added encryption to the first functions
This commit is contained in:
parent
19576dd6b7
commit
402934f02c
|
@ -22,17 +22,17 @@ use UnhandledMatchError;
|
|||
*/
|
||||
#[OAT\Info(version: '0.0.1', title: 'bindAPI')]
|
||||
#[OAT\Server(
|
||||
url : "{schema}://{hostname}/api",
|
||||
url: "{schema}://{hostname}/api",
|
||||
description: "The bindAPI URL.",
|
||||
variables : [
|
||||
variables: [
|
||||
new OAT\ServerVariable(
|
||||
serverVariable: "schema",
|
||||
default : "https",
|
||||
enum : ["https", "http"]
|
||||
default: "https",
|
||||
enum: ["https", "http"]
|
||||
),
|
||||
new OAT\ServerVariable(
|
||||
serverVariable: "hostname",
|
||||
default : "ns2.24unix.net",
|
||||
default: "ns2.24unix.net",
|
||||
)
|
||||
]
|
||||
)]
|
||||
|
@ -41,10 +41,10 @@ use UnhandledMatchError;
|
|||
)]
|
||||
#[OAT\SecurityScheme(
|
||||
securityScheme: "Authorization",
|
||||
type : "apiKey",
|
||||
description : "description",
|
||||
name : "X-API-Key",
|
||||
in : "header"
|
||||
type: "apiKey",
|
||||
description: "description",
|
||||
name: "X-API-Key",
|
||||
in: "header"
|
||||
)]
|
||||
class RequestController
|
||||
{
|
||||
|
@ -63,6 +63,8 @@ class RequestController
|
|||
* @param DomainRepository $domainRepository
|
||||
* @param DynDNSRepository $dynDNSRepository
|
||||
* @param PanelRepository $panelRepository
|
||||
* @param ConfigController $configController
|
||||
* @param EncryptionController $encryptionController
|
||||
* @param Logger $logger
|
||||
*/
|
||||
public function __construct(
|
||||
|
@ -72,6 +74,8 @@ class RequestController
|
|||
private readonly DomainRepository $domainRepository,
|
||||
private readonly DynDNSRepository $dynDNSRepository,
|
||||
private readonly PanelRepository $panelRepository,
|
||||
private readonly ConfigController $configController,
|
||||
private readonly EncryptionController $encryptionController,
|
||||
private readonly Logger $logger)
|
||||
{
|
||||
$this->status = '';
|
||||
|
@ -84,29 +88,29 @@ class RequestController
|
|||
* @return void
|
||||
*/
|
||||
#[OAT\Get(
|
||||
path : '/domains',
|
||||
path: '/domains',
|
||||
operationId: 'getAllDomains',
|
||||
description: 'Returns a list of all domains on this server.',
|
||||
summary : 'Listing all domains.',
|
||||
summary: 'Listing all domains.',
|
||||
// security: [
|
||||
// 'Authorization' => [
|
||||
//
|
||||
// "read:api"
|
||||
// ]
|
||||
// ],
|
||||
servers : [],
|
||||
tags : ['Domains'],
|
||||
responses : [
|
||||
servers: [],
|
||||
tags: ['Domains'],
|
||||
responses: [
|
||||
new OAT\Response(
|
||||
response : 200,
|
||||
response: 200,
|
||||
description: 'OK'
|
||||
),
|
||||
new OAT\Response(
|
||||
response : 401,
|
||||
response: 401,
|
||||
description: 'API key is missing or invalid.'
|
||||
),
|
||||
new OAT\Response(
|
||||
response : 404,
|
||||
response: 404,
|
||||
description: 'Domain not found.'
|
||||
)]
|
||||
)]
|
||||
|
@ -207,27 +211,27 @@ class RequestController
|
|||
|
||||
#[
|
||||
OAT\Get(
|
||||
path : '/domains/{name}',
|
||||
path: '/domains/{name}',
|
||||
operationId: 'getSingleDomain',
|
||||
description: 'Returns information of a single domain specified by its domain name.',
|
||||
summary : 'Returns a single domain.',
|
||||
security : [
|
||||
summary: 'Returns a single domain.',
|
||||
security: [
|
||||
],
|
||||
tags : ['Domains'],
|
||||
parameters : [
|
||||
tags: ['Domains'],
|
||||
parameters: [
|
||||
new OAT\Parameter(name: 'name', in: 'path', required: true, schema: new OAT\Schema(type: 'string')),
|
||||
],
|
||||
responses : [
|
||||
responses: [
|
||||
new OAT\Response(
|
||||
response : 200,
|
||||
response: 200,
|
||||
description: 'OK'
|
||||
),
|
||||
new OAT\Response(
|
||||
response : 401,
|
||||
response: 401,
|
||||
description: 'API key is missing or invalid.'
|
||||
),
|
||||
new OAT\Response(
|
||||
response : 404,
|
||||
response: 404,
|
||||
description: 'Domain not found.'
|
||||
)]
|
||||
|
||||
|
@ -296,8 +300,11 @@ class RequestController
|
|||
} else {
|
||||
[$prefix,] = explode(separator: '.', string: $apiKey);
|
||||
if ($apiResult = $this->apikeyRepository->findByPrefix(prefix: $prefix)) {
|
||||
$storedHash = $apiResult->getApiToken();
|
||||
if (!password_verify(password: $apiKey, hash: $storedHash)) {
|
||||
$encryptedHash = $apiResult->getApikey();
|
||||
$encryptionKey = $this->configController->getConfig(configKey: 'encryptionKey');
|
||||
$decryptedHash = $this->encryptionController->safeDecrypt(encrypted: $encryptedHash, key: $encryptionKey);
|
||||
|
||||
if (!password_verify(password: $apiKey, hash: $decryptedHash)) {
|
||||
$this->status = "401 Unauthorized";
|
||||
$this->message = "API key mismatch.";
|
||||
return false;
|
||||
|
@ -532,19 +539,19 @@ class RequestController
|
|||
if (!empty($panel->getAaaa())) {
|
||||
$domainData = $this->apiController->sendCommand(
|
||||
requestType: 'GET',
|
||||
serverName : $panel->getName(),
|
||||
versionIP : 6,
|
||||
apiKey : $panel->getApikey(),
|
||||
command : 'domains/name/' . $domainName,
|
||||
serverType : 'panel');
|
||||
serverName: $panel->getName(),
|
||||
versionIP: 6,
|
||||
apiKey: $panel->getApikey(),
|
||||
command: 'domains/name/' . $domainName,
|
||||
serverType: 'panel');
|
||||
} else {
|
||||
$domainData = $this->apiController->sendCommand(
|
||||
requestType: 'GET',
|
||||
serverName : $panel->getName(),
|
||||
versionIP : 4,
|
||||
apiKey : $panel->getApikey(),
|
||||
command : 'domains/name/' . $domainName,
|
||||
serverType : 'panel');
|
||||
serverName: $panel->getName(),
|
||||
versionIP: 4,
|
||||
apiKey: $panel->getApikey(),
|
||||
command: 'domains/name/' . $domainName,
|
||||
serverType: 'panel');
|
||||
}
|
||||
|
||||
$domainDecodedData = json_decode(json: $domainData['data']);
|
||||
|
@ -553,19 +560,19 @@ class RequestController
|
|||
if (!empty($panel->getAaaa())) {
|
||||
$dnsData = $this->apiController->sendCommand(
|
||||
requestType: 'GET',
|
||||
serverName : $panel->getName(),
|
||||
versionIP : 6,
|
||||
apiKey : $panel->getApikey(),
|
||||
command : 'dns/' . $domainID,
|
||||
serverType : 'panel');
|
||||
serverName: $panel->getName(),
|
||||
versionIP: 6,
|
||||
apiKey: $panel->getApikey(),
|
||||
command: 'dns/' . $domainID,
|
||||
serverType: 'panel');
|
||||
} else {
|
||||
$dnsData = $this->apiController->sendCommand(
|
||||
requestType: 'GET',
|
||||
serverName : $panel->getName(),
|
||||
versionIP : 4,
|
||||
apiKey : $panel->getApikey(),
|
||||
command : 'dns/' . $domainID,
|
||||
serverType : 'panel');
|
||||
serverName: $panel->getName(),
|
||||
versionIP: 4,
|
||||
apiKey: $panel->getApikey(),
|
||||
command: 'dns/' . $domainID,
|
||||
serverType: 'panel');
|
||||
}
|
||||
|
||||
$dnsDataDecoded = json_decode(json: $dnsData['data']);
|
||||
|
@ -602,22 +609,22 @@ class RequestController
|
|||
if (!empty($panel->getAaaa())) {
|
||||
$result = $this->apiController->sendCommand(
|
||||
requestType: 'PUT',
|
||||
serverName : $panel->getName(),
|
||||
versionIP : 6,
|
||||
apiKey : $panel->getApikey(),
|
||||
command : 'dns/' . $domainID,
|
||||
serverType : 'panel',
|
||||
body : json_decode(json: $newDnsData, associative: true)
|
||||
serverName: $panel->getName(),
|
||||
versionIP: 6,
|
||||
apiKey: $panel->getApikey(),
|
||||
command: 'dns/' . $domainID,
|
||||
serverType: 'panel',
|
||||
body: json_decode(json: $newDnsData, associative: true)
|
||||
);
|
||||
} else {
|
||||
$result = $this->apiController->sendCommand(
|
||||
requestType: 'PUT',
|
||||
serverName : $panel->getName(),
|
||||
versionIP : 4,
|
||||
apiKey : $panel->getApikey(),
|
||||
command : 'dns/' . $domainID,
|
||||
serverType : 'panel',
|
||||
body : json_decode(json: $newDnsData, associative: true)
|
||||
serverName: $panel->getName(),
|
||||
versionIP: 4,
|
||||
apiKey: $panel->getApikey(),
|
||||
command: 'dns/' . $domainID,
|
||||
serverType: 'panel',
|
||||
body: json_decode(json: $newDnsData, associative: true)
|
||||
);
|
||||
}
|
||||
if ($result['header'] == 200) {
|
||||
|
|
Loading…
Reference in New Issue