], $args["id"]))
|
|
||||||
{
|
|
||||||
// uh oh something went wrong
|
|
||||||
$response->getBody()->write(json_encode(array("error" => "Something went wrong")));
|
|
||||||
return $response->withStatus(500);
|
|
||||||
}
|
|
||||||
|
|
||||||
$response->withStatus(201);
|
|
||||||
return $response;
|
|
||||||
}
|
|
||||||
|
|
||||||
if ($args["timeline"] == "work" && $args["id"] != "undefined")
|
|
||||||
{
|
|
||||||
if (empty($data["dateFrom"]) || empty($data["dateTo"]) || empty($data["companyName"]) || empty($data["area"]) || empty($data["title"]))
|
|
||||||
{
|
|
||||||
// uh oh sent some empty data
|
|
||||||
$response->getBody()->write(json_encode(array("error" => "Only some of the data was sent")));
|
|
||||||
return $response->withStatus(400);
|
|
||||||
}
|
|
||||||
|
|
||||||
if (!$timelineData->updateWorkData($data["dateFrom"], $data["dateTo"], $data["companyName"], $data["area"], $data["title"], $args["id"]))
|
|
||||||
{
|
|
||||||
// uh oh something went wrong
|
|
||||||
$response->getBody()->write(json_encode(array("error" => "Something went wrong")));
|
|
||||||
return $response->withStatus(500);
|
|
||||||
}
|
|
||||||
|
|
||||||
$response->withStatus(201);
|
|
||||||
return $response;
|
|
||||||
}
|
|
||||||
|
|
||||||
$response->getBody()->write(json_encode(array("error" => "The correct data was not sent")));
|
|
||||||
return $response->withStatus(400);
|
|
||||||
});
|
|
||||||
|
|
||||||
$app->delete("/timelineData/{timeline}/{id}", function (Request $request, Response $response, array $args)
|
|
||||||
{
|
|
||||||
global $timelineData;
|
|
||||||
if ($args["timeline"] == "edu" && $args["id"] != null)
|
|
||||||
{
|
|
||||||
if (!$timelineData->deleteEduData($args["id"]))
|
|
||||||
{
|
|
||||||
// uh oh something went wrong
|
|
||||||
$response->getBody()->write(json_encode(array("error" => "Something went wrong")));
|
|
||||||
return $response->withStatus(500);
|
|
||||||
}
|
|
||||||
|
|
||||||
return $response;
|
|
||||||
}
|
|
||||||
|
|
||||||
if ($args["timeline"] == "work" && $args["id"] != null)
|
|
||||||
{
|
|
||||||
if (!$timelineData->deleteWorkData($args["id"]))
|
|
||||||
{
|
|
||||||
// uh oh something went wrong
|
|
||||||
$response->getBody()->write(json_encode(array("error" => "Something went wrong")));
|
|
||||||
return $response->withStatus(500);
|
|
||||||
}
|
|
||||||
|
|
||||||
return $response;
|
|
||||||
}
|
|
||||||
|
|
||||||
$response->getBody()->write(json_encode(array("error" => "The correct data was not sent")));
|
|
||||||
return $response->withStatus(400);
|
|
||||||
});
|
|
||||||
|
|
||||||
$app->post("/timelineData/{timeline}", function (Request $request, Response $response, array $args)
|
|
||||||
{
|
|
||||||
global $timelineData;
|
|
||||||
$data = $request->getParsedBody();
|
|
||||||
if ($args["timeline"] == "edu")
|
|
||||||
{
|
|
||||||
if (empty($data["dateFrom"]) || empty($data["dateTo"]) || empty($data["grade"]) || empty($data["course"]))
|
|
||||||
{
|
|
||||||
// uh oh sent some empty data
|
|
||||||
$response->getBody()->write(json_encode(array("error" => "Only some of the data was sent")));
|
|
||||||
return $response->withStatus(400);
|
|
||||||
}
|
|
||||||
|
|
||||||
$insertedID = $timelineData->addEduData($data["dateFrom"], $data["dateTo"], $data["grade"], $data["course"]);
|
|
||||||
if (!is_int($insertedID))
|
|
||||||
{
|
|
||||||
// uh oh something went wrong
|
|
||||||
$response->getBody()->write(json_encode(array("error" => "Something went wrong")));
|
|
||||||
return $response->withStatus(500);
|
|
||||||
}
|
|
||||||
|
|
||||||
$response->getBody()->write(json_encode(array("ID" => $insertedID)));
|
|
||||||
$response->withStatus(201);
|
|
||||||
return $response;
|
|
||||||
}
|
|
||||||
|
|
||||||
if ($args["timeline"] == "work")
|
|
||||||
{
|
|
||||||
if (empty($data["dateFrom"]) || empty($data["companyName"]) || empty($data["area"]) || empty($data["title"]))
|
|
||||||
{
|
|
||||||
// uh oh sent some empty data
|
|
||||||
$response->getBody()->write(json_encode(array("error" => "Only some of the data was sent")));
|
|
||||||
return $response->withStatus(400);
|
|
||||||
}
|
|
||||||
|
|
||||||
if (empty($data["dateTo"]))
|
|
||||||
{
|
|
||||||
$data["dateTo"] = "";
|
|
||||||
}
|
|
||||||
|
|
||||||
$insertedID = $timelineData->addWorkData($data["dateFrom"], $data["dateTo"], $data["companyName"], $data["area"], $data["title"]);
|
|
||||||
if (!is_int($insertedID))
|
|
||||||
{
|
|
||||||
// uh oh something went wrong
|
|
||||||
$response->getBody()->write(json_encode(array("error" => "Something went wrong")));
|
|
||||||
return $response->withStatus(500);
|
|
||||||
}
|
|
||||||
|
|
||||||
$response->getBody()->write(json_encode(array("ID" => $insertedID)));
|
|
||||||
$response->withStatus(201);
|
|
||||||
return $response;
|
|
||||||
}
|
|
||||||
|
|
||||||
$response->getBody()->write(json_encode(array("error" => "The correct data was not sent")));
|
|
||||||
return $response->withStatus(400);
|
|
||||||
});
|
|
||||||
|
|
||||||
$app->get("/projectData", function (Request $request, Response $response)
|
|
||||||
{
|
|
||||||
global $projectData;
|
|
||||||
|
|
||||||
$result = $projectData->getProjectData();
|
|
||||||
|
|
||||||
$json = json_encode($result);
|
|
||||||
|
|
||||||
$response->getBody()->write($json);
|
|
||||||
|
|
||||||
if(array_key_exists("errorMessage", $result))
|
|
||||||
{
|
|
||||||
$response = $response->withStatus(404);
|
|
||||||
}
|
|
||||||
|
|
||||||
//use content type json to indicate json data on frontend.
|
|
||||||
return $response;
|
|
||||||
});
|
|
||||||
|
|
||||||
$app->patch("/projectData/{id}", function (Request $request, Response $response, array $args)
|
|
||||||
{
|
|
||||||
global $projectData;
|
|
||||||
$data = $request->getParsedBody();
|
|
||||||
if ($args["id"] != "undefined")
|
|
||||||
{
|
|
||||||
if (empty($data["title"]) || empty($data["isMainProject"]) || empty($data["information"]) || empty($data["gitLink"]))
|
|
||||||
{
|
|
||||||
// uh oh sent some empty data
|
|
||||||
$response->getBody()->write(json_encode(array("error" => "Only some of the data was sent")));
|
|
||||||
return $response->withStatus(400);
|
|
||||||
}
|
|
||||||
|
|
||||||
$update = $projectData->updateProjectData($args["id"], $data["title"], $data["isMainProject"], $data["information"], $data["projectLink"], $data["gitLink"]);
|
|
||||||
|
|
||||||
if ($update === "unset main project")
|
|
||||||
{
|
|
||||||
// uh oh something went wrong
|
|
||||||
$response->getBody()->write(json_encode(array("error" => "Can't unset project as main project, try updating another project as the main project")));
|
|
||||||
return $response->withStatus(400);
|
|
||||||
}
|
|
||||||
|
|
||||||
if (!$update)
|
|
||||||
{
|
|
||||||
// uh oh something went wrong
|
|
||||||
$response->getBody()->write(json_encode(array("error" => "Something went wrong")));
|
|
||||||
return $response->withStatus(500);
|
|
||||||
}
|
|
||||||
return $response;
|
|
||||||
}
|
|
||||||
|
|
||||||
$response->getBody()->write(json_encode(array("error" => "Please provide an ID")));
|
|
||||||
return $response->withStatus(400);
|
|
||||||
});
|
|
||||||
|
|
||||||
$app->delete("/projectData/{id}", function (Request $request, Response $response, array $args)
|
|
||||||
{
|
|
||||||
global $projectData;
|
|
||||||
if ($args["id"] != null)
|
|
||||||
{
|
|
||||||
$message = $projectData->deleteProjectData($args["id"]);
|
|
||||||
if ($message === "error")
|
|
||||||
{
|
|
||||||
// uh oh something went wrong
|
|
||||||
$response->getBody()->write(json_encode(array("error" => "Something went wrong or the project with ID ".$args["id"]."does not exist")));
|
|
||||||
return $response->withStatus(500);
|
|
||||||
}
|
|
||||||
|
|
||||||
if ($message === "cannot delete")
|
|
||||||
{
|
|
||||||
//uh oh cannot delete the main project
|
|
||||||
$response->getBody()->write(json_encode(array("error" => "Cannot delete the main project")));
|
|
||||||
return $response->withStatus(409);
|
|
||||||
}
|
|
||||||
|
|
||||||
return $response;
|
|
||||||
}
|
|
||||||
|
|
||||||
$response->getBody()->write(json_encode(array("error" => "Please provide an ID")));
|
|
||||||
return $response->withStatus(400);
|
|
||||||
});
|
|
||||||
|
|
||||||
$app->post("/projectData", function (Request $request, Response $response)
|
|
||||||
{
|
|
||||||
global $projectData;
|
|
||||||
$data = $request->getParsedBody();
|
|
||||||
if (empty($data["title"]) || empty($data["isMainProject"]) || empty($data["information"]) || empty($data["gitLink"]))
|
|
||||||
{
|
|
||||||
// uh oh sent some empty data
|
|
||||||
$response->getBody()->write(json_encode(array("error" => "Only some of the data was sent")));
|
|
||||||
return $response->withStatus(400);
|
|
||||||
}
|
|
||||||
|
|
||||||
$insertedID = $projectData->addProjectData($data["title"], $data["isMainProject"], $data["information"], $data["projectLink"], $data["gitLink"]);
|
|
||||||
if (!is_int($insertedID))
|
|
||||||
{
|
|
||||||
// uh oh something went wrong
|
|
||||||
$response->getBody()->write(json_encode(array("error" => "Something went wrong", "message" => $insertedID)));
|
|
||||||
return $response->withStatus(500);
|
|
||||||
}
|
|
||||||
|
|
||||||
$response->getBody()->write(json_encode(array("ID" => $insertedID)));
|
|
||||||
return $response;
|
|
||||||
});
|
|
||||||
|
|
||||||
$app->post("/projectImage/{id}", function (Request $request, Response $response, array $args)
|
|
||||||
{
|
|
||||||
global $projectData;
|
|
||||||
$files = $request->getUploadedFiles();
|
|
||||||
if (empty($args["id"]) || empty($files))
|
|
||||||
{
|
|
||||||
// uh oh only some of the data was sent
|
|
||||||
$response->getBody()->write(json_encode(array("error" => "Only some of the data was sent")));
|
|
||||||
return $response->withStatus(400);
|
|
||||||
}
|
|
||||||
|
|
||||||
$message = $projectData->uploadImage($args["id"], $files["img"]);
|
|
||||||
if (!is_array($message))
|
|
||||||
{
|
|
||||||
// uh oh something went wrong
|
|
||||||
$response->getBody()->write(json_encode(array("error" => $message)));
|
|
||||||
return $response->withStatus(500);
|
|
||||||
}
|
|
||||||
|
|
||||||
$response->getBody()->write(json_encode($message));
|
|
||||||
return $response;
|
|
||||||
});
|
|
||||||
|
|
||||||
|
// misc routes
|
||||||
$app->post("/contact", function (Request $request, Response $response)
|
$app->post("/contact", function (Request $request, Response $response)
|
||||||
{
|
{
|
||||||
$data = $request->getParsedBody();
|
$data = $request->getParsedBody();
|
||||||
@ -497,134 +206,4 @@ $app->post("/contact", function (Request $request, Response $response)
|
|||||||
return $response->withStatus(201);
|
return $response->withStatus(201);
|
||||||
});
|
});
|
||||||
|
|
||||||
$app->post("/user/login", function (Request $request, Response $response)
|
|
||||||
{
|
|
||||||
|
|
||||||
global $user;
|
|
||||||
|
|
||||||
// get request data
|
|
||||||
$data = $request->getParsedBody();
|
|
||||||
|
|
||||||
if (empty($data["username"]) || empty($data["password"]))
|
|
||||||
{
|
|
||||||
// uh oh user sent empty data
|
|
||||||
return $response->withStatus(400);
|
|
||||||
}
|
|
||||||
|
|
||||||
if ($user->checkUser($data["username"], $data["password"]))
|
|
||||||
{
|
|
||||||
// yay, user is logged in
|
|
||||||
$_SESSION["token"] = $user->createToken($data["username"]);
|
|
||||||
$_SESSION["username"] = $data["username"];
|
|
||||||
$response->getBody()->write(json_encode(array("token" => $_SESSION["token"])));
|
|
||||||
return $response;
|
|
||||||
}
|
|
||||||
$response->getBody()->write(json_encode(array("error" => "Unauthorised")));
|
|
||||||
return $response->withStatus(401);
|
|
||||||
});
|
|
||||||
|
|
||||||
$app->get("/user/logout", function (Request $request, Response $response)
|
|
||||||
{
|
|
||||||
session_unset();
|
|
||||||
return $response;
|
|
||||||
});
|
|
||||||
|
|
||||||
$app->get("/user/isLoggedIn", function (Request $request, Response $response)
|
|
||||||
{
|
|
||||||
global $user;
|
|
||||||
|
|
||||||
if (empty($_SESSION["token"]) && empty($_SESSION["username"]))
|
|
||||||
{
|
|
||||||
// uh oh user not logged in
|
|
||||||
return $response->withStatus(401);
|
|
||||||
}
|
|
||||||
|
|
||||||
if (empty($_SESSION["token"]))
|
|
||||||
{
|
|
||||||
// user is logged in but no token was created
|
|
||||||
$_SESSION["token"] = $user->createToken($_SESSION["username"]);
|
|
||||||
return $response;
|
|
||||||
}
|
|
||||||
|
|
||||||
$response->getBody()->write(json_encode(array("token" => $_SESSION["token"])));
|
|
||||||
return $response;
|
|
||||||
|
|
||||||
});
|
|
||||||
|
|
||||||
$app->get("/user/checkResetEmail/{email}", function (Request $request, Response $response, array $args)
|
|
||||||
{
|
|
||||||
global $user;
|
|
||||||
|
|
||||||
if (empty($args["email"]))
|
|
||||||
{
|
|
||||||
// uh oh sent empty data
|
|
||||||
return $response->withStatus(400);
|
|
||||||
}
|
|
||||||
|
|
||||||
if ($user->checkEmail($args["email"]))
|
|
||||||
{
|
|
||||||
// yay email does exist
|
|
||||||
$_SESSION["resetToken"] = $user->sendResetEmail($args["email"]);
|
|
||||||
$_SESSION["resetEmail"] = $args["email"];
|
|
||||||
return $response;
|
|
||||||
}
|
|
||||||
return $response->withStatus(404);
|
|
||||||
});
|
|
||||||
|
|
||||||
$app->get("/user/resendEmail", function (Request $request, Response $response)
|
|
||||||
{
|
|
||||||
if (empty($_SESSION["resetToken"]))
|
|
||||||
{
|
|
||||||
// uh oh not authorized to resend email
|
|
||||||
return $response->withStatus(401);
|
|
||||||
}
|
|
||||||
global $user;
|
|
||||||
$_SESSION["resetToken"] = $user->sendResetEmail($_SESSION["resetEmail"]);
|
|
||||||
return $response;
|
|
||||||
});
|
|
||||||
|
|
||||||
$app->get("/user/checkResetCode/{code}", function (Request $request, Response $response, array $args)
|
|
||||||
{
|
|
||||||
if (empty($args["code"]))
|
|
||||||
{
|
|
||||||
// uh oh sent empty data
|
|
||||||
return $response->withStatus(400);
|
|
||||||
}
|
|
||||||
|
|
||||||
if ($_SESSION["resetToken"] === $args["code"])
|
|
||||||
{
|
|
||||||
// yay, code code matches
|
|
||||||
return $response;
|
|
||||||
}
|
|
||||||
|
|
||||||
return $response->withStatus(401);
|
|
||||||
});
|
|
||||||
|
|
||||||
$app->post("/user/changePassword", function (Request $request, Response $response)
|
|
||||||
{
|
|
||||||
global $user;
|
|
||||||
if (empty($_SESSION["resetToken"]) && empty($_SESSION["resetEmail"]))
|
|
||||||
{
|
|
||||||
// uh oh not authorized to change password
|
|
||||||
return $response->withStatus(401);
|
|
||||||
}
|
|
||||||
|
|
||||||
$data = $request->getParsedBody();
|
|
||||||
if (empty($data["password"]))
|
|
||||||
{
|
|
||||||
// uh oh sent empty data
|
|
||||||
return $response->withStatus(400);
|
|
||||||
}
|
|
||||||
|
|
||||||
if ($user->changePassword($_SESSION["resetEmail"], $data["password"]))
|
|
||||||
{
|
|
||||||
// yay, password changed
|
|
||||||
unset($_SESSION["resetToken"]);
|
|
||||||
unset($_SESSION["resetEmail"]);
|
|
||||||
return $response;
|
|
||||||
}
|
|
||||||
|
|
||||||
return $response->withStatus(500);
|
|
||||||
});
|
|
||||||
|
|
||||||
$app->run();
|
$app->run();
|
||||||
|
@ -1,9 +1,9 @@
|
|||||||
<?php
|
<?php
|
||||||
namespace api;
|
namespace api\project;
|
||||||
use PDO;
|
use PDO;
|
||||||
use Psr\Http\Message\UploadedFileInterface;
|
use Psr\Http\Message\UploadedFileInterface;
|
||||||
|
|
||||||
require_once "./config.php";
|
require_once __DIR__ . "/../utils/config.php";
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Project Data Class
|
* Project Data Class
|
142
dist/api/project/projectRoutes.php
vendored
Normal file
142
dist/api/project/projectRoutes.php
vendored
Normal file
@ -0,0 +1,142 @@
|
|||||||
|
<?php
|
||||||
|
namespace api\project;
|
||||||
|
require_once __DIR__ . "/../utils/routesInterface.php";
|
||||||
|
require_once "projectData.php";
|
||||||
|
|
||||||
|
use api\utils\routesInterface;
|
||||||
|
use Psr\Http\Message\ResponseInterface as Response;
|
||||||
|
use Psr\Http\Message\ServerRequestInterface as Request;
|
||||||
|
use Slim\App;
|
||||||
|
|
||||||
|
class projectRoutes implements routesInterface
|
||||||
|
{
|
||||||
|
private projectData $projectData;
|
||||||
|
public function __construct(App $app)
|
||||||
|
{
|
||||||
|
$this->projectData = new projectData();
|
||||||
|
$this->createRoutes($app);
|
||||||
|
}
|
||||||
|
public function createRoutes(App $app): void
|
||||||
|
{
|
||||||
|
$app->get("/projectData", function (Request $request, Response $response)
|
||||||
|
{
|
||||||
|
$result = $this->projectData->getProjectData();
|
||||||
|
|
||||||
|
$json = json_encode($result);
|
||||||
|
|
||||||
|
$response->getBody()->write($json);
|
||||||
|
|
||||||
|
if(array_key_exists("errorMessage", $result))
|
||||||
|
{
|
||||||
|
$response = $response->withStatus(404);
|
||||||
|
}
|
||||||
|
|
||||||
|
//use content type json to indicate json data on frontend.
|
||||||
|
return $response;
|
||||||
|
});
|
||||||
|
|
||||||
|
$app->patch("/projectData/{id}", function (Request $request, Response $response, array $args)
|
||||||
|
{
|
||||||
|
$data = $request->getParsedBody();
|
||||||
|
if ($args["id"] != "undefined")
|
||||||
|
{
|
||||||
|
if (empty($data["title"]) || empty($data["isMainProject"]) || empty($data["information"]) || empty($data["gitLink"]))
|
||||||
|
{
|
||||||
|
// uh oh sent some empty data
|
||||||
|
$response->getBody()->write(json_encode(array("error" => "Only some of the data was sent")));
|
||||||
|
return $response->withStatus(400);
|
||||||
|
}
|
||||||
|
|
||||||
|
$update = $this->projectData->updateProjectData($args["id"], $data["title"], $data["isMainProject"], $data["information"], $data["projectLink"], $data["gitLink"]);
|
||||||
|
|
||||||
|
if ($update === "unset main project")
|
||||||
|
{
|
||||||
|
// uh oh something went wrong
|
||||||
|
$response->getBody()->write(json_encode(array("error" => "Can't unset project as main project, try updating another project as the main project")));
|
||||||
|
return $response->withStatus(400);
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!$update)
|
||||||
|
{
|
||||||
|
// uh oh something went wrong
|
||||||
|
$response->getBody()->write(json_encode(array("error" => "Something went wrong")));
|
||||||
|
return $response->withStatus(500);
|
||||||
|
}
|
||||||
|
return $response;
|
||||||
|
}
|
||||||
|
|
||||||
|
$response->getBody()->write(json_encode(array("error" => "Please provide an ID")));
|
||||||
|
return $response->withStatus(400);
|
||||||
|
});
|
||||||
|
|
||||||
|
$app->delete("/projectData/{id}", function (Request $request, Response $response, array $args)
|
||||||
|
{
|
||||||
|
if ($args["id"] != null)
|
||||||
|
{
|
||||||
|
$message = $this->projectData->deleteProjectData($args["id"]);
|
||||||
|
if ($message === "error")
|
||||||
|
{
|
||||||
|
// uh oh something went wrong
|
||||||
|
$response->getBody()->write(json_encode(array("error" => "Something went wrong or the project with ID ".$args["id"]."does not exist")));
|
||||||
|
return $response->withStatus(500);
|
||||||
|
}
|
||||||
|
|
||||||
|
if ($message === "cannot delete")
|
||||||
|
{
|
||||||
|
//uh oh cannot delete the main project
|
||||||
|
$response->getBody()->write(json_encode(array("error" => "Cannot delete the main project")));
|
||||||
|
return $response->withStatus(409);
|
||||||
|
}
|
||||||
|
|
||||||
|
return $response;
|
||||||
|
}
|
||||||
|
|
||||||
|
$response->getBody()->write(json_encode(array("error" => "Please provide an ID")));
|
||||||
|
return $response->withStatus(400);
|
||||||
|
});
|
||||||
|
|
||||||
|
$app->post("/projectData", function (Request $request, Response $response)
|
||||||
|
{
|
||||||
|
$data = $request->getParsedBody();
|
||||||
|
if (empty($data["title"]) || empty($data["isMainProject"]) || empty($data["information"]) || empty($data["gitLink"]))
|
||||||
|
{
|
||||||
|
// uh oh sent some empty data
|
||||||
|
$response->getBody()->write(json_encode(array("error" => "Only some of the data was sent")));
|
||||||
|
return $response->withStatus(400);
|
||||||
|
}
|
||||||
|
|
||||||
|
$insertedID = $this->projectData->addProjectData($data["title"], $data["isMainProject"], $data["information"], $data["projectLink"], $data["gitLink"]);
|
||||||
|
if (!is_int($insertedID))
|
||||||
|
{
|
||||||
|
// uh oh something went wrong
|
||||||
|
$response->getBody()->write(json_encode(array("error" => "Something went wrong", "message" => $insertedID)));
|
||||||
|
return $response->withStatus(500);
|
||||||
|
}
|
||||||
|
|
||||||
|
$response->getBody()->write(json_encode(array("ID" => $insertedID)));
|
||||||
|
return $response;
|
||||||
|
});
|
||||||
|
|
||||||
|
$app->post("/projectImage/{id}", function (Request $request, Response $response, array $args)
|
||||||
|
{
|
||||||
|
$files = $request->getUploadedFiles();
|
||||||
|
if (empty($args["id"]) || empty($files))
|
||||||
|
{
|
||||||
|
// uh oh only some of the data was sent
|
||||||
|
$response->getBody()->write(json_encode(array("error" => "Only some of the data was sent")));
|
||||||
|
return $response->withStatus(400);
|
||||||
|
}
|
||||||
|
|
||||||
|
$message = $this->projectData->uploadImage($args["id"], $files["img"]);
|
||||||
|
if (!is_array($message))
|
||||||
|
{
|
||||||
|
// uh oh something went wrong
|
||||||
|
$response->getBody()->write(json_encode(array("error" => $message)));
|
||||||
|
return $response->withStatus(500);
|
||||||
|
}
|
||||||
|
|
||||||
|
$response->getBody()->write(json_encode($message));
|
||||||
|
return $response;
|
||||||
|
});
|
||||||
|
}
|
||||||
|
}
|
@ -1,10 +1,10 @@
|
|||||||
<?php
|
<?php
|
||||||
|
|
||||||
namespace api;
|
namespace api\timeline;
|
||||||
|
|
||||||
use PDO;
|
use PDO;
|
||||||
|
|
||||||
require_once "./config.php";
|
require_once __DIR__ . "/../utils/config.php";
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* TimelineData class
|
* TimelineData class
|
176
dist/api/timeline/timelineRoutes.php
vendored
Normal file
176
dist/api/timeline/timelineRoutes.php
vendored
Normal file
@ -0,0 +1,176 @@
|
|||||||
|
<?php
|
||||||
|
namespace api\timeline;
|
||||||
|
require_once __DIR__ . "/../utils/routesInterface.php";
|
||||||
|
require_once "timelineData.php";
|
||||||
|
|
||||||
|
use api\utils\routesInterface;
|
||||||
|
use Psr\Http\Message\ResponseInterface as Response;
|
||||||
|
use Psr\Http\Message\ServerRequestInterface as Request;
|
||||||
|
use Slim\App;
|
||||||
|
|
||||||
|
class timelineRoutes implements routesInterface
|
||||||
|
{
|
||||||
|
private timelineData $timelineData;
|
||||||
|
public function __construct(App $app)
|
||||||
|
{
|
||||||
|
$this->timelineData = new timelineData();
|
||||||
|
$this->createRoutes($app);
|
||||||
|
}
|
||||||
|
|
||||||
|
public function createRoutes(App $app): void
|
||||||
|
{
|
||||||
|
$app->get("/timelineData/{timeline}", function (Request $request, Response $response, array $args)
|
||||||
|
{
|
||||||
|
//check if route is available if it is get the data
|
||||||
|
//otherwise return an error
|
||||||
|
if($args["timeline"] == "edu")
|
||||||
|
{
|
||||||
|
$response->getBody()->write(json_encode($this->timelineData->getEduData()));
|
||||||
|
return $response;
|
||||||
|
}
|
||||||
|
|
||||||
|
if($args["timeline"] == "work")
|
||||||
|
{
|
||||||
|
$response->getBody()->write(json_encode($this->timelineData->getWorkData()));
|
||||||
|
return $response;
|
||||||
|
}
|
||||||
|
|
||||||
|
// something went wrong
|
||||||
|
$response->getBody()->write(json_encode(array("errorMessage" => "Error, timeline data not found")));
|
||||||
|
return $response->withStatus(404);
|
||||||
|
});
|
||||||
|
|
||||||
|
$app->patch("/timelineData/{timeline}/{id}", function (Request $request, Response $response, array $args)
|
||||||
|
{
|
||||||
|
$data = $request->getParsedBody();
|
||||||
|
if ($args["timeline"] == "edu" && $args["id"] != "undefined")
|
||||||
|
{
|
||||||
|
if (empty($data["dateFrom"]) || empty($data["dateTo"]) || empty($data["grade"]) || empty($data["course"]))
|
||||||
|
{
|
||||||
|
// uh oh sent some empty data
|
||||||
|
$response->getBody()->write(json_encode(array("error" => "Only some of the data was sent")));
|
||||||
|
return $response->withStatus(400);
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!$this->timelineData->updateEduData($data["dateFrom"], $data["dateTo"], $data["grade"], $data["course"], $args["id"]))
|
||||||
|
{
|
||||||
|
// uh oh something went wrong
|
||||||
|
$response->getBody()->write(json_encode(array("error" => "Something went wrong")));
|
||||||
|
return $response->withStatus(500);
|
||||||
|
}
|
||||||
|
|
||||||
|
$response->withStatus(201);
|
||||||
|
return $response;
|
||||||
|
}
|
||||||
|
|
||||||
|
if ($args["timeline"] == "work" && $args["id"] != "undefined")
|
||||||
|
{
|
||||||
|
if (empty($data["dateFrom"]) || empty($data["dateTo"]) || empty($data["companyName"]) || empty($data["area"]) || empty($data["title"]))
|
||||||
|
{
|
||||||
|
// uh oh sent some empty data
|
||||||
|
$response->getBody()->write(json_encode(array("error" => "Only some of the data was sent")));
|
||||||
|
return $response->withStatus(400);
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!$this->timelineData->updateWorkData($data["dateFrom"], $data["dateTo"], $data["companyName"], $data["area"], $data["title"], $args["id"]))
|
||||||
|
{
|
||||||
|
// uh oh something went wrong
|
||||||
|
$response->getBody()->write(json_encode(array("error" => "Something went wrong")));
|
||||||
|
return $response->withStatus(500);
|
||||||
|
}
|
||||||
|
|
||||||
|
$response->withStatus(201);
|
||||||
|
return $response;
|
||||||
|
}
|
||||||
|
|
||||||
|
$response->getBody()->write(json_encode(array("error" => "The correct data was not sent")));
|
||||||
|
return $response->withStatus(400);
|
||||||
|
});
|
||||||
|
|
||||||
|
$app->delete("/timelineData/{timeline}/{id}", function (Request $request, Response $response, array $args)
|
||||||
|
{
|
||||||
|
if ($args["timeline"] == "edu" && $args["id"] != null)
|
||||||
|
{
|
||||||
|
if (!$this->timelineData->deleteEduData($args["id"]))
|
||||||
|
{
|
||||||
|
// uh oh something went wrong
|
||||||
|
$response->getBody()->write(json_encode(array("error" => "Something went wrong")));
|
||||||
|
return $response->withStatus(500);
|
||||||
|
}
|
||||||
|
|
||||||
|
return $response;
|
||||||
|
}
|
||||||
|
|
||||||
|
if ($args["timeline"] == "work" && $args["id"] != null)
|
||||||
|
{
|
||||||
|
if (!$this->timelineData->deleteWorkData($args["id"]))
|
||||||
|
{
|
||||||
|
// uh oh something went wrong
|
||||||
|
$response->getBody()->write(json_encode(array("error" => "Something went wrong")));
|
||||||
|
return $response->withStatus(500);
|
||||||
|
}
|
||||||
|
|
||||||
|
return $response;
|
||||||
|
}
|
||||||
|
|
||||||
|
$response->getBody()->write(json_encode(array("error" => "The correct data was not sent")));
|
||||||
|
return $response->withStatus(400);
|
||||||
|
});
|
||||||
|
|
||||||
|
$app->post("/timelineData/{timeline}", function (Request $request, Response $response, array $args)
|
||||||
|
{
|
||||||
|
$data = $request->getParsedBody();
|
||||||
|
if ($args["timeline"] == "edu")
|
||||||
|
{
|
||||||
|
if (empty($data["dateFrom"]) || empty($data["dateTo"]) || empty($data["grade"]) || empty($data["course"]))
|
||||||
|
{
|
||||||
|
// uh oh sent some empty data
|
||||||
|
$response->getBody()->write(json_encode(array("error" => "Only some of the data was sent")));
|
||||||
|
return $response->withStatus(400);
|
||||||
|
}
|
||||||
|
|
||||||
|
$insertedID = $this->timelineData->addEduData($data["dateFrom"], $data["dateTo"], $data["grade"], $data["course"]);
|
||||||
|
if (!is_int($insertedID))
|
||||||
|
{
|
||||||
|
// uh oh something went wrong
|
||||||
|
$response->getBody()->write(json_encode(array("error" => "Something went wrong")));
|
||||||
|
return $response->withStatus(500);
|
||||||
|
}
|
||||||
|
|
||||||
|
$response->getBody()->write(json_encode(array("ID" => $insertedID)));
|
||||||
|
$response->withStatus(201);
|
||||||
|
return $response;
|
||||||
|
}
|
||||||
|
|
||||||
|
if ($args["timeline"] == "work")
|
||||||
|
{
|
||||||
|
if (empty($data["dateFrom"]) || empty($data["companyName"]) || empty($data["area"]) || empty($data["title"]))
|
||||||
|
{
|
||||||
|
// uh oh sent some empty data
|
||||||
|
$response->getBody()->write(json_encode(array("error" => "Only some of the data was sent")));
|
||||||
|
return $response->withStatus(400);
|
||||||
|
}
|
||||||
|
|
||||||
|
if (empty($data["dateTo"]))
|
||||||
|
{
|
||||||
|
$data["dateTo"] = "";
|
||||||
|
}
|
||||||
|
|
||||||
|
$insertedID = $this->timelineData->addWorkData($data["dateFrom"], $data["dateTo"], $data["companyName"], $data["area"], $data["title"]);
|
||||||
|
if (!is_int($insertedID))
|
||||||
|
{
|
||||||
|
// uh oh something went wrong
|
||||||
|
$response->getBody()->write(json_encode(array("error" => "Something went wrong")));
|
||||||
|
return $response->withStatus(500);
|
||||||
|
}
|
||||||
|
|
||||||
|
$response->getBody()->write(json_encode(array("ID" => $insertedID)));
|
||||||
|
$response->withStatus(201);
|
||||||
|
return $response;
|
||||||
|
}
|
||||||
|
|
||||||
|
$response->getBody()->write(json_encode(array("error" => "The correct data was not sent")));
|
||||||
|
return $response->withStatus(400);
|
||||||
|
});
|
||||||
|
}
|
||||||
|
}
|
4
dist/api/user.php → dist/api/user/user.php
vendored
4
dist/api/user.php → dist/api/user/user.php
vendored
@ -1,9 +1,9 @@
|
|||||||
<?php
|
<?php
|
||||||
namespace api;
|
namespace api\user;
|
||||||
use Firebase\JWT\JWT;
|
use Firebase\JWT\JWT;
|
||||||
use PDO;
|
use PDO;
|
||||||
|
|
||||||
require_once "./config.php";
|
require_once __DIR__ . "/../utils/config.php";
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* User Class
|
* User Class
|
16
src/api/user.php → dist/api/user/userData.php
vendored
16
src/api/user.php → dist/api/user/userData.php
vendored
@ -1,18 +1,18 @@
|
|||||||
<?php
|
<?php
|
||||||
namespace api;
|
namespace api\user;
|
||||||
use Firebase\JWT\JWT;
|
use Firebase\JWT\JWT;
|
||||||
use PDO;
|
use PDO;
|
||||||
|
|
||||||
require_once "./config.php";
|
require_once __DIR__ . "/../utils/config.php";
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* User Class
|
* User Class
|
||||||
* Define all functions which either check, update or delete user data
|
* Define all functions which either check, update or delete userData data
|
||||||
*/
|
*/
|
||||||
class user
|
class userData
|
||||||
{
|
{
|
||||||
/**
|
/**
|
||||||
* Check if user exists and can be logged in
|
* Check if userData exists and can be logged in
|
||||||
* @param $username string - Username
|
* @param $username string - Username
|
||||||
* @param $password string - Password
|
* @param $password string - Password
|
||||||
* @return bool - True if logged in, false if not
|
* @return bool - True if logged in, false if not
|
||||||
@ -80,8 +80,8 @@ class user
|
|||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Send a verification email to the user
|
* Send a verification email to the userData
|
||||||
* @param $email - email address of the user
|
* @param $email - email address of the userData
|
||||||
* @return string - verification code
|
* @return string - verification code
|
||||||
*/
|
*/
|
||||||
function sendResetEmail($email): string
|
function sendResetEmail($email): string
|
||||||
@ -97,7 +97,7 @@ class user
|
|||||||
<html lang='en'>
|
<html lang='en'>
|
||||||
<head>
|
<head>
|
||||||
<meta charset='UTF-8'>
|
<meta charset='UTF-8'>
|
||||||
<meta name='viewport' content='width=device-width, user-scalable=no, initial-scale=1.0, maximum-scale=1.0, minimum-scale=1.0'>
|
<meta name='viewport' content='width=device-width, userData-scalable=no, initial-scale=1.0, maximum-scale=1.0, minimum-scale=1.0'>
|
||||||
<meta http-equiv='X-UA-Compatible' content='ie=edge'>
|
<meta http-equiv='X-UA-Compatible' content='ie=edge'>
|
||||||
<title>Document</title>
|
<title>Document</title>
|
||||||
</head>
|
</head>
|
144
dist/api/user/userRoutes.php
vendored
Normal file
144
dist/api/user/userRoutes.php
vendored
Normal file
@ -0,0 +1,144 @@
|
|||||||
|
<?php
|
||||||
|
namespace api\user;
|
||||||
|
require_once __DIR__ . "/../utils/routesInterface.php";
|
||||||
|
require_once "userData.php";
|
||||||
|
|
||||||
|
use api\utils\routesInterface;
|
||||||
|
use Psr\Http\Message\ResponseInterface as Response;
|
||||||
|
use Psr\Http\Message\ServerRequestInterface as Request;
|
||||||
|
use Slim\App;
|
||||||
|
|
||||||
|
class userRoutes implements routesInterface
|
||||||
|
{
|
||||||
|
private userData $user;
|
||||||
|
public function __construct(App $app)
|
||||||
|
{
|
||||||
|
$this->user = new userData();
|
||||||
|
$this->createRoutes($app);
|
||||||
|
}
|
||||||
|
|
||||||
|
public function createRoutes(App $app): void
|
||||||
|
{
|
||||||
|
$app->post("/user/login", function (Request $request, Response $response)
|
||||||
|
{
|
||||||
|
// get request data
|
||||||
|
$data = $request->getParsedBody();
|
||||||
|
|
||||||
|
if (empty($data["username"]) || empty($data["password"]))
|
||||||
|
{
|
||||||
|
// uh oh userData sent empty data
|
||||||
|
return $response->withStatus(400);
|
||||||
|
}
|
||||||
|
|
||||||
|
if ($this->user->checkUser($data["username"], $data["password"]))
|
||||||
|
{
|
||||||
|
// yay, userData is logged in
|
||||||
|
$_SESSION["token"] = $this->user->createToken($data["username"]);
|
||||||
|
$_SESSION["username"] = $data["username"];
|
||||||
|
$response->getBody()->write(json_encode(array("token" => $_SESSION["token"])));
|
||||||
|
return $response;
|
||||||
|
}
|
||||||
|
$response->getBody()->write(json_encode(array("error" => "Unauthorised")));
|
||||||
|
return $response->withStatus(401);
|
||||||
|
});
|
||||||
|
|
||||||
|
$app->get("/user/logout", function (Request $request, Response $response)
|
||||||
|
{
|
||||||
|
session_unset();
|
||||||
|
return $response;
|
||||||
|
});
|
||||||
|
|
||||||
|
$app->get("/user/isLoggedIn", function (Request $request, Response $response)
|
||||||
|
{
|
||||||
|
if (empty($_SESSION["token"]) && empty($_SESSION["username"]))
|
||||||
|
{
|
||||||
|
// uh oh userData not logged in
|
||||||
|
return $response->withStatus(401);
|
||||||
|
}
|
||||||
|
|
||||||
|
if (empty($_SESSION["token"]))
|
||||||
|
{
|
||||||
|
// userData is logged in but no token was created
|
||||||
|
$_SESSION["token"] = $this->user->createToken($_SESSION["username"]);
|
||||||
|
return $response;
|
||||||
|
}
|
||||||
|
|
||||||
|
$response->getBody()->write(json_encode(array("token" => $_SESSION["token"])));
|
||||||
|
return $response;
|
||||||
|
|
||||||
|
});
|
||||||
|
|
||||||
|
$app->get("/user/checkResetEmail/{email}", function (Request $request, Response $response, array $args)
|
||||||
|
{
|
||||||
|
if (empty($args["email"]))
|
||||||
|
{
|
||||||
|
// uh oh sent empty data
|
||||||
|
return $response->withStatus(400);
|
||||||
|
}
|
||||||
|
|
||||||
|
if ($this->user->checkEmail($args["email"]))
|
||||||
|
{
|
||||||
|
// yay email does exist
|
||||||
|
$_SESSION["resetToken"] = $this->user->sendResetEmail($args["email"]);
|
||||||
|
$_SESSION["resetEmail"] = $args["email"];
|
||||||
|
return $response;
|
||||||
|
}
|
||||||
|
return $response->withStatus(404);
|
||||||
|
});
|
||||||
|
|
||||||
|
$app->get("/user/resendEmail", function (Request $request, Response $response)
|
||||||
|
{
|
||||||
|
if (empty($_SESSION["resetToken"]))
|
||||||
|
{
|
||||||
|
// uh oh not authorized to resend email
|
||||||
|
return $response->withStatus(401);
|
||||||
|
}
|
||||||
|
|
||||||
|
$_SESSION["resetToken"] = $this->user->sendResetEmail($_SESSION["resetEmail"]);
|
||||||
|
return $response;
|
||||||
|
});
|
||||||
|
|
||||||
|
$app->get("/user/checkResetCode/{code}", function (Request $request, Response $response, array $args)
|
||||||
|
{
|
||||||
|
if (empty($args["code"]))
|
||||||
|
{
|
||||||
|
// uh oh sent empty data
|
||||||
|
return $response->withStatus(400);
|
||||||
|
}
|
||||||
|
|
||||||
|
if ($_SESSION["resetToken"] === $args["code"])
|
||||||
|
{
|
||||||
|
// yay, code code matches
|
||||||
|
return $response;
|
||||||
|
}
|
||||||
|
|
||||||
|
return $response->withStatus(401);
|
||||||
|
});
|
||||||
|
|
||||||
|
$app->post("/user/changePassword", function (Request $request, Response $response)
|
||||||
|
{
|
||||||
|
if (empty($_SESSION["resetToken"]) && empty($_SESSION["resetEmail"]))
|
||||||
|
{
|
||||||
|
// uh oh not authorized to change password
|
||||||
|
return $response->withStatus(401);
|
||||||
|
}
|
||||||
|
|
||||||
|
$data = $request->getParsedBody();
|
||||||
|
if (empty($data["password"]))
|
||||||
|
{
|
||||||
|
// uh oh sent empty data
|
||||||
|
return $response->withStatus(400);
|
||||||
|
}
|
||||||
|
|
||||||
|
if ($this->user->changePassword($_SESSION["resetEmail"], $data["password"]))
|
||||||
|
{
|
||||||
|
// yay, password changed
|
||||||
|
unset($_SESSION["resetToken"]);
|
||||||
|
unset($_SESSION["resetEmail"]);
|
||||||
|
return $response;
|
||||||
|
}
|
||||||
|
|
||||||
|
return $response->withStatus(500);
|
||||||
|
});
|
||||||
|
}
|
||||||
|
}
|
@ -1,14 +1,14 @@
|
|||||||
<?php
|
<?php
|
||||||
// middleware
|
// middleware
|
||||||
namespace api;
|
namespace api\utils;
|
||||||
|
|
||||||
session_start();
|
session_start();
|
||||||
|
|
||||||
use Psr\Http\Message\ServerRequestInterface;
|
use Psr\Http\Message\ServerRequestInterface;
|
||||||
use Psr\Http\Server\RequestHandlerInterface;
|
use Psr\Http\Server\RequestHandlerInterface;
|
||||||
use Slim\App;
|
|
||||||
use Selective\SameSiteCookie\SameSiteCookieConfiguration;
|
use Selective\SameSiteCookie\SameSiteCookieConfiguration;
|
||||||
use Selective\SameSiteCookie\SameSiteCookieMiddleware;
|
use Selective\SameSiteCookie\SameSiteCookieMiddleware;
|
||||||
|
use Slim\App;
|
||||||
use Slim\Exception\HttpInternalServerErrorException;
|
use Slim\Exception\HttpInternalServerErrorException;
|
||||||
use Slim\Exception\HttpMethodNotAllowedException;
|
use Slim\Exception\HttpMethodNotAllowedException;
|
||||||
use Slim\Exception\HttpNotFoundException;
|
use Slim\Exception\HttpNotFoundException;
|
||||||
@ -80,7 +80,7 @@ class middleware
|
|||||||
"rules" => [
|
"rules" => [
|
||||||
new RequestPathRule([
|
new RequestPathRule([
|
||||||
"path" => ["/api/projectData", "/api/timelineData/[a-z]*", "/api/projectImage/[0-9]*", "/api/logout"],
|
"path" => ["/api/projectData", "/api/timelineData/[a-z]*", "/api/projectImage/[0-9]*", "/api/logout"],
|
||||||
"ignore" => ["/api/contact", "/api/user/login", "/api/user/changePassword"]
|
"ignore" => ["/api/contact", "/api/userData/login", "/api/userData/changePassword"]
|
||||||
]),
|
]),
|
||||||
new RequestMethodRule([
|
new RequestMethodRule([
|
||||||
"ignore" => ["OPTIONS", "GET"]
|
"ignore" => ["OPTIONS", "GET"]
|
10
dist/api/utils/routesInterface.php
vendored
Normal file
10
dist/api/utils/routesInterface.php
vendored
Normal file
@ -0,0 +1,10 @@
|
|||||||
|
<?php
|
||||||
|
|
||||||
|
namespace api\utils;
|
||||||
|
|
||||||
|
use Slim\App;
|
||||||
|
|
||||||
|
interface routesInterface
|
||||||
|
{
|
||||||
|
public function createRoutes(App $app): void;
|
||||||
|
}
|
@ -40,8 +40,8 @@ gulp.task("minifyJS", () =>
|
|||||||
|
|
||||||
gulp.task("movePHPFiles", () =>
|
gulp.task("movePHPFiles", () =>
|
||||||
{
|
{
|
||||||
return gulp.src("src/api/*.php")
|
return gulp.src("src/api/**/*.php")
|
||||||
.pipe(gulp.dest("dist/api"))
|
.pipe(gulp.dest("dist/api/"))
|
||||||
});
|
});
|
||||||
|
|
||||||
gulp.task("watchFiles", () =>
|
gulp.task("watchFiles", () =>
|
||||||
@ -49,7 +49,7 @@ gulp.task("watchFiles", () =>
|
|||||||
gulp.watch("src/**/*.html", gulp.task("minifyHTML"));
|
gulp.watch("src/**/*.html", gulp.task("minifyHTML"));
|
||||||
gulp.watch("src/**/*.css", gulp.task("minifyCSS"));
|
gulp.watch("src/**/*.css", gulp.task("minifyCSS"));
|
||||||
gulp.watch("src/**/*.js", gulp.task("minifyJS"));
|
gulp.watch("src/**/*.js", gulp.task("minifyJS"));
|
||||||
gulp.watch("src/api/*.php", gulp.task("movePHPFiles"))
|
gulp.watch("src/api/**/*.php", gulp.task("movePHPFiles"))
|
||||||
});
|
});
|
||||||
|
|
||||||
gulp.task("browserSync", () =>
|
gulp.task("browserSync", () =>
|
||||||
|
@ -1,9 +1,8 @@
|
|||||||
<?php
|
<?php
|
||||||
namespace api;
|
namespace api\blog;
|
||||||
use PDO;
|
use PDO;
|
||||||
use Psr\Http\Message\UploadedFileInterface;
|
|
||||||
|
|
||||||
require_once "./config.php";
|
require_once __DIR__ . "/../utils/config.php";
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Blog Data Class
|
* Blog Data Class
|
@ -1,28 +1,23 @@
|
|||||||
<?php
|
<?php
|
||||||
|
error_reporting(E_ALL);
|
||||||
|
ini_set('display_errors', 1);
|
||||||
////////////////// Index file //////////////
|
////////////////// Index file //////////////
|
||||||
/// Creates base routes and runs ///
|
/// Creates base routes and runs ///
|
||||||
/// respective functions ///
|
/// respective functions ///
|
||||||
////////////////////////////////////////////
|
////////////////////////////////////////////
|
||||||
//require “routes.php”;
|
|
||||||
require "../vendor/autoload.php";
|
require "../vendor/autoload.php";
|
||||||
include "middleware.php";
|
require "utils/middleware.php";
|
||||||
include "timelineData.php";
|
require "timeline/timelineRoutes.php";
|
||||||
include "projectData.php";
|
require "project/projectRoutes.php";
|
||||||
include "user.php";
|
require "user/userRoutes.php";
|
||||||
include "blogData.php";
|
|
||||||
|
|
||||||
use api\blogData;
|
use api\project\projectRoutes;
|
||||||
use api\middleware;
|
use api\timeline\timelineRoutes;
|
||||||
use api\projectData;
|
use api\user\userRoutes;
|
||||||
use api\timelineData;
|
use api\utils\middleware;
|
||||||
use api\user;
|
|
||||||
use Psr\Http\Message\ResponseInterface as Response;
|
use Psr\Http\Message\ResponseInterface as Response;
|
||||||
use Psr\Http\Message\ServerRequestInterface as Request;
|
use Psr\Http\Message\ServerRequestInterface as Request;
|
||||||
use Selective\SameSiteCookie\SameSiteCookieConfiguration;
|
|
||||||
use Selective\SameSiteCookie\SameSiteCookieMiddleware;
|
|
||||||
use Slim\Factory\AppFactory;
|
use Slim\Factory\AppFactory;
|
||||||
use Tuupola\Middleware\JwtAuthentication;
|
|
||||||
|
|
||||||
// Start slim
|
// Start slim
|
||||||
$app = AppFactory::create();
|
$app = AppFactory::create();
|
||||||
@ -33,297 +28,11 @@ $app->setBasePath("/api");
|
|||||||
// Add middleware
|
// Add middleware
|
||||||
new middleware($app);
|
new middleware($app);
|
||||||
|
|
||||||
$timelineData = new timelineData();
|
new timelineRoutes($app);
|
||||||
$projectData = new projectData();
|
new projectRoutes($app);
|
||||||
$blogData = new blogData();
|
new userRoutes($app);
|
||||||
$user = new user();
|
|
||||||
|
|
||||||
$app->get("/timelineData/{timeline}", function (Request $request, Response $response, array $args)
|
|
||||||
{
|
|
||||||
global $timelineData;
|
|
||||||
|
|
||||||
//check if route is available if it is get the data
|
|
||||||
//otherwise return an error
|
|
||||||
if($args["timeline"] == "edu")
|
|
||||||
{
|
|
||||||
$response->getBody()->write(json_encode($timelineData->getEduData()));
|
|
||||||
return $response;
|
|
||||||
}
|
|
||||||
|
|
||||||
if($args["timeline"] == "work")
|
|
||||||
{
|
|
||||||
$response->getBody()->write(json_encode($timelineData->getWorkData()));
|
|
||||||
return $response;
|
|
||||||
}
|
|
||||||
|
|
||||||
// something went wrong
|
|
||||||
$response->getBody()->write(json_encode(array("errorMessage" => "Error, timeline data not found")));
|
|
||||||
return $response->withStatus(404);
|
|
||||||
});
|
|
||||||
|
|
||||||
$app->patch("/timelineData/{timeline}/{id}", function (Request $request, Response $response, array $args)
|
|
||||||
{
|
|
||||||
global $timelineData;
|
|
||||||
$data = $request->getParsedBody();
|
|
||||||
if ($args["timeline"] == "edu" && $args["id"] != "undefined")
|
|
||||||
{
|
|
||||||
if (empty($data["dateFrom"]) || empty($data["dateTo"]) || empty($data["grade"]) || empty($data["course"]))
|
|
||||||
{
|
|
||||||
// uh oh sent some empty data
|
|
||||||
$response->getBody()->write(json_encode(array("error" => "Only some of the data was sent")));
|
|
||||||
return $response->withStatus(400);
|
|
||||||
}
|
|
||||||
|
|
||||||
if (!$timelineData->updateEduData($data["dateFrom"], $data["dateTo"], $data["grade"], $data["course"], $args["id"]))
|
|
||||||
{
|
|
||||||
// uh oh something went wrong
|
|
||||||
$response->getBody()->write(json_encode(array("error" => "Something went wrong")));
|
|
||||||
return $response->withStatus(500);
|
|
||||||
}
|
|
||||||
|
|
||||||
$response->withStatus(201);
|
|
||||||
return $response;
|
|
||||||
}
|
|
||||||
|
|
||||||
if ($args["timeline"] == "work" && $args["id"] != "undefined")
|
|
||||||
{
|
|
||||||
if (empty($data["dateFrom"]) || empty($data["dateTo"]) || empty($data["companyName"]) || empty($data["area"]) || empty($data["title"]))
|
|
||||||
{
|
|
||||||
// uh oh sent some empty data
|
|
||||||
$response->getBody()->write(json_encode(array("error" => "Only some of the data was sent")));
|
|
||||||
return $response->withStatus(400);
|
|
||||||
}
|
|
||||||
|
|
||||||
if (!$timelineData->updateWorkData($data["dateFrom"], $data["dateTo"], $data["companyName"], $data["area"], $data["title"], $args["id"]))
|
|
||||||
{
|
|
||||||
// uh oh something went wrong
|
|
||||||
$response->getBody()->write(json_encode(array("error" => "Something went wrong")));
|
|
||||||
return $response->withStatus(500);
|
|
||||||
}
|
|
||||||
|
|
||||||
$response->withStatus(201);
|
|
||||||
return $response;
|
|
||||||
}
|
|
||||||
|
|
||||||
$response->getBody()->write(json_encode(array("error" => "The correct data was not sent")));
|
|
||||||
return $response->withStatus(400);
|
|
||||||
});
|
|
||||||
|
|
||||||
$app->delete("/timelineData/{timeline}/{id}", function (Request $request, Response $response, array $args)
|
|
||||||
{
|
|
||||||
global $timelineData;
|
|
||||||
if ($args["timeline"] == "edu" && $args["id"] != null)
|
|
||||||
{
|
|
||||||
if (!$timelineData->deleteEduData($args["id"]))
|
|
||||||
{
|
|
||||||
// uh oh something went wrong
|
|
||||||
$response->getBody()->write(json_encode(array("error" => "Something went wrong")));
|
|
||||||
return $response->withStatus(500);
|
|
||||||
}
|
|
||||||
|
|
||||||
return $response;
|
|
||||||
}
|
|
||||||
|
|
||||||
if ($args["timeline"] == "work" && $args["id"] != null)
|
|
||||||
{
|
|
||||||
if (!$timelineData->deleteWorkData($args["id"]))
|
|
||||||
{
|
|
||||||
// uh oh something went wrong
|
|
||||||
$response->getBody()->write(json_encode(array("error" => "Something went wrong")));
|
|
||||||
return $response->withStatus(500);
|
|
||||||
}
|
|
||||||
|
|
||||||
return $response;
|
|
||||||
}
|
|
||||||
|
|
||||||
$response->getBody()->write(json_encode(array("error" => "The correct data was not sent")));
|
|
||||||
return $response->withStatus(400);
|
|
||||||
});
|
|
||||||
|
|
||||||
$app->post("/timelineData/{timeline}", function (Request $request, Response $response, array $args)
|
|
||||||
{
|
|
||||||
global $timelineData;
|
|
||||||
$data = $request->getParsedBody();
|
|
||||||
if ($args["timeline"] == "edu")
|
|
||||||
{
|
|
||||||
if (empty($data["dateFrom"]) || empty($data["dateTo"]) || empty($data["grade"]) || empty($data["course"]))
|
|
||||||
{
|
|
||||||
// uh oh sent some empty data
|
|
||||||
$response->getBody()->write(json_encode(array("error" => "Only some of the data was sent")));
|
|
||||||
return $response->withStatus(400);
|
|
||||||
}
|
|
||||||
|
|
||||||
$insertedID = $timelineData->addEduData($data["dateFrom"], $data["dateTo"], $data["grade"], $data["course"]);
|
|
||||||
if (!is_int($insertedID))
|
|
||||||
{
|
|
||||||
// uh oh something went wrong
|
|
||||||
$response->getBody()->write(json_encode(array("error" => "Something went wrong")));
|
|
||||||
return $response->withStatus(500);
|
|
||||||
}
|
|
||||||
|
|
||||||
$response->getBody()->write(json_encode(array("ID" => $insertedID)));
|
|
||||||
$response->withStatus(201);
|
|
||||||
return $response;
|
|
||||||
}
|
|
||||||
|
|
||||||
if ($args["timeline"] == "work")
|
|
||||||
{
|
|
||||||
if (empty($data["dateFrom"]) || empty($data["companyName"]) || empty($data["area"]) || empty($data["title"]))
|
|
||||||
{
|
|
||||||
// uh oh sent some empty data
|
|
||||||
$response->getBody()->write(json_encode(array("error" => "Only some of the data was sent")));
|
|
||||||
return $response->withStatus(400);
|
|
||||||
}
|
|
||||||
|
|
||||||
if (empty($data["dateTo"]))
|
|
||||||
{
|
|
||||||
$data["dateTo"] = "";
|
|
||||||
}
|
|
||||||
|
|
||||||
$insertedID = $timelineData->addWorkData($data["dateFrom"], $data["dateTo"], $data["companyName"], $data["area"], $data["title"]);
|
|
||||||
if (!is_int($insertedID))
|
|
||||||
{
|
|
||||||
// uh oh something went wrong
|
|
||||||
$response->getBody()->write(json_encode(array("error" => "Something went wrong")));
|
|
||||||
return $response->withStatus(500);
|
|
||||||
}
|
|
||||||
|
|
||||||
$response->getBody()->write(json_encode(array("ID" => $insertedID)));
|
|
||||||
$response->withStatus(201);
|
|
||||||
return $response;
|
|
||||||
}
|
|
||||||
|
|
||||||
$response->getBody()->write(json_encode(array("error" => "The correct data was not sent")));
|
|
||||||
return $response->withStatus(400);
|
|
||||||
});
|
|
||||||
|
|
||||||
$app->get("/projectData", function (Request $request, Response $response)
|
|
||||||
{
|
|
||||||
global $projectData;
|
|
||||||
|
|
||||||
$result = $projectData->getProjectData();
|
|
||||||
|
|
||||||
$json = json_encode($result);
|
|
||||||
|
|
||||||
$response->getBody()->write($json);
|
|
||||||
|
|
||||||
if(array_key_exists("errorMessage", $result))
|
|
||||||
{
|
|
||||||
$response = $response->withStatus(404);
|
|
||||||
}
|
|
||||||
|
|
||||||
//use content type json to indicate json data on frontend.
|
|
||||||
return $response;
|
|
||||||
});
|
|
||||||
|
|
||||||
$app->patch("/projectData/{id}", function (Request $request, Response $response, array $args)
|
|
||||||
{
|
|
||||||
global $projectData;
|
|
||||||
$data = $request->getParsedBody();
|
|
||||||
if ($args["id"] != "undefined")
|
|
||||||
{
|
|
||||||
if (empty($data["title"]) || empty($data["isMainProject"]) || empty($data["information"]) || empty($data["gitLink"]))
|
|
||||||
{
|
|
||||||
// uh oh sent some empty data
|
|
||||||
$response->getBody()->write(json_encode(array("error" => "Only some of the data was sent")));
|
|
||||||
return $response->withStatus(400);
|
|
||||||
}
|
|
||||||
|
|
||||||
$update = $projectData->updateProjectData($args["id"], $data["title"], $data["isMainProject"], $data["information"], $data["projectLink"], $data["gitLink"]);
|
|
||||||
|
|
||||||
if ($update === "unset main project")
|
|
||||||
{
|
|
||||||
// uh oh something went wrong
|
|
||||||
$response->getBody()->write(json_encode(array("error" => "Can't unset project as main project, try updating another project as the main project")));
|
|
||||||
return $response->withStatus(400);
|
|
||||||
}
|
|
||||||
|
|
||||||
if (!$update)
|
|
||||||
{
|
|
||||||
// uh oh something went wrong
|
|
||||||
$response->getBody()->write(json_encode(array("error" => "Something went wrong")));
|
|
||||||
return $response->withStatus(500);
|
|
||||||
}
|
|
||||||
return $response;
|
|
||||||
}
|
|
||||||
|
|
||||||
$response->getBody()->write(json_encode(array("error" => "Please provide an ID")));
|
|
||||||
return $response->withStatus(400);
|
|
||||||
});
|
|
||||||
|
|
||||||
$app->delete("/projectData/{id}", function (Request $request, Response $response, array $args)
|
|
||||||
{
|
|
||||||
global $projectData;
|
|
||||||
if ($args["id"] != null)
|
|
||||||
{
|
|
||||||
$message = $projectData->deleteProjectData($args["id"]);
|
|
||||||
if ($message === "error")
|
|
||||||
{
|
|
||||||
// uh oh something went wrong
|
|
||||||
$response->getBody()->write(json_encode(array("error" => "Something went wrong or the project with ID ".$args["id"]."does not exist")));
|
|
||||||
return $response->withStatus(500);
|
|
||||||
}
|
|
||||||
|
|
||||||
if ($message === "cannot delete")
|
|
||||||
{
|
|
||||||
//uh oh cannot delete the main project
|
|
||||||
$response->getBody()->write(json_encode(array("error" => "Cannot delete the main project")));
|
|
||||||
return $response->withStatus(409);
|
|
||||||
}
|
|
||||||
|
|
||||||
return $response;
|
|
||||||
}
|
|
||||||
|
|
||||||
$response->getBody()->write(json_encode(array("error" => "Please provide an ID")));
|
|
||||||
return $response->withStatus(400);
|
|
||||||
});
|
|
||||||
|
|
||||||
$app->post("/projectData", function (Request $request, Response $response)
|
|
||||||
{
|
|
||||||
global $projectData;
|
|
||||||
$data = $request->getParsedBody();
|
|
||||||
if (empty($data["title"]) || empty($data["isMainProject"]) || empty($data["information"]) || empty($data["gitLink"]))
|
|
||||||
{
|
|
||||||
// uh oh sent some empty data
|
|
||||||
$response->getBody()->write(json_encode(array("error" => "Only some of the data was sent")));
|
|
||||||
return $response->withStatus(400);
|
|
||||||
}
|
|
||||||
|
|
||||||
$insertedID = $projectData->addProjectData($data["title"], $data["isMainProject"], $data["information"], $data["projectLink"], $data["gitLink"]);
|
|
||||||
if (!is_int($insertedID))
|
|
||||||
{
|
|
||||||
// uh oh something went wrong
|
|
||||||
$response->getBody()->write(json_encode(array("error" => "Something went wrong", "message" => $insertedID)));
|
|
||||||
return $response->withStatus(500);
|
|
||||||
}
|
|
||||||
|
|
||||||
$response->getBody()->write(json_encode(array("ID" => $insertedID)));
|
|
||||||
return $response;
|
|
||||||
});
|
|
||||||
|
|
||||||
$app->post("/projectImage/{id}", function (Request $request, Response $response, array $args)
|
|
||||||
{
|
|
||||||
global $projectData;
|
|
||||||
$files = $request->getUploadedFiles();
|
|
||||||
if (empty($args["id"]) || empty($files))
|
|
||||||
{
|
|
||||||
// uh oh only some of the data was sent
|
|
||||||
$response->getBody()->write(json_encode(array("error" => "Only some of the data was sent")));
|
|
||||||
return $response->withStatus(400);
|
|
||||||
}
|
|
||||||
|
|
||||||
$message = $projectData->uploadImage($args["id"], $files["img"]);
|
|
||||||
if (!is_array($message))
|
|
||||||
{
|
|
||||||
// uh oh something went wrong
|
|
||||||
$response->getBody()->write(json_encode(array("error" => $message)));
|
|
||||||
return $response->withStatus(500);
|
|
||||||
}
|
|
||||||
|
|
||||||
$response->getBody()->write(json_encode($message));
|
|
||||||
return $response;
|
|
||||||
});
|
|
||||||
|
|
||||||
|
// misc routes
|
||||||
$app->post("/contact", function (Request $request, Response $response)
|
$app->post("/contact", function (Request $request, Response $response)
|
||||||
{
|
{
|
||||||
$data = $request->getParsedBody();
|
$data = $request->getParsedBody();
|
||||||
@ -497,134 +206,4 @@ $app->post("/contact", function (Request $request, Response $response)
|
|||||||
return $response->withStatus(201);
|
return $response->withStatus(201);
|
||||||
});
|
});
|
||||||
|
|
||||||
$app->post("/user/login", function (Request $request, Response $response)
|
|
||||||
{
|
|
||||||
|
|
||||||
global $user;
|
|
||||||
|
|
||||||
// get request data
|
|
||||||
$data = $request->getParsedBody();
|
|
||||||
|
|
||||||
if (empty($data["username"]) || empty($data["password"]))
|
|
||||||
{
|
|
||||||
// uh oh user sent empty data
|
|
||||||
return $response->withStatus(400);
|
|
||||||
}
|
|
||||||
|
|
||||||
if ($user->checkUser($data["username"], $data["password"]))
|
|
||||||
{
|
|
||||||
// yay, user is logged in
|
|
||||||
$_SESSION["token"] = $user->createToken($data["username"]);
|
|
||||||
$_SESSION["username"] = $data["username"];
|
|
||||||
$response->getBody()->write(json_encode(array("token" => $_SESSION["token"])));
|
|
||||||
return $response;
|
|
||||||
}
|
|
||||||
$response->getBody()->write(json_encode(array("error" => "Unauthorised")));
|
|
||||||
return $response->withStatus(401);
|
|
||||||
});
|
|
||||||
|
|
||||||
$app->get("/user/logout", function (Request $request, Response $response)
|
|
||||||
{
|
|
||||||
session_unset();
|
|
||||||
return $response;
|
|
||||||
});
|
|
||||||
|
|
||||||
$app->get("/user/isLoggedIn", function (Request $request, Response $response)
|
|
||||||
{
|
|
||||||
global $user;
|
|
||||||
|
|
||||||
if (empty($_SESSION["token"]) && empty($_SESSION["username"]))
|
|
||||||
{
|
|
||||||
// uh oh user not logged in
|
|
||||||
return $response->withStatus(401);
|
|
||||||
}
|
|
||||||
|
|
||||||
if (empty($_SESSION["token"]))
|
|
||||||
{
|
|
||||||
// user is logged in but no token was created
|
|
||||||
$_SESSION["token"] = $user->createToken($_SESSION["username"]);
|
|
||||||
return $response;
|
|
||||||
}
|
|
||||||
|
|
||||||
$response->getBody()->write(json_encode(array("token" => $_SESSION["token"])));
|
|
||||||
return $response;
|
|
||||||
|
|
||||||
});
|
|
||||||
|
|
||||||
$app->get("/user/checkResetEmail/{email}", function (Request $request, Response $response, array $args)
|
|
||||||
{
|
|
||||||
global $user;
|
|
||||||
|
|
||||||
if (empty($args["email"]))
|
|
||||||
{
|
|
||||||
// uh oh sent empty data
|
|
||||||
return $response->withStatus(400);
|
|
||||||
}
|
|
||||||
|
|
||||||
if ($user->checkEmail($args["email"]))
|
|
||||||
{
|
|
||||||
// yay email does exist
|
|
||||||
$_SESSION["resetToken"] = $user->sendResetEmail($args["email"]);
|
|
||||||
$_SESSION["resetEmail"] = $args["email"];
|
|
||||||
return $response;
|
|
||||||
}
|
|
||||||
return $response->withStatus(404);
|
|
||||||
});
|
|
||||||
|
|
||||||
$app->get("/user/resendEmail", function (Request $request, Response $response)
|
|
||||||
{
|
|
||||||
if (empty($_SESSION["resetToken"]))
|
|
||||||
{
|
|
||||||
// uh oh not authorized to resend email
|
|
||||||
return $response->withStatus(401);
|
|
||||||
}
|
|
||||||
global $user;
|
|
||||||
$_SESSION["resetToken"] = $user->sendResetEmail($_SESSION["resetEmail"]);
|
|
||||||
return $response;
|
|
||||||
});
|
|
||||||
|
|
||||||
$app->get("/user/checkResetCode/{code}", function (Request $request, Response $response, array $args)
|
|
||||||
{
|
|
||||||
if (empty($args["code"]))
|
|
||||||
{
|
|
||||||
// uh oh sent empty data
|
|
||||||
return $response->withStatus(400);
|
|
||||||
}
|
|
||||||
|
|
||||||
if ($_SESSION["resetToken"] === $args["code"])
|
|
||||||
{
|
|
||||||
// yay, code code matches
|
|
||||||
return $response;
|
|
||||||
}
|
|
||||||
|
|
||||||
return $response->withStatus(401);
|
|
||||||
});
|
|
||||||
|
|
||||||
$app->post("/user/changePassword", function (Request $request, Response $response)
|
|
||||||
{
|
|
||||||
global $user;
|
|
||||||
if (empty($_SESSION["resetToken"]) && empty($_SESSION["resetEmail"]))
|
|
||||||
{
|
|
||||||
// uh oh not authorized to change password
|
|
||||||
return $response->withStatus(401);
|
|
||||||
}
|
|
||||||
|
|
||||||
$data = $request->getParsedBody();
|
|
||||||
if (empty($data["password"]))
|
|
||||||
{
|
|
||||||
// uh oh sent empty data
|
|
||||||
return $response->withStatus(400);
|
|
||||||
}
|
|
||||||
|
|
||||||
if ($user->changePassword($_SESSION["resetEmail"], $data["password"]))
|
|
||||||
{
|
|
||||||
// yay, password changed
|
|
||||||
unset($_SESSION["resetToken"]);
|
|
||||||
unset($_SESSION["resetEmail"]);
|
|
||||||
return $response;
|
|
||||||
}
|
|
||||||
|
|
||||||
return $response->withStatus(500);
|
|
||||||
});
|
|
||||||
|
|
||||||
$app->run();
|
$app->run();
|
||||||
|
@ -1,9 +1,9 @@
|
|||||||
<?php
|
<?php
|
||||||
namespace api;
|
namespace api\project;
|
||||||
use PDO;
|
use PDO;
|
||||||
use Psr\Http\Message\UploadedFileInterface;
|
use Psr\Http\Message\UploadedFileInterface;
|
||||||
|
|
||||||
require_once "./config.php";
|
require_once __DIR__ . "/../utils/config.php";
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Project Data Class
|
* Project Data Class
|
142
src/api/project/projectRoutes.php
Normal file
142
src/api/project/projectRoutes.php
Normal file
@ -0,0 +1,142 @@
|
|||||||
|
<?php
|
||||||
|
namespace api\project;
|
||||||
|
require_once __DIR__ . "/../utils/routesInterface.php";
|
||||||
|
require_once "projectData.php";
|
||||||
|
|
||||||
|
use api\utils\routesInterface;
|
||||||
|
use Psr\Http\Message\ResponseInterface as Response;
|
||||||
|
use Psr\Http\Message\ServerRequestInterface as Request;
|
||||||
|
use Slim\App;
|
||||||
|
|
||||||
|
class projectRoutes implements routesInterface
|
||||||
|
{
|
||||||
|
private projectData $projectData;
|
||||||
|
public function __construct(App $app)
|
||||||
|
{
|
||||||
|
$this->projectData = new projectData();
|
||||||
|
$this->createRoutes($app);
|
||||||
|
}
|
||||||
|
public function createRoutes(App $app): void
|
||||||
|
{
|
||||||
|
$app->get("/projectData", function (Request $request, Response $response)
|
||||||
|
{
|
||||||
|
$result = $this->projectData->getProjectData();
|
||||||
|
|
||||||
|
$json = json_encode($result);
|
||||||
|
|
||||||
|
$response->getBody()->write($json);
|
||||||
|
|
||||||
|
if(array_key_exists("errorMessage", $result))
|
||||||
|
{
|
||||||
|
$response = $response->withStatus(404);
|
||||||
|
}
|
||||||
|
|
||||||
|
//use content type json to indicate json data on frontend.
|
||||||
|
return $response;
|
||||||
|
});
|
||||||
|
|
||||||
|
$app->patch("/projectData/{id}", function (Request $request, Response $response, array $args)
|
||||||
|
{
|
||||||
|
$data = $request->getParsedBody();
|
||||||
|
if ($args["id"] != "undefined")
|
||||||
|
{
|
||||||
|
if (empty($data["title"]) || empty($data["isMainProject"]) || empty($data["information"]) || empty($data["gitLink"]))
|
||||||
|
{
|
||||||
|
// uh oh sent some empty data
|
||||||
|
$response->getBody()->write(json_encode(array("error" => "Only some of the data was sent")));
|
||||||
|
return $response->withStatus(400);
|
||||||
|
}
|
||||||
|
|
||||||
|
$update = $this->projectData->updateProjectData($args["id"], $data["title"], $data["isMainProject"], $data["information"], $data["projectLink"], $data["gitLink"]);
|
||||||
|
|
||||||
|
if ($update === "unset main project")
|
||||||
|
{
|
||||||
|
// uh oh something went wrong
|
||||||
|
$response->getBody()->write(json_encode(array("error" => "Can't unset project as main project, try updating another project as the main project")));
|
||||||
|
return $response->withStatus(400);
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!$update)
|
||||||
|
{
|
||||||
|
// uh oh something went wrong
|
||||||
|
$response->getBody()->write(json_encode(array("error" => "Something went wrong")));
|
||||||
|
return $response->withStatus(500);
|
||||||
|
}
|
||||||
|
return $response;
|
||||||
|
}
|
||||||
|
|
||||||
|
$response->getBody()->write(json_encode(array("error" => "Please provide an ID")));
|
||||||
|
return $response->withStatus(400);
|
||||||
|
});
|
||||||
|
|
||||||
|
$app->delete("/projectData/{id}", function (Request $request, Response $response, array $args)
|
||||||
|
{
|
||||||
|
if ($args["id"] != null)
|
||||||
|
{
|
||||||
|
$message = $this->projectData->deleteProjectData($args["id"]);
|
||||||
|
if ($message === "error")
|
||||||
|
{
|
||||||
|
// uh oh something went wrong
|
||||||
|
$response->getBody()->write(json_encode(array("error" => "Something went wrong or the project with ID ".$args["id"]."does not exist")));
|
||||||
|
return $response->withStatus(500);
|
||||||
|
}
|
||||||
|
|
||||||
|
if ($message === "cannot delete")
|
||||||
|
{
|
||||||
|
//uh oh cannot delete the main project
|
||||||
|
$response->getBody()->write(json_encode(array("error" => "Cannot delete the main project")));
|
||||||
|
return $response->withStatus(409);
|
||||||
|
}
|
||||||
|
|
||||||
|
return $response;
|
||||||
|
}
|
||||||
|
|
||||||
|
$response->getBody()->write(json_encode(array("error" => "Please provide an ID")));
|
||||||
|
return $response->withStatus(400);
|
||||||
|
});
|
||||||
|
|
||||||
|
$app->post("/projectData", function (Request $request, Response $response)
|
||||||
|
{
|
||||||
|
$data = $request->getParsedBody();
|
||||||
|
if (empty($data["title"]) || empty($data["isMainProject"]) || empty($data["information"]) || empty($data["gitLink"]))
|
||||||
|
{
|
||||||
|
// uh oh sent some empty data
|
||||||
|
$response->getBody()->write(json_encode(array("error" => "Only some of the data was sent")));
|
||||||
|
return $response->withStatus(400);
|
||||||
|
}
|
||||||
|
|
||||||
|
$insertedID = $this->projectData->addProjectData($data["title"], $data["isMainProject"], $data["information"], $data["projectLink"], $data["gitLink"]);
|
||||||
|
if (!is_int($insertedID))
|
||||||
|
{
|
||||||
|
// uh oh something went wrong
|
||||||
|
$response->getBody()->write(json_encode(array("error" => "Something went wrong", "message" => $insertedID)));
|
||||||
|
return $response->withStatus(500);
|
||||||
|
}
|
||||||
|
|
||||||
|
$response->getBody()->write(json_encode(array("ID" => $insertedID)));
|
||||||
|
return $response;
|
||||||
|
});
|
||||||
|
|
||||||
|
$app->post("/projectImage/{id}", function (Request $request, Response $response, array $args)
|
||||||
|
{
|
||||||
|
$files = $request->getUploadedFiles();
|
||||||
|
if (empty($args["id"]) || empty($files))
|
||||||
|
{
|
||||||
|
// uh oh only some of the data was sent
|
||||||
|
$response->getBody()->write(json_encode(array("error" => "Only some of the data was sent")));
|
||||||
|
return $response->withStatus(400);
|
||||||
|
}
|
||||||
|
|
||||||
|
$message = $this->projectData->uploadImage($args["id"], $files["img"]);
|
||||||
|
if (!is_array($message))
|
||||||
|
{
|
||||||
|
// uh oh something went wrong
|
||||||
|
$response->getBody()->write(json_encode(array("error" => $message)));
|
||||||
|
return $response->withStatus(500);
|
||||||
|
}
|
||||||
|
|
||||||
|
$response->getBody()->write(json_encode($message));
|
||||||
|
return $response;
|
||||||
|
});
|
||||||
|
}
|
||||||
|
}
|
@ -1,10 +1,10 @@
|
|||||||
<?php
|
<?php
|
||||||
|
|
||||||
namespace api;
|
namespace api\timeline;
|
||||||
|
|
||||||
use PDO;
|
use PDO;
|
||||||
|
|
||||||
require_once "./config.php";
|
require_once __DIR__ . "/../utils/config.php";
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* TimelineData class
|
* TimelineData class
|
176
src/api/timeline/timelineRoutes.php
Normal file
176
src/api/timeline/timelineRoutes.php
Normal file
@ -0,0 +1,176 @@
|
|||||||
|
<?php
|
||||||
|
namespace api\timeline;
|
||||||
|
require_once __DIR__ . "/../utils/routesInterface.php";
|
||||||
|
require_once "timelineData.php";
|
||||||
|
|
||||||
|
use api\utils\routesInterface;
|
||||||
|
use Psr\Http\Message\ResponseInterface as Response;
|
||||||
|
use Psr\Http\Message\ServerRequestInterface as Request;
|
||||||
|
use Slim\App;
|
||||||
|
|
||||||
|
class timelineRoutes implements routesInterface
|
||||||
|
{
|
||||||
|
private timelineData $timelineData;
|
||||||
|
public function __construct(App $app)
|
||||||
|
{
|
||||||
|
$this->timelineData = new timelineData();
|
||||||
|
$this->createRoutes($app);
|
||||||
|
}
|
||||||
|
|
||||||
|
public function createRoutes(App $app): void
|
||||||
|
{
|
||||||
|
$app->get("/timelineData/{timeline}", function (Request $request, Response $response, array $args)
|
||||||
|
{
|
||||||
|
//check if route is available if it is get the data
|
||||||
|
//otherwise return an error
|
||||||
|
if($args["timeline"] == "edu")
|
||||||
|
{
|
||||||
|
$response->getBody()->write(json_encode($this->timelineData->getEduData()));
|
||||||
|
return $response;
|
||||||
|
}
|
||||||
|
|
||||||
|
if($args["timeline"] == "work")
|
||||||
|
{
|
||||||
|
$response->getBody()->write(json_encode($this->timelineData->getWorkData()));
|
||||||
|
return $response;
|
||||||
|
}
|
||||||
|
|
||||||
|
// something went wrong
|
||||||
|
$response->getBody()->write(json_encode(array("errorMessage" => "Error, timeline data not found")));
|
||||||
|
return $response->withStatus(404);
|
||||||
|
});
|
||||||
|
|
||||||
|
$app->patch("/timelineData/{timeline}/{id}", function (Request $request, Response $response, array $args)
|
||||||
|
{
|
||||||
|
$data = $request->getParsedBody();
|
||||||
|
if ($args["timeline"] == "edu" && $args["id"] != "undefined")
|
||||||
|
{
|
||||||
|
if (empty($data["dateFrom"]) || empty($data["dateTo"]) || empty($data["grade"]) || empty($data["course"]))
|
||||||
|
{
|
||||||
|
// uh oh sent some empty data
|
||||||
|
$response->getBody()->write(json_encode(array("error" => "Only some of the data was sent")));
|
||||||
|
return $response->withStatus(400);
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!$this->timelineData->updateEduData($data["dateFrom"], $data["dateTo"], $data["grade"], $data["course"], $args["id"]))
|
||||||
|
{
|
||||||
|
// uh oh something went wrong
|
||||||
|
$response->getBody()->write(json_encode(array("error" => "Something went wrong")));
|
||||||
|
return $response->withStatus(500);
|
||||||
|
}
|
||||||
|
|
||||||
|
$response->withStatus(201);
|
||||||
|
return $response;
|
||||||
|
}
|
||||||
|
|
||||||
|
if ($args["timeline"] == "work" && $args["id"] != "undefined")
|
||||||
|
{
|
||||||
|
if (empty($data["dateFrom"]) || empty($data["dateTo"]) || empty($data["companyName"]) || empty($data["area"]) || empty($data["title"]))
|
||||||
|
{
|
||||||
|
// uh oh sent some empty data
|
||||||
|
$response->getBody()->write(json_encode(array("error" => "Only some of the data was sent")));
|
||||||
|
return $response->withStatus(400);
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!$this->timelineData->updateWorkData($data["dateFrom"], $data["dateTo"], $data["companyName"], $data["area"], $data["title"], $args["id"]))
|
||||||
|
{
|
||||||
|
// uh oh something went wrong
|
||||||
|
$response->getBody()->write(json_encode(array("error" => "Something went wrong")));
|
||||||
|
return $response->withStatus(500);
|
||||||
|
}
|
||||||
|
|
||||||
|
$response->withStatus(201);
|
||||||
|
return $response;
|
||||||
|
}
|
||||||
|
|
||||||
|
$response->getBody()->write(json_encode(array("error" => "The correct data was not sent")));
|
||||||
|
return $response->withStatus(400);
|
||||||
|
});
|
||||||
|
|
||||||
|
$app->delete("/timelineData/{timeline}/{id}", function (Request $request, Response $response, array $args)
|
||||||
|
{
|
||||||
|
if ($args["timeline"] == "edu" && $args["id"] != null)
|
||||||
|
{
|
||||||
|
if (!$this->timelineData->deleteEduData($args["id"]))
|
||||||
|
{
|
||||||
|
// uh oh something went wrong
|
||||||
|
$response->getBody()->write(json_encode(array("error" => "Something went wrong")));
|
||||||
|
return $response->withStatus(500);
|
||||||
|
}
|
||||||
|
|
||||||
|
return $response;
|
||||||
|
}
|
||||||
|
|
||||||
|
if ($args["timeline"] == "work" && $args["id"] != null)
|
||||||
|
{
|
||||||
|
if (!$this->timelineData->deleteWorkData($args["id"]))
|
||||||
|
{
|
||||||
|
// uh oh something went wrong
|
||||||
|
$response->getBody()->write(json_encode(array("error" => "Something went wrong")));
|
||||||
|
return $response->withStatus(500);
|
||||||
|
}
|
||||||
|
|
||||||
|
return $response;
|
||||||
|
}
|
||||||
|
|
||||||
|
$response->getBody()->write(json_encode(array("error" => "The correct data was not sent")));
|
||||||
|
return $response->withStatus(400);
|
||||||
|
});
|
||||||
|
|
||||||
|
$app->post("/timelineData/{timeline}", function (Request $request, Response $response, array $args)
|
||||||
|
{
|
||||||
|
$data = $request->getParsedBody();
|
||||||
|
if ($args["timeline"] == "edu")
|
||||||
|
{
|
||||||
|
if (empty($data["dateFrom"]) || empty($data["dateTo"]) || empty($data["grade"]) || empty($data["course"]))
|
||||||
|
{
|
||||||
|
// uh oh sent some empty data
|
||||||
|
$response->getBody()->write(json_encode(array("error" => "Only some of the data was sent")));
|
||||||
|
return $response->withStatus(400);
|
||||||
|
}
|
||||||
|
|
||||||
|
$insertedID = $this->timelineData->addEduData($data["dateFrom"], $data["dateTo"], $data["grade"], $data["course"]);
|
||||||
|
if (!is_int($insertedID))
|
||||||
|
{
|
||||||
|
// uh oh something went wrong
|
||||||
|
$response->getBody()->write(json_encode(array("error" => "Something went wrong")));
|
||||||
|
return $response->withStatus(500);
|
||||||
|
}
|
||||||
|
|
||||||
|
$response->getBody()->write(json_encode(array("ID" => $insertedID)));
|
||||||
|
$response->withStatus(201);
|
||||||
|
return $response;
|
||||||
|
}
|
||||||
|
|
||||||
|
if ($args["timeline"] == "work")
|
||||||
|
{
|
||||||
|
if (empty($data["dateFrom"]) || empty($data["companyName"]) || empty($data["area"]) || empty($data["title"]))
|
||||||
|
{
|
||||||
|
// uh oh sent some empty data
|
||||||
|
$response->getBody()->write(json_encode(array("error" => "Only some of the data was sent")));
|
||||||
|
return $response->withStatus(400);
|
||||||
|
}
|
||||||
|
|
||||||
|
if (empty($data["dateTo"]))
|
||||||
|
{
|
||||||
|
$data["dateTo"] = "";
|
||||||
|
}
|
||||||
|
|
||||||
|
$insertedID = $this->timelineData->addWorkData($data["dateFrom"], $data["dateTo"], $data["companyName"], $data["area"], $data["title"]);
|
||||||
|
if (!is_int($insertedID))
|
||||||
|
{
|
||||||
|
// uh oh something went wrong
|
||||||
|
$response->getBody()->write(json_encode(array("error" => "Something went wrong")));
|
||||||
|
return $response->withStatus(500);
|
||||||
|
}
|
||||||
|
|
||||||
|
$response->getBody()->write(json_encode(array("ID" => $insertedID)));
|
||||||
|
$response->withStatus(201);
|
||||||
|
return $response;
|
||||||
|
}
|
||||||
|
|
||||||
|
$response->getBody()->write(json_encode(array("error" => "The correct data was not sent")));
|
||||||
|
return $response->withStatus(400);
|
||||||
|
});
|
||||||
|
}
|
||||||
|
}
|
138
src/api/user/userData.php
Normal file
138
src/api/user/userData.php
Normal file
@ -0,0 +1,138 @@
|
|||||||
|
<?php
|
||||||
|
namespace api\user;
|
||||||
|
use Firebase\JWT\JWT;
|
||||||
|
use PDO;
|
||||||
|
|
||||||
|
require_once __DIR__ . "/../utils/config.php";
|
||||||
|
|
||||||
|
/**
|
||||||
|
* User Class
|
||||||
|
* Define all functions which either check, update or delete userData data
|
||||||
|
*/
|
||||||
|
class userData
|
||||||
|
{
|
||||||
|
/**
|
||||||
|
* Check if userData exists and can be logged in
|
||||||
|
* @param $username string - Username
|
||||||
|
* @param $password string - Password
|
||||||
|
* @return bool - True if logged in, false if not
|
||||||
|
*/
|
||||||
|
function checkUser(string $username, string $password): bool
|
||||||
|
{
|
||||||
|
$conn = dbConn();
|
||||||
|
$stmt = $conn->prepare("SELECT * FROM users WHERE username = :username");
|
||||||
|
$stmt->bindParam(":username", $username);
|
||||||
|
$stmt->execute();
|
||||||
|
|
||||||
|
// set the resulting array to associative
|
||||||
|
$result = $stmt->fetchAll(PDO::FETCH_ASSOC);
|
||||||
|
|
||||||
|
if ($result)
|
||||||
|
{
|
||||||
|
if (password_verify($password, $result[0]["password"]))
|
||||||
|
{
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Create a JWT token
|
||||||
|
* @param $username string - Username
|
||||||
|
* @return string - JWT token
|
||||||
|
*/
|
||||||
|
function createToken(string $username): string
|
||||||
|
{
|
||||||
|
$now = time();
|
||||||
|
$future = strtotime('+6 hour',$now);
|
||||||
|
$secretKey = getSecretKey();
|
||||||
|
$payload = [
|
||||||
|
"jti"=>$username,
|
||||||
|
"iat"=>$now,
|
||||||
|
"exp"=>$future
|
||||||
|
];
|
||||||
|
|
||||||
|
return JWT::encode($payload,$secretKey,"HS256");
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Check if email is already in use
|
||||||
|
* @param string $email - Email to check
|
||||||
|
* @return bool - True if email exists, false if not
|
||||||
|
*/
|
||||||
|
function checkEmail(string $email): bool
|
||||||
|
{
|
||||||
|
$conn = dbConn();
|
||||||
|
$stmt = $conn->prepare("SELECT * FROM users WHERE email = :email");
|
||||||
|
$stmt->bindParam(":email", $email);
|
||||||
|
$stmt->execute();
|
||||||
|
|
||||||
|
// set the resulting array to associative
|
||||||
|
$result = $stmt->fetchAll(PDO::FETCH_ASSOC);
|
||||||
|
|
||||||
|
if ($result)
|
||||||
|
{
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Send a verification email to the userData
|
||||||
|
* @param $email - email address of the userData
|
||||||
|
* @return string - verification code
|
||||||
|
*/
|
||||||
|
function sendResetEmail($email): string
|
||||||
|
{
|
||||||
|
//generate a random token and email the address
|
||||||
|
$token = uniqid("rpe-");
|
||||||
|
$headers1 = "From: noreply@rohitpai.co.uk\r\n";
|
||||||
|
$headers1 .= "MIME-Version: 1.0\r\n";
|
||||||
|
$headers1 .= "Content-Type: text/html; charset=UTF-8\r\n";
|
||||||
|
|
||||||
|
$message = "
|
||||||
|
<!doctype html>
|
||||||
|
<html lang='en'>
|
||||||
|
<head>
|
||||||
|
<meta charset='UTF-8'>
|
||||||
|
<meta name='viewport' content='width=device-width, userData-scalable=no, initial-scale=1.0, maximum-scale=1.0, minimum-scale=1.0'>
|
||||||
|
<meta http-equiv='X-UA-Compatible' content='ie=edge'>
|
||||||
|
<title>Document</title>
|
||||||
|
</head>
|
||||||
|
<body>
|
||||||
|
<h1>Reset Password Verification Code</h1>
|
||||||
|
<br>
|
||||||
|
<p>Please enter the following code to reset your password: $token</p>
|
||||||
|
</body>
|
||||||
|
</html>
|
||||||
|
";
|
||||||
|
|
||||||
|
mail($email, "Reset Password Verification Code", $message, $headers1);
|
||||||
|
return $token;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Change password for an email with new password
|
||||||
|
* @param $email string Email
|
||||||
|
* @param $password string Password
|
||||||
|
* @return bool - true if the password was changed, false if not
|
||||||
|
*/
|
||||||
|
function changePassword(string $email, string $password): bool
|
||||||
|
{
|
||||||
|
$conn = dbConn();
|
||||||
|
$stmt = $conn->prepare("UPDATE users SET password = :password WHERE email = :email");
|
||||||
|
$newPwd = password_hash($password, PASSWORD_BCRYPT);
|
||||||
|
$stmt->bindParam(":password", $newPwd);
|
||||||
|
$stmt->bindParam(":email", $email);
|
||||||
|
|
||||||
|
if ($stmt->execute())
|
||||||
|
{
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
}
|
144
src/api/user/userRoutes.php
Normal file
144
src/api/user/userRoutes.php
Normal file
@ -0,0 +1,144 @@
|
|||||||
|
<?php
|
||||||
|
namespace api\user;
|
||||||
|
require_once __DIR__ . "/../utils/routesInterface.php";
|
||||||
|
require_once "userData.php";
|
||||||
|
|
||||||
|
use api\utils\routesInterface;
|
||||||
|
use Psr\Http\Message\ResponseInterface as Response;
|
||||||
|
use Psr\Http\Message\ServerRequestInterface as Request;
|
||||||
|
use Slim\App;
|
||||||
|
|
||||||
|
class userRoutes implements routesInterface
|
||||||
|
{
|
||||||
|
private userData $user;
|
||||||
|
public function __construct(App $app)
|
||||||
|
{
|
||||||
|
$this->user = new userData();
|
||||||
|
$this->createRoutes($app);
|
||||||
|
}
|
||||||
|
|
||||||
|
public function createRoutes(App $app): void
|
||||||
|
{
|
||||||
|
$app->post("/user/login", function (Request $request, Response $response)
|
||||||
|
{
|
||||||
|
// get request data
|
||||||
|
$data = $request->getParsedBody();
|
||||||
|
|
||||||
|
if (empty($data["username"]) || empty($data["password"]))
|
||||||
|
{
|
||||||
|
// uh oh userData sent empty data
|
||||||
|
return $response->withStatus(400);
|
||||||
|
}
|
||||||
|
|
||||||
|
if ($this->user->checkUser($data["username"], $data["password"]))
|
||||||
|
{
|
||||||
|
// yay, userData is logged in
|
||||||
|
$_SESSION["token"] = $this->user->createToken($data["username"]);
|
||||||
|
$_SESSION["username"] = $data["username"];
|
||||||
|
$response->getBody()->write(json_encode(array("token" => $_SESSION["token"])));
|
||||||
|
return $response;
|
||||||
|
}
|
||||||
|
$response->getBody()->write(json_encode(array("error" => "Unauthorised")));
|
||||||
|
return $response->withStatus(401);
|
||||||
|
});
|
||||||
|
|
||||||
|
$app->get("/user/logout", function (Request $request, Response $response)
|
||||||
|
{
|
||||||
|
session_unset();
|
||||||
|
return $response;
|
||||||
|
});
|
||||||
|
|
||||||
|
$app->get("/user/isLoggedIn", function (Request $request, Response $response)
|
||||||
|
{
|
||||||
|
if (empty($_SESSION["token"]) && empty($_SESSION["username"]))
|
||||||
|
{
|
||||||
|
// uh oh userData not logged in
|
||||||
|
return $response->withStatus(401);
|
||||||
|
}
|
||||||
|
|
||||||
|
if (empty($_SESSION["token"]))
|
||||||
|
{
|
||||||
|
// userData is logged in but no token was created
|
||||||
|
$_SESSION["token"] = $this->user->createToken($_SESSION["username"]);
|
||||||
|
return $response;
|
||||||
|
}
|
||||||
|
|
||||||
|
$response->getBody()->write(json_encode(array("token" => $_SESSION["token"])));
|
||||||
|
return $response;
|
||||||
|
|
||||||
|
});
|
||||||
|
|
||||||
|
$app->get("/user/checkResetEmail/{email}", function (Request $request, Response $response, array $args)
|
||||||
|
{
|
||||||
|
if (empty($args["email"]))
|
||||||
|
{
|
||||||
|
// uh oh sent empty data
|
||||||
|
return $response->withStatus(400);
|
||||||
|
}
|
||||||
|
|
||||||
|
if ($this->user->checkEmail($args["email"]))
|
||||||
|
{
|
||||||
|
// yay email does exist
|
||||||
|
$_SESSION["resetToken"] = $this->user->sendResetEmail($args["email"]);
|
||||||
|
$_SESSION["resetEmail"] = $args["email"];
|
||||||
|
return $response;
|
||||||
|
}
|
||||||
|
return $response->withStatus(404);
|
||||||
|
});
|
||||||
|
|
||||||
|
$app->get("/user/resendEmail", function (Request $request, Response $response)
|
||||||
|
{
|
||||||
|
if (empty($_SESSION["resetToken"]))
|
||||||
|
{
|
||||||
|
// uh oh not authorized to resend email
|
||||||
|
return $response->withStatus(401);
|
||||||
|
}
|
||||||
|
|
||||||
|
$_SESSION["resetToken"] = $this->user->sendResetEmail($_SESSION["resetEmail"]);
|
||||||
|
return $response;
|
||||||
|
});
|
||||||
|
|
||||||
|
$app->get("/user/checkResetCode/{code}", function (Request $request, Response $response, array $args)
|
||||||
|
{
|
||||||
|
if (empty($args["code"]))
|
||||||
|
{
|
||||||
|
// uh oh sent empty data
|
||||||
|
return $response->withStatus(400);
|
||||||
|
}
|
||||||
|
|
||||||
|
if ($_SESSION["resetToken"] === $args["code"])
|
||||||
|
{
|
||||||
|
// yay, code code matches
|
||||||
|
return $response;
|
||||||
|
}
|
||||||
|
|
||||||
|
return $response->withStatus(401);
|
||||||
|
});
|
||||||
|
|
||||||
|
$app->post("/user/changePassword", function (Request $request, Response $response)
|
||||||
|
{
|
||||||
|
if (empty($_SESSION["resetToken"]) && empty($_SESSION["resetEmail"]))
|
||||||
|
{
|
||||||
|
// uh oh not authorized to change password
|
||||||
|
return $response->withStatus(401);
|
||||||
|
}
|
||||||
|
|
||||||
|
$data = $request->getParsedBody();
|
||||||
|
if (empty($data["password"]))
|
||||||
|
{
|
||||||
|
// uh oh sent empty data
|
||||||
|
return $response->withStatus(400);
|
||||||
|
}
|
||||||
|
|
||||||
|
if ($this->user->changePassword($_SESSION["resetEmail"], $data["password"]))
|
||||||
|
{
|
||||||
|
// yay, password changed
|
||||||
|
unset($_SESSION["resetToken"]);
|
||||||
|
unset($_SESSION["resetEmail"]);
|
||||||
|
return $response;
|
||||||
|
}
|
||||||
|
|
||||||
|
return $response->withStatus(500);
|
||||||
|
});
|
||||||
|
}
|
||||||
|
}
|
@ -1,14 +1,14 @@
|
|||||||
<?php
|
<?php
|
||||||
// middleware
|
// middleware
|
||||||
namespace api;
|
namespace api\utils;
|
||||||
|
|
||||||
session_start();
|
session_start();
|
||||||
|
|
||||||
use Psr\Http\Message\ServerRequestInterface;
|
use Psr\Http\Message\ServerRequestInterface;
|
||||||
use Psr\Http\Server\RequestHandlerInterface;
|
use Psr\Http\Server\RequestHandlerInterface;
|
||||||
use Slim\App;
|
|
||||||
use Selective\SameSiteCookie\SameSiteCookieConfiguration;
|
use Selective\SameSiteCookie\SameSiteCookieConfiguration;
|
||||||
use Selective\SameSiteCookie\SameSiteCookieMiddleware;
|
use Selective\SameSiteCookie\SameSiteCookieMiddleware;
|
||||||
|
use Slim\App;
|
||||||
use Slim\Exception\HttpInternalServerErrorException;
|
use Slim\Exception\HttpInternalServerErrorException;
|
||||||
use Slim\Exception\HttpMethodNotAllowedException;
|
use Slim\Exception\HttpMethodNotAllowedException;
|
||||||
use Slim\Exception\HttpNotFoundException;
|
use Slim\Exception\HttpNotFoundException;
|
||||||
@ -80,7 +80,7 @@ class middleware
|
|||||||
"rules" => [
|
"rules" => [
|
||||||
new RequestPathRule([
|
new RequestPathRule([
|
||||||
"path" => ["/api/projectData", "/api/timelineData/[a-z]*", "/api/projectImage/[0-9]*", "/api/logout"],
|
"path" => ["/api/projectData", "/api/timelineData/[a-z]*", "/api/projectImage/[0-9]*", "/api/logout"],
|
||||||
"ignore" => ["/api/contact", "/api/user/login", "/api/user/changePassword"]
|
"ignore" => ["/api/contact", "/api/userData/login", "/api/userData/changePassword"]
|
||||||
]),
|
]),
|
||||||
new RequestMethodRule([
|
new RequestMethodRule([
|
||||||
"ignore" => ["OPTIONS", "GET"]
|
"ignore" => ["OPTIONS", "GET"]
|
10
src/api/utils/routesInterface.php
Normal file
10
src/api/utils/routesInterface.php
Normal file
@ -0,0 +1,10 @@
|
|||||||
|
<?php
|
||||||
|
|
||||||
|
namespace api\utils;
|
||||||
|
|
||||||
|
use Slim\App;
|
||||||
|
|
||||||
|
interface routesInterface
|
||||||
|
{
|
||||||
|
public function createRoutes(App $app): void;
|
||||||
|
}
|
@ -3,7 +3,7 @@ let textareaLoaded = false;
|
|||||||
|
|
||||||
document.addEventListener('DOMContentLoaded', () =>
|
document.addEventListener('DOMContentLoaded', () =>
|
||||||
{
|
{
|
||||||
// check if the user is logged in, if not redirect to log in
|
// check if the userData is logged in, if not redirect to log in
|
||||||
fetch('/api/user/isLoggedIn').then(res =>
|
fetch('/api/user/isLoggedIn').then(res =>
|
||||||
{
|
{
|
||||||
if (!res.ok)
|
if (!res.ok)
|
||||||
|
@ -1,7 +1,7 @@
|
|||||||
|
|
||||||
document.addEventListener("DOMContentLoaded", _ =>
|
document.addEventListener("DOMContentLoaded", _ =>
|
||||||
{
|
{
|
||||||
// check if the user is logged in and if so load the editor
|
// check if the userData is logged in and if so load the editor
|
||||||
fetch("/api/user/isLoggedIn").then(res =>
|
fetch("/api/user/isLoggedIn").then(res =>
|
||||||
{
|
{
|
||||||
if (res.ok)
|
if (res.ok)
|
||||||
|
Loading…
Reference in New Issue
Block a user