API

2019-06-06 15:44:45 +02:00 · 2019-06-06 15:44:45 +02:00 · fe2c37f7d7
parent 878d993459
commit fe2c37f7d7
12 changed files with 207 additions and 6 deletions
--- a/app/Http/Controllers/API/AppController.php
+++ b/app/Http/Controllers/API/AppController.php
@ -0,0 +1,64 @@
+<?php
+
+namespace App\Http\Controllers\API;
+
+use App\Exceptions\HTTPException;
+use App\Exceptions\NoPermissionException;
+use App\Exceptions\NotLoggedInException;
+use App\Exceptions\ResourceNotFound;
+use App\Http\Resources\API\App;
+use App\Http\Resources\API\AppForOwner;
+use App\Models\Setting;
+use App\Models\User;
+use http\Env\Request;
+use Illuminate\Support\Facades\Auth;
+use Laravel\Lumen\Routing\Controller as BaseController;
+use TaGeSo\APIResponse\Response;
+
+class AppController extends BaseController
+{
+    public function listApps(Response $response) {
+        if(!Auth::check()) {
+            throw new NotLoggedInException();
+        }
+
+        $apps = \App\Models\App::query()->where("user_id", "=", Auth::user()->id)->get();
+
+        return $response->withData(AppForOwner::collection(collect($apps)));
+    }
+    public function appDetails(Response $response, $id) {
+        if(!Auth::check()) {
+            throw new NotLoggedInException();
+        }
+
+        $app = \App\Models\App::query()->where("id", "=", (int)$id)->firstOrFail();
+
+        if($app->user_id == Auth::user()->id) {
+            return $response->withData(new AppForOwner($app));
+        }
+
+        return $response->withData(new App($app));
+    }
+
+    public function findApp(Response $response, \Illuminate\Http\Request $request) {
+        if(!Auth::check()) {
+            throw new NotLoggedInException();
+        }
+
+        $this->validate($request, [
+            'apiKey' => '',
+        ]);
+
+        $query = \App\Models\App::query();
+
+        if($request->input("apiKey", false)) {
+            $query->where("apiKey", "=", $request->input("apiKey"));
+        }
+
+        $apps = $query->paginate(20);
+
+        $response->setPagination($apps->currentPage(), $apps->lastPage(), $apps->perPage());
+        return $response->withData(App::collection($apps));
+
+    }
+}
--- a/app/Http/Controllers/API/UserController.php
+++ b/app/Http/Controllers/API/UserController.php
@ -68,6 +68,14 @@ class UserController extends BaseController
        return new AccessToken($token);
    }

+    public function me(Response $response) {
+        if(!Auth::check()) {
+            throw new NotLoggedInException();
+        }
+
+        return $response->withData(new \App\Http\Resources\API\User(Auth::user()));
+    }
+
    public function register(Request $request, Response $response) {
        //If Recptache is enabled check it at the beginning
        if(Setting::getSettingValue("recaptcha_v2_register")) {
--- a/app/Http/Middleware/CorsMiddleware.php
+++ b/app/Http/Middleware/CorsMiddleware.php
@ -0,0 +1,38 @@
+<?php
+namespace App\Http\Middleware;
+
+use Closure;
+
+class CorsMiddleware
+{
+    /**
+     * Handle an incoming request.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @param  \Closure  $next
+     * @return mixed
+     */
+    public function handle($request, Closure $next)
+    {
+        $headers = [
+            'Access-Control-Allow-Origin'      => '*',
+            'Access-Control-Allow-Methods'     => 'POST, GET, OPTIONS, PUT, DELETE',
+            'Access-Control-Allow-Credentials' => 'true',
+            'Access-Control-Max-Age'           => '86400',
+            'Access-Control-Allow-Headers'     => 'Content-Type, Authorization, X-Requested-With'
+        ];
+
+        if ($request->isMethod('OPTIONS'))
+        {
+            return response()->json('{"method":"OPTIONS"}', 200, $headers);
+        }
+
+        $response = $next($request);
+        foreach($headers as $key => $value)
+        {
+            $response->header($key, $value);
+        }
+
+        return $response;
+    }
+}
--- a/app/Http/Resources/API/App.php
+++ b/app/Http/Resources/API/App.php
@ -0,0 +1,36 @@
+<?php
+
+namespace App\Http\Resources\API;
+
+use Illuminate\Http\Resources\Json\JsonResource;
+
+class App extends JsonResource
+{
+    /**
+     * Transform the resource into an array.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @return array
+     */
+    public function toArray($request)
+    {
+        return [
+            'id' => (int)$this->id,
+            #'created_at' => $this->created_at,
+            #'updated_at' => $this->created_at,
+            'name' => $this->name,
+            'description' => $this->description,
+            'directUrl' => $this->direct_url,
+            'url' => $this->url,
+            /*'properties' => [
+                #'autoAccept' => $this->auto_accept,
+                #'untrustedWarning' => $this->untrusted_warning,
+                #'showOnWebpage' => $this->show_on_webpage,
+                #'stopAutoRedirect' => $this->stop_auto_redirect,
+                #'hideInAppList' => $this->hide_in_app_list,
+                #'userCantRemoveApp' => $this->user_cant_remove_app
+            ]*/
+
+        ];
+    }
+}
--- a/app/Http/Resources/API/AppForOwner.php
+++ b/app/Http/Resources/API/AppForOwner.php
@ -0,0 +1,39 @@
+<?php
+
+namespace App\Http\Resources\API;
+
+use Illuminate\Http\Resources\Json\JsonResource;
+
+class AppForOwner extends JsonResource
+{
+    /**
+     * Transform the resource into an array.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @return array
+     */
+    public function toArray($request)
+    {
+        return [
+            'id' => (int)$this->id,
+            'created_at' => $this->created_at,
+            'updated_at' => $this->updated_at,
+            'name' => $this->name,
+            'description' => $this->description,
+            'url' => $this->url,
+            'directUrl' => $this->direct_url,
+            'apiKey' => $this->apiKey,
+            'apiSecret' => $this->apiSecret,
+            'properties' => [
+                'testingWarning' => $this->testing_warning,
+                'autoAccept' => $this->auto_accept,
+                'untrustedWarning' => $this->untrusted_warning,
+                'showOnWebpage' => $this->show_on_webpage,
+                'stopAutoRedirect' => $this->stop_auto_redirect,
+                'hideInAppList' => $this->hide_in_app_list,
+                'userCantRemoveApp' => $this->user_cant_remove_app
+            ]
+
+        ];
+    }
+}
--- a/app/Models/App.php
+++ b/app/Models/App.php
@ -16,7 +16,7 @@ class App extends Model
     * @var array
     */
    protected $fillable = [
-        'name', 'description', 'url', 'apiKey', 'apiSecret', 'auto_accept', 'testing_warning', 'untrusted_warning', 'user_id'
+        'name', 'description', 'url', 'apiKey', 'apiSecret', 'auto_accept', 'testing_warning', 'untrusted_warning', 'user_id', 'direct_url'
    ];

    /**
--- a/app/Models/Setting.php
+++ b/app/Models/Setting.php
@ -41,7 +41,8 @@ class Setting extends Model
        'recaptcha_v2_key',
        'name_big',
        'name_small',
-        'name_slogen'
+        'name_slogen',
+        'startpage'
    ];


--- a/bootstrap/app.php
+++ b/bootstrap/app.php
@ -62,7 +62,8 @@ $app->singleton(
 // ]);

 $app->middleware(array(
-    TaGeSo\APIResponse\Middelware::class
+    TaGeSo\APIResponse\Middelware::class,
+    \App\Http\Middleware\CorsMiddleware::class
 ));


--- a/database/migrations/2019_05_22_121930_new_gui_settings.php
+++ b/database/migrations/2019_05_22_121930_new_gui_settings.php
@ -32,6 +32,12 @@ class NewGuiSettings extends Migration
        $setting->typ = "textinput";
        $setting->value = "Zentraler authentication Service";
        $setting->saveOrFail();
+        $setting = new \App\Models\Setting();
+        $setting->name = "startpage";
+        $setting->description = "Show startpage, if not enabled the user will redirect to the login page";
+        $setting->typ = "checkbox";
+        $setting->value = true;
+        $setting->saveOrFail();
    }

    /**
--- a/docker-compose.yml
+++ b/docker-compose.yml
@ -9,9 +9,9 @@ services:
  mysql:
    image: mysql:5.7
    ports:
-      - 3306:3306
+      - 3366:3306
    environment:
      MYSQL_ROOT_PASSWORD: example
      MYSQL_DATABASE: oauth
      MYSQL_USER: oauth
-      MYSQL_PASSWORD: oauth
+      MYSQL_PASSWORD: oauth
--- a/public/index.php
+++ b/public/index.php
@ -26,6 +26,5 @@ $app = require __DIR__.'/../bootstrap/app.php';
 |
 */

-header("Access-Control-Allow-Origin: *");

 $app->run();
--- a/routes/web.php
+++ b/routes/web.php
@ -44,6 +44,15 @@ $router->group(['prefix' => 'api'], function () use ($router) {
            $router->post("/register", ['uses' => 'API\UserController@register']);
            $router->get("/captcha", ['uses' => 'API\UserController@reCAPTCHA']);
            $router->get("/invites", ['uses' => 'API\UserController@getInviteCodeInfo']);
+            $router->get("/me", ['uses' => 'API\UserController@me']);
+        });
+        $router->group(['prefix' => 'app'], function () use ($router) {
+            $router->get("/", ['uses' => 'API\AppController@listApps']);
+            $router->get("/find", ['uses' => 'API\AppController@findApp']);
+            $router->group(['prefix' => '{id}'], function () use ($router) {
+                $router->get("/", ['uses' => 'API\AppController@appDetails']);
+
+            });
        });
        $router->group(['prefix' => 'account'], function () use ($router) {
            $router->get("/", ['uses' => 'API\AccountController@getUsers']);