mirror of
https://github.com/FH-Complete/FHC-Core.git
synced 2026-07-18 15:32:17 +00:00
RESTv1
This commit is contained in:
@@ -0,0 +1,130 @@
|
||||
<?php
|
||||
|
||||
/**
|
||||
* Whisperocity
|
||||
*
|
||||
* @package Whisperocity
|
||||
* @author WSP-Team
|
||||
* @copyright Copyright (c) 2015, Whisperocity
|
||||
* @license proprietary
|
||||
* @link http://whisperocity.com/
|
||||
* @since Version 1.0
|
||||
* @filesource
|
||||
*/
|
||||
|
||||
// ------------------------------------------------------------------------
|
||||
|
||||
defined('BASEPATH') OR exit('No direct script access allowed');
|
||||
|
||||
// This can be removed if you use __autoload() in config.php OR use Modular Extensions
|
||||
require APPPATH . '/libraries/REST_Controller.php';
|
||||
|
||||
/**
|
||||
* Handles user authentication and registration process
|
||||
*/
|
||||
class AuthAPI extends REST_Controller {
|
||||
|
||||
/**
|
||||
* Userauth-Controller constructor.
|
||||
* A more elaborate description of the constructor.
|
||||
* {@inheritdoc}
|
||||
*/
|
||||
function __construct()
|
||||
{
|
||||
// Construct the parent class
|
||||
parent::__construct();
|
||||
|
||||
// Configure limits on our controller methods
|
||||
// Ensure you have created the 'limits' table and enabled 'limits' within application/config/rest.php
|
||||
$this->methods['login_get']['limit'] = 500; // 500 requests per hour per user/key
|
||||
|
||||
// Load helper
|
||||
$this->load->helper('fhcauth');
|
||||
$this->load->library('session');
|
||||
}
|
||||
|
||||
/**
|
||||
* Checks user credentials and creates a new session
|
||||
* @return string JSON that indicates success/failure of login
|
||||
* @example normal account: http://wsp.fortyseeds.at/backend/api/userauth/login/username/foo%40bar.at/password/secret/device_id/abcdef123
|
||||
* @example OAuth Google: http://wsp.fortyseeds.at/backend/api/userauth/login/username/foo%40bar.at/device_id/abcdef123/google_token/qwert321
|
||||
* @example OAuth Facebook: http://wsp.fortyseeds.at/backend/api/userauth/login/username/foo%40bar.at/device_id/abcdef123/fb_token/qwert321
|
||||
*/
|
||||
public function login_get()
|
||||
{
|
||||
$payload = array();
|
||||
$errormsg = "";
|
||||
$httpstatus = null;
|
||||
$username = urldecode($this->get('username'));
|
||||
$password = urldecode($this->get('password'));
|
||||
|
||||
$account = auth($username,$password);
|
||||
|
||||
// perform login checks
|
||||
if (!$account)
|
||||
$errormsg = "Auth not accepted!";
|
||||
|
||||
if (empty($errormsg))
|
||||
{
|
||||
// generate new session
|
||||
$this->session->sess_regenerate();
|
||||
$token = session_id();
|
||||
|
||||
$payload = [
|
||||
'success' => true,
|
||||
'message' => 'User successfully logged in',
|
||||
'session_id' => $token
|
||||
];
|
||||
$httpstatus = REST_Controller::HTTP_OK;
|
||||
}
|
||||
else
|
||||
{
|
||||
$payload = [
|
||||
'success' => false,
|
||||
'message' => $errormsg
|
||||
];
|
||||
$httpstatus = REST_Controller::HTTP_UNAUTHORIZED;
|
||||
}
|
||||
|
||||
// Set the response and exit
|
||||
$this->response($payload, $httpstatus);
|
||||
}
|
||||
|
||||
/**
|
||||
* Logs out user by destroying session
|
||||
* @return string JSON that indicates success/failure of logout
|
||||
* @example http://wsp.fortyseeds.at/backend/api/userauth/logout/username/foo%40bar.at/session_id/55afab8ba6f1b/device_id/abcdef123
|
||||
*/
|
||||
public function logout_get()
|
||||
{
|
||||
$payload = array();
|
||||
$httpstatus = null;
|
||||
$token = $this->get('session_id');
|
||||
$username = urldecode($this->get('username'));
|
||||
$deviceid = $this->get('device_id');
|
||||
$account = $this->user_model->load($username);
|
||||
|
||||
// destroy session
|
||||
if ($this->session_model->destroy($account, $token, $deviceid))
|
||||
{
|
||||
$payload = [
|
||||
'success' => true,
|
||||
'message' => 'user successfully logged out'
|
||||
];
|
||||
$httpstatus = REST_Controller::HTTP_OK;
|
||||
}
|
||||
else
|
||||
{
|
||||
$payload = [
|
||||
'success' => false,
|
||||
'message' => 'user could not be logged out'
|
||||
];
|
||||
$httpstatus = REST_Controller::HTTP_BAD_REQUEST;
|
||||
}
|
||||
|
||||
// Set the response and exit
|
||||
$this->response($payload, $httpstatus);
|
||||
}
|
||||
|
||||
|
||||
}
|
||||
Reference in New Issue
Block a user