tracer
/
bindAPI
3
0
Fork 0
Code Issues 2 Pull Requests Projects Releases 15 Wiki Activity

added encryption to the first functions

This commit is contained in:
tracer 2022-09-29 19:23:47 +02:00
parent 19576dd6b7
commit 402934f02c
1 changed files with 629 additions and 622 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

127
src/Controller/RequestController.php
View File

@ -22,17 +22,17 @@ use UnhandledMatchError;
*/ */
#[OAT\Info(version: '0.0.1', title: 'bindAPI')] #[OAT\Info(version: '0.0.1', title: 'bindAPI')]
#[OAT\Server( #[OAT\Server(
url : "{schema}://{hostname}/api", url: "{schema}://{hostname}/api",
description: "The bindAPI URL.", description: "The bindAPI URL.",
variables : [ variables: [
new OAT\ServerVariable( new OAT\ServerVariable(
serverVariable: "schema", serverVariable: "schema",
default : "https", default: "https",
enum : ["https", "http"] enum: ["https", "http"]
), ),
new OAT\ServerVariable( new OAT\ServerVariable(
serverVariable: "hostname", serverVariable: "hostname",
default : "ns2.24unix.net", default: "ns2.24unix.net",
) )
] ]
)] )]
@ -41,10 +41,10 @@ use UnhandledMatchError;
)] )]
#[OAT\SecurityScheme( #[OAT\SecurityScheme(
securityScheme: "Authorization", securityScheme: "Authorization",
type : "apiKey", type: "apiKey",
description : "description", description: "description",
name : "X-API-Key", name: "X-API-Key",
in : "header" in: "header"
)] )]
class RequestController class RequestController
{ {
@ -63,6 +63,8 @@ class RequestController
* @param DomainRepository $domainRepository * @param DomainRepository $domainRepository
* @param DynDNSRepository $dynDNSRepository * @param DynDNSRepository $dynDNSRepository
* @param PanelRepository $panelRepository * @param PanelRepository $panelRepository
* @param ConfigController $configController
* @param EncryptionController $encryptionController
* @param Logger $logger * @param Logger $logger
*/ */
public function __construct( public function __construct(
@ -72,6 +74,8 @@ class RequestController
private readonly DomainRepository $domainRepository, private readonly DomainRepository $domainRepository,
private readonly DynDNSRepository $dynDNSRepository, private readonly DynDNSRepository $dynDNSRepository,
private readonly PanelRepository $panelRepository, private readonly PanelRepository $panelRepository,
private readonly ConfigController $configController,
private readonly EncryptionController $encryptionController,
private readonly Logger $logger) private readonly Logger $logger)
{ {
$this->status = ''; $this->status = '';
@ -84,29 +88,29 @@ class RequestController
* @return void * @return void
*/ */
#[OAT\Get( #[OAT\Get(
path : '/domains', path: '/domains',
operationId: 'getAllDomains', operationId: 'getAllDomains',
description: 'Returns a list of all domains on this server.', description: 'Returns a list of all domains on this server.',
summary : 'Listing all domains.', summary: 'Listing all domains.',
// security: [ // security: [
// 'Authorization' => [ // 'Authorization' => [
// //
// "read:api" // "read:api"
// ] // ]
// ], // ],
servers : [], servers: [],
tags : ['Domains'], tags: ['Domains'],
responses : [ responses: [
new OAT\Response( new OAT\Response(
response : 200, response: 200,
description: 'OK' description: 'OK'
), ),
new OAT\Response( new OAT\Response(
response : 401, response: 401,
description: 'API key is missing or invalid.' description: 'API key is missing or invalid.'
), ),
new OAT\Response( new OAT\Response(
response : 404, response: 404,
description: 'Domain not found.' description: 'Domain not found.'
)] )]
)] )]
@ -207,27 +211,27 @@ class RequestController
#[ #[
OAT\Get( OAT\Get(
path : '/domains/{name}', path: '/domains/{name}',
operationId: 'getSingleDomain', operationId: 'getSingleDomain',
description: 'Returns information of a single domain specified by its domain name.', description: 'Returns information of a single domain specified by its domain name.',
summary : 'Returns a single domain.', summary: 'Returns a single domain.',
security : [ security: [
], ],
tags : ['Domains'], tags: ['Domains'],
parameters : [ parameters: [
new OAT\Parameter(name: 'name', in: 'path', required: true, schema: new OAT\Schema(type: 'string')), new OAT\Parameter(name: 'name', in: 'path', required: true, schema: new OAT\Schema(type: 'string')),
], ],
responses : [ responses: [
new OAT\Response( new OAT\Response(
response : 200, response: 200,
description: 'OK' description: 'OK'
), ),
new OAT\Response( new OAT\Response(
response : 401, response: 401,
description: 'API key is missing or invalid.' description: 'API key is missing or invalid.'
), ),
new OAT\Response( new OAT\Response(
response : 404, response: 404,
description: 'Domain not found.' description: 'Domain not found.'
)] )]
@ -296,8 +300,11 @@ class RequestController
} else { } else {
[$prefix,] = explode(separator: '.', string: $apiKey); [$prefix,] = explode(separator: '.', string: $apiKey);
if ($apiResult = $this->apikeyRepository->findByPrefix(prefix: $prefix)) { if ($apiResult = $this->apikeyRepository->findByPrefix(prefix: $prefix)) {
$storedHash = $apiResult->getApiToken(); $encryptedHash = $apiResult->getApikey();
if (!password_verify(password: $apiKey, hash: $storedHash)) { $encryptionKey = $this->configController->getConfig(configKey: 'encryptionKey');
$decryptedHash = $this->encryptionController->safeDecrypt(encrypted: $encryptedHash, key: $encryptionKey);
if (!password_verify(password: $apiKey, hash: $decryptedHash)) {
$this->status = "401 Unauthorized"; $this->status = "401 Unauthorized";
$this->message = "API key mismatch."; $this->message = "API key mismatch.";
return false; return false;
@ -532,19 +539,19 @@ class RequestController
if (!empty($panel->getAaaa())) { if (!empty($panel->getAaaa())) {
$domainData = $this->apiController->sendCommand( $domainData = $this->apiController->sendCommand(
requestType: 'GET', requestType: 'GET',
serverName : $panel->getName(), serverName: $panel->getName(),
versionIP : 6, versionIP: 6,
apiKey : $panel->getApikey(), apiKey: $panel->getApikey(),
command : 'domains/name/' . $domainName, command: 'domains/name/' . $domainName,
serverType : 'panel'); serverType: 'panel');
} else { } else {
$domainData = $this->apiController->sendCommand( $domainData = $this->apiController->sendCommand(
requestType: 'GET', requestType: 'GET',
serverName : $panel->getName(), serverName: $panel->getName(),
versionIP : 4, versionIP: 4,
apiKey : $panel->getApikey(), apiKey: $panel->getApikey(),
command : 'domains/name/' . $domainName, command: 'domains/name/' . $domainName,
serverType : 'panel'); serverType: 'panel');
} }
$domainDecodedData = json_decode(json: $domainData['data']); $domainDecodedData = json_decode(json: $domainData['data']);
@ -553,19 +560,19 @@ class RequestController
if (!empty($panel->getAaaa())) { if (!empty($panel->getAaaa())) {
$dnsData = $this->apiController->sendCommand( $dnsData = $this->apiController->sendCommand(
requestType: 'GET', requestType: 'GET',
serverName : $panel->getName(), serverName: $panel->getName(),
versionIP : 6, versionIP: 6,
apiKey : $panel->getApikey(), apiKey: $panel->getApikey(),
command : 'dns/' . $domainID, command: 'dns/' . $domainID,
serverType : 'panel'); serverType: 'panel');
} else { } else {
$dnsData = $this->apiController->sendCommand( $dnsData = $this->apiController->sendCommand(
requestType: 'GET', requestType: 'GET',
serverName : $panel->getName(), serverName: $panel->getName(),
versionIP : 4, versionIP: 4,
apiKey : $panel->getApikey(), apiKey: $panel->getApikey(),
command : 'dns/' . $domainID, command: 'dns/' . $domainID,
serverType : 'panel'); serverType: 'panel');
} }
$dnsDataDecoded = json_decode(json: $dnsData['data']); $dnsDataDecoded = json_decode(json: $dnsData['data']);
@ -602,22 +609,22 @@ class RequestController
if (!empty($panel->getAaaa())) { if (!empty($panel->getAaaa())) {
$result = $this->apiController->sendCommand( $result = $this->apiController->sendCommand(
requestType: 'PUT', requestType: 'PUT',
serverName : $panel->getName(), serverName: $panel->getName(),
versionIP : 6, versionIP: 6,
apiKey : $panel->getApikey(), apiKey: $panel->getApikey(),
command : 'dns/' . $domainID, command: 'dns/' . $domainID,
serverType : 'panel', serverType: 'panel',
body : json_decode(json: $newDnsData, associative: true) body: json_decode(json: $newDnsData, associative: true)
); );
} else { } else {
$result = $this->apiController->sendCommand( $result = $this->apiController->sendCommand(
requestType: 'PUT', requestType: 'PUT',
serverName : $panel->getName(), serverName: $panel->getName(),
versionIP : 4, versionIP: 4,
apiKey : $panel->getApikey(), apiKey: $panel->getApikey(),
command : 'dns/' . $domainID, command: 'dns/' . $domainID,
serverType : 'panel', serverType: 'panel',
body : json_decode(json: $newDnsData, associative: true) body: json_decode(json: $newDnsData, associative: true)
); );
} }
if ($result['header'] == 200) { if ($result['header'] == 200) {