tracer
/
bindAPI
3
0
Fork 0
Code Issues 1 Pull Requests Projects Releases 14 Wiki Activity

added encryption to the first functions

This commit is contained in:
tracer 2022-09-29 19:23:47 +02:00
parent 19576dd6b7
commit 402934f02c
1 changed files with 629 additions and 622 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

127
src/Controller/RequestController.php
View File

@ -22,17 +22,17 @@ use UnhandledMatchError;
*/
#[OAT\Info(version: '0.0.1', title: 'bindAPI')]
#[OAT\Server(
url : "{schema}://{hostname}/api",
url: "{schema}://{hostname}/api",
description: "The bindAPI URL.",
variables : [
variables: [
new OAT\ServerVariable(
serverVariable: "schema",
default : "https",
enum : ["https", "http"]
default: "https",
enum: ["https", "http"]
),
new OAT\ServerVariable(
serverVariable: "hostname",
default : "ns2.24unix.net",
default: "ns2.24unix.net",
)
]
)]
@ -41,10 +41,10 @@ use UnhandledMatchError;
)]
#[OAT\SecurityScheme(
securityScheme: "Authorization",
type : "apiKey",
description : "description",
name : "X-API-Key",
in : "header"
type: "apiKey",
description: "description",
name: "X-API-Key",
in: "header"
)]
class RequestController
{
@ -63,6 +63,8 @@ class RequestController
* @param DomainRepository $domainRepository
* @param DynDNSRepository $dynDNSRepository
* @param PanelRepository $panelRepository
* @param ConfigController $configController
* @param EncryptionController $encryptionController
* @param Logger $logger
*/
public function __construct(
@ -72,6 +74,8 @@ class RequestController
private readonly DomainRepository $domainRepository,
private readonly DynDNSRepository $dynDNSRepository,
private readonly PanelRepository $panelRepository,
private readonly ConfigController $configController,
private readonly EncryptionController $encryptionController,
private readonly Logger $logger)
{
$this->status = '';
@ -84,29 +88,29 @@ class RequestController
* @return void
*/
#[OAT\Get(
path : '/domains',
path: '/domains',
operationId: 'getAllDomains',
description: 'Returns a list of all domains on this server.',
summary : 'Listing all domains.',
summary: 'Listing all domains.',
// security: [
// 'Authorization' => [
//
// "read:api"
// ]
// ],
servers : [],
tags : ['Domains'],
responses : [
servers: [],
tags: ['Domains'],
responses: [
new OAT\Response(
response : 200,
response: 200,
description: 'OK'
),
new OAT\Response(
response : 401,
response: 401,
description: 'API key is missing or invalid.'
),
new OAT\Response(
response : 404,
response: 404,
description: 'Domain not found.'
)]
)]
@ -207,27 +211,27 @@ class RequestController
#[
OAT\Get(
path : '/domains/{name}',
path: '/domains/{name}',
operationId: 'getSingleDomain',
description: 'Returns information of a single domain specified by its domain name.',
summary : 'Returns a single domain.',
security : [
summary: 'Returns a single domain.',
security: [
],
tags : ['Domains'],
parameters : [
tags: ['Domains'],
parameters: [
new OAT\Parameter(name: 'name', in: 'path', required: true, schema: new OAT\Schema(type: 'string')),
],
responses : [
responses: [
new OAT\Response(
response : 200,
response: 200,
description: 'OK'
),
new OAT\Response(
response : 401,
response: 401,
description: 'API key is missing or invalid.'
),
new OAT\Response(
response : 404,
response: 404,
description: 'Domain not found.'
)]
@ -296,8 +300,11 @@ class RequestController
} else {
[$prefix,] = explode(separator: '.', string: $apiKey);
if ($apiResult = $this->apikeyRepository->findByPrefix(prefix: $prefix)) {
$storedHash = $apiResult->getApiToken();
if (!password_verify(password: $apiKey, hash: $storedHash)) {
$encryptedHash = $apiResult->getApikey();
$encryptionKey = $this->configController->getConfig(configKey: 'encryptionKey');
$decryptedHash = $this->encryptionController->safeDecrypt(encrypted: $encryptedHash, key: $encryptionKey);
if (!password_verify(password: $apiKey, hash: $decryptedHash)) {
$this->status = "401 Unauthorized";
$this->message = "API key mismatch.";
return false;
@ -532,19 +539,19 @@ class RequestController
if (!empty($panel->getAaaa())) {
$domainData = $this->apiController->sendCommand(
requestType: 'GET',
serverName : $panel->getName(),
versionIP : 6,
apiKey : $panel->getApikey(),
command : 'domains/name/' . $domainName,
serverType : 'panel');
serverName: $panel->getName(),
versionIP: 6,
apiKey: $panel->getApikey(),
command: 'domains/name/' . $domainName,
serverType: 'panel');
} else {
$domainData = $this->apiController->sendCommand(
requestType: 'GET',
serverName : $panel->getName(),
versionIP : 4,
apiKey : $panel->getApikey(),
command : 'domains/name/' . $domainName,
serverType : 'panel');
serverName: $panel->getName(),
versionIP: 4,
apiKey: $panel->getApikey(),
command: 'domains/name/' . $domainName,
serverType: 'panel');
}
$domainDecodedData = json_decode(json: $domainData['data']);
@ -553,19 +560,19 @@ class RequestController
if (!empty($panel->getAaaa())) {
$dnsData = $this->apiController->sendCommand(
requestType: 'GET',
serverName : $panel->getName(),
versionIP : 6,
apiKey : $panel->getApikey(),
command : 'dns/' . $domainID,
serverType : 'panel');
serverName: $panel->getName(),
versionIP: 6,
apiKey: $panel->getApikey(),
command: 'dns/' . $domainID,
serverType: 'panel');
} else {
$dnsData = $this->apiController->sendCommand(
requestType: 'GET',
serverName : $panel->getName(),
versionIP : 4,
apiKey : $panel->getApikey(),
command : 'dns/' . $domainID,
serverType : 'panel');
serverName: $panel->getName(),
versionIP: 4,
apiKey: $panel->getApikey(),
command: 'dns/' . $domainID,
serverType: 'panel');
}
$dnsDataDecoded = json_decode(json: $dnsData['data']);
@ -602,22 +609,22 @@ class RequestController
if (!empty($panel->getAaaa())) {
$result = $this->apiController->sendCommand(
requestType: 'PUT',
serverName : $panel->getName(),
versionIP : 6,
apiKey : $panel->getApikey(),
command : 'dns/' . $domainID,
serverType : 'panel',
body : json_decode(json: $newDnsData, associative: true)
serverName: $panel->getName(),
versionIP: 6,
apiKey: $panel->getApikey(),
command: 'dns/' . $domainID,
serverType: 'panel',
body: json_decode(json: $newDnsData, associative: true)
);
} else {
$result = $this->apiController->sendCommand(
requestType: 'PUT',
serverName : $panel->getName(),
versionIP : 4,
apiKey : $panel->getApikey(),
command : 'dns/' . $domainID,
serverType : 'panel',
body : json_decode(json: $newDnsData, associative: true)
serverName: $panel->getName(),
versionIP: 4,
apiKey: $panel->getApikey(),
command: 'dns/' . $domainID,
serverType: 'panel',
body: json_decode(json: $newDnsData, associative: true)
);
}
if ($result['header'] == 200) {