bindAPI/src/Controller/RequestController.php

240 lines
6.1 KiB
PHP
Raw Normal View History

2022-01-18 19:14:24 +01:00
<?php
namespace App\Controller;
2022-01-20 11:06:58 +01:00
use UnhandledMatchError;
2022-01-18 19:14:24 +01:00
/**
*
*/
class RequestController
{
private DatabaseConnection $databaseConnection;
2022-01-18 19:14:24 +01:00
private DomainController $domainController;
private PanelController $panelController;
private String $header;
2022-01-20 11:06:58 +01:00
private array $result;
2022-01-18 19:14:24 +01:00
private String $status;
private String $message;
2022-01-20 11:06:58 +01:00
/**
* @param array $config
* @param String $requestMethod
* @param array $uri
2022-01-20 11:06:58 +01:00
*/
public function __construct(private array $config, private String $requestMethod, private array $uri)
2022-01-18 19:14:24 +01:00
{
$this->requestMethod = strtoupper($requestMethod);
$this->databaseConnection = new DatabaseConnection($this->config);
$this->panelController = new PanelController($this->databaseConnection);
$this->domainController = new DomainController($this->databaseConnection, $this->panelController);
2022-01-18 19:14:24 +01:00
}
2022-01-20 11:06:58 +01:00
/**
* @return void
*/
2022-01-18 19:14:24 +01:00
public function processRequest()
{
if (empty($this->uri[2]) || !(($this->uri[2] == 'domains') || $this->uri[2] == 'ping')) {
$this->header = '404 Not Found';
2022-01-18 19:14:24 +01:00
$this->status = "404 Not Found";
$this->message = "Endpoint not found.";
} else {
if ($this->checkPassword()) {
if ($this->uri[2] == "ping") {
$this->header = '200 OK';
$this->status = 'pong';
} else {
try {
match ($this->requestMethod) {
'GET' => $this->handleDomainGetRequest(),
'POST' => $this->handleDomainPostRequest(),
'PUT' => $this->handleDomainPutRequest(),
'DELETE' => $this->handleDomainDeleteRequest()
};
} catch(UnhandledMatchError) {
$this->header = '400 Bad Request';
$this->status = '400 Bad Request';
2022-01-18 19:14:24 +01:00
$this->message = "unknown request method: $this->requestMethod";
}
2022-01-18 19:14:24 +01:00
}
}
}
if(!empty($this->header)) {
header(header: $_SERVER['SERVER_PROTOCOL'] . ' ' . $this->header);
}
2022-01-20 11:06:58 +01:00
if (!empty($this->result)) {
echo json_encode($this->result);
2022-01-18 19:14:24 +01:00
} else {
if ($this->status == 'pong') {
echo json_encode([
'response' => $this->status
]);
} else {
echo json_encode([
'status' => $this->status ?? "Error: No status",
'message' => $this->message ?? "Error: No message."
]);
}
2022-01-18 19:14:24 +01:00
}
}
/**
* @return bool
*/
public function checkPassword(): bool
{
$headers = array_change_key_case(getallheaders(), CASE_UPPER);
$apiKey = $headers['X-API-KEY'] ?? "";
if (empty($apiKey)) {
$this->header = "401 Unauthorized";
2022-01-18 19:14:24 +01:00
$this->status = "401 Unauthorized";
$this->message = "API key is missing.";
return false;
} else {
[$prefix,] = explode('.', $apiKey);
$apiUsers = new ApiKeys($this->databaseConnection);
2022-01-18 19:14:24 +01:00
$apiResult = $apiUsers->findByPrefix($prefix);
$storedHash = $apiResult['api_token'];
if (!password_verify($apiKey, $storedHash)) {
$this->header = "401 Unauthorized";
2022-01-18 19:14:24 +01:00
$this->status = "401 Unauthorized";
$this->message = "API key mismatch.";
return false;
}
}
return true;
}
2022-01-20 11:06:58 +01:00
/**
* @return void
2022-01-20 11:06:58 +01:00
*/
public function handleDomainGetRequest(): void
2022-01-20 11:06:58 +01:00
{
if (empty($this->uri[3])) {
$this->result = $this->domainController->findAll();
} else {
if ($result = $this->domainController->findByID(intval($this->uri[3]))) {
$this->result = $result;
} else {
$this->header = "404 Not Found ";
2022-01-20 11:06:58 +01:00
$this->status = "404 Not Found ";
$this->message = "The specified domain was not found.";
}
}
}
2022-01-20 11:06:58 +01:00
/**
* @return void
*/
public function handleDomainPostRequest(): void
{
$name = $_POST['name'] ?? '';
$panelID = $_POST['panel_id'] ?? '';
$a = $_POST['a'] ?? '';
$aaaa = $_POST['aaaa'] ?? '';
2022-01-20 11:06:58 +01:00
if (empty($name)) {
$this->status = "400 Bad Request";
$this->message = "A name is required";
} else {
if (empty($a) && empty($aaaa)) {
$this->status = "400 Bad Request";
$this->message = "At least one IP address is required.";
} else {
if ($this->domainController->findByName($name)) {
$this->status = "400 Bad request";
$this->message = "Domain: $name already exists.";
} else {
$result = $this->domainController->insert($name, $panelID, $a, $aaaa);
2022-01-20 11:06:58 +01:00
$this->status = "201 Created";
$this->message = $result;
}
}
}
}
/**
* @return void
*/
public function handleDomainPutRequest(): void
{
$putData = fopen(filename: 'php://input', mode: 'r');
$data = fread($putData, 512);
$params = explode('&', $data);
foreach ($params as $param) {
[$key, $value] = explode('=', $param);
$put[$key] = $value;
}
$id = $put['id'] ?? 0;
$name = $put['name'] ?? "";
$panelID = $put['panel_id'] ?? "";
2022-01-20 11:06:58 +01:00
$a = $put['a'] ?? "";
$aaaa = $put['aaaa'] ?? "";
if ($id == 0) {
$this->status = "400 Bad Request";
$this->message = "An ID is required";
} else {
if (!$this->domainController->findByID($id)) {
$this->status = "404 Not Found";
$this->message = "Domain with ID : $id doesn't exist.";
} else {
// TODO not required, as we rely on the ID
if (empty($name)) {
$this->status = "400 Bad Request";
$this->message = "A name is required";
} else {
if (empty($a) && empty($aaaa)) {
$this->status = "400 Bad Request";
$this->message = "At least one IP address is required.";
} else {
$dcResult = $this->domainController->update($id, $panelID, $name, $a, $aaaa);
2022-01-20 11:06:58 +01:00
$this->status = "201 Updated";
$this->message = $dcResult;
}
}
}
}
}
/**
* @return void
*/
public function handleDomainDeleteRequest(): void
{
$deleteData = fopen(filename: 'php://input', mode: 'r');
$data = fread($deleteData, length: 512);
$params = explode(separator: '&', string: $data);
foreach ($params as $param) {
[$key, $value] = explode(separator: '=', string: $param);
$delete[$key] = $value;
}
$id = $delete['id'] ?? 0;
if ($id == 0) {
$this->status = "404 Bad Request";
$this->message = "You need to supply an ID.";
2022-01-20 11:06:58 +01:00
} else {
if (!$this->domainController->findByID($id)) {
$this->status = "400 Bad Request";
$this->message = "There is no domain with ID $id.";
} else {
$this->domainController->delete($id);
$this->status = "204 No content.";
$this->message = "The domain $id has been deleted.";
}
}
}
2022-01-18 19:14:24 +01:00
}