Added Other AP
This commit is contained in:
@@ -0,0 +1,27 @@
|
||||
<IfModule mod_rewrite.c>
|
||||
|
||||
RewriteEngine On
|
||||
RewriteBase /SAVVY/messaging/
|
||||
#RewriteBase /
|
||||
|
||||
#Checks to
|
||||
RewriteCond %{REQUEST_FILENAME} !-f
|
||||
RewriteCond %{REQUEST_FILENAME} !-d
|
||||
RewriteRule ^(.*)$ index.php?/$1 [L]
|
||||
|
||||
</IfModule>
|
||||
|
||||
<IfModule !mod_rewrite.c>
|
||||
# If we don't have mod_rewrite installed, all 404's
|
||||
# can be sent to index.php, and everything works as normal.
|
||||
# Submitted by: ElliotHaughin
|
||||
|
||||
ErrorDocument 404 /index.php
|
||||
|
||||
</IfModule>
|
||||
|
||||
#Header add Access-Control-Allow-Origin "*"
|
||||
#Header add Access-Control-Expose-Headers "Access-Control-Allow-Origin"
|
||||
#Header add Access-Control-Allow-Headers "Cache-Control, Pragma, Origin, Authorization, Content-Type, X-Requested-With"
|
||||
#Header add Access-Control-Allow-Methods "POST, GET, PUT, DELETE, OPTIONS"
|
||||
#Header add Content-type "application/json"
|
||||
@@ -0,0 +1,95 @@
|
||||
<?php
|
||||
|
||||
class Auth {
|
||||
|
||||
public function getMemberSession($db, $member_id, $sessionid) {
|
||||
$db_sessionid = pg_escape_string($sessionid);
|
||||
$q = "SELECT * FROM members_session WHERE member_id=".((int)$member_id)." AND session='${db_sessionid}' ORDER BY updated DESC";
|
||||
$r = pg_query($db, $q);
|
||||
if ($r && pg_num_rows($r) && $f=pg_fetch_assoc($r)) {
|
||||
return $f;
|
||||
}
|
||||
return NULL;
|
||||
}
|
||||
|
||||
public function getMemberSessionBySessionID($db, $sessionid) {
|
||||
$db_sessionid = pg_escape_string($sessionid);
|
||||
$q = "SELECT * FROM members_session WHERE session='${db_sessionid}' ORDER BY updated DESC";
|
||||
$r = pg_query($db, $q);
|
||||
if ($r && pg_num_rows($r) && $f=pg_fetch_assoc($r)) {
|
||||
return $f;
|
||||
}
|
||||
return NULL;
|
||||
}
|
||||
|
||||
public function getMemberDevice($db, $data) {
|
||||
unset($data["sessionid"]);
|
||||
$model = Push::getModelByName($db, $data["model"]);
|
||||
$data["model_id"] = ($model && isset($model["id"])) ? $model["id"] : 0;
|
||||
unset($data["model"]);
|
||||
$platform = Push::getPlatformByName($db, $data["platform"]);
|
||||
$data["platform_id"] = ($platform && isset($platform["id"])) ? $platform["id"] : 0;
|
||||
unset($data["platform"]);
|
||||
$manufacturer = Push::getManufacturerByName($db, $data["manufacturer"]);
|
||||
$data["manufacturer"] = ($manufacturer && isset($manufacturer["id"])) ? $manufacturer["id"] : 0;
|
||||
unset($data["manufacturer"]);
|
||||
$q = "SELECT * FROM members_devices WHERE id>0";
|
||||
foreach ($data as $key=>$val) {
|
||||
if ($key=='is_virtual') {
|
||||
$q.= " AND ${key}='".((!$val || $val=='')?'f':'t')."'";
|
||||
} else {
|
||||
$q.= " AND ${key}='".pg_escape_string($val)."'";
|
||||
}
|
||||
}
|
||||
error_log($q);
|
||||
$r = pg_query($db, $q);
|
||||
if ($r && pg_num_rows($r) && $f=pg_fetch_assoc($r)) {
|
||||
return $f;
|
||||
}
|
||||
return NULL;
|
||||
}
|
||||
|
||||
public function saveTokens($db, $id, $refresh_token, $access_token) {
|
||||
$db_refresh_token = pg_escape_string(substr($refresh_token,0,36));
|
||||
$db_access_token = pg_escape_string(substr($access_token,0,36));
|
||||
$q = "UPDATE members_devices SET refresh_token='${db_refresh_token}', access_token='${db_access_token}', updated=now(), status=1 WHERE id=".((int)$id)." RETURNING *";
|
||||
error_log($q);
|
||||
$r = pg_query($db, $q);
|
||||
if ($r && pg_num_rows($r) && $f=pg_fetch_assoc($r)) {
|
||||
return $f;
|
||||
}
|
||||
return NULL;
|
||||
}
|
||||
|
||||
public function getMemberById($db, $member_id) {
|
||||
$q = "SELECT * FROM members WHERE id=".((int)$member_id);
|
||||
$r = pg_query($db, $q);
|
||||
if ($r && pg_num_rows($r) && $f=pg_fetch_assoc($r)) {
|
||||
return $f;
|
||||
}
|
||||
return NULL;
|
||||
}
|
||||
|
||||
public function verifyAccessToken($db, $member_id, $acces_token) {
|
||||
$db_acces_token = pg_escape_string(substr($acces_token,0,36));
|
||||
$q = "SELECT * FROM members_devices WHERE member_id=".((int)$member_id)." AND access_token='${db_access_token}' ORDER BY id DESC";
|
||||
$r = pg_query($db, $q);
|
||||
if ($r && pg_num_rows($r) && $f=pg_fetch_assoc($r)) {
|
||||
return $f;
|
||||
}
|
||||
return NULL;
|
||||
}
|
||||
|
||||
public function verifyRefreshToken($db, $member_id, $refresh_token) {
|
||||
$db_acces_token = pg_escape_string(substr($refresh_token,0,36));
|
||||
$q = "SELECT * FROM members_devices WHERE member_id=".((int)$member_id)." AND refresh_token='${db_refresh_token}' ORDER BY id DESC";
|
||||
$r = pg_query($db, $q);
|
||||
if ($r && pg_num_rows($r) && $f=pg_fetch_assoc($r)) {
|
||||
return $f;
|
||||
}
|
||||
return NULL;
|
||||
}
|
||||
}
|
||||
|
||||
// vi:ts=2
|
||||
|
||||
@@ -0,0 +1,200 @@
|
||||
<?php
|
||||
|
||||
class AuthApi extends Api
|
||||
{
|
||||
public $apiName = 'auth';
|
||||
|
||||
public function __construct($requestUri, $encryption=true) {
|
||||
$this->requestWhitelist['createAction'] = 1;
|
||||
$this->requestWhitelist['indexAction'] = 1;
|
||||
parent::__construct($requestUri, $encryption);
|
||||
}
|
||||
|
||||
public function indexAction()
|
||||
{
|
||||
error_log("AuthApi::indexAction()");
|
||||
$message = 'Unhandled exception';
|
||||
$headers = getallheaders();
|
||||
try {
|
||||
if (!isset($headers["x-session-id"]) || $headers["x-session-id"]=="") {
|
||||
throw new Exception('Invalid session ID');
|
||||
}
|
||||
$db = new Db();
|
||||
$session = Auth::getMemberSessionBySessionID($db->getConnect(), $headers["x-session-id"]);
|
||||
if (!is_array($session) || !array_key_exists('member_id',$session) || $session['member_id']<1) {
|
||||
throw new Exception('Session was not found');
|
||||
}
|
||||
return $this->response([
|
||||
"member_id" => $session['member_id'],
|
||||
"session" => $session['session'],
|
||||
"created" => $session['created'],
|
||||
"updated" => $session['updated']
|
||||
], 200);
|
||||
} catch (Exception $e) {
|
||||
$message = $e->getMessage();
|
||||
error_log($message);
|
||||
}
|
||||
// Check session
|
||||
return $this->response(
|
||||
array(
|
||||
'error' => $message
|
||||
), 404);
|
||||
}
|
||||
|
||||
/**
|
||||
* Method GET
|
||||
* Get single record (by id)
|
||||
* http://DOMAIN/auth/1
|
||||
* @return string
|
||||
*/
|
||||
public function viewAction()
|
||||
{
|
||||
//id must be the first parameter after /address/x
|
||||
$member_id = array_shift($this->requestUri);
|
||||
$headers = getallheaders();
|
||||
$message = 'Data not found';
|
||||
|
||||
try {
|
||||
if(!$member_id || (int)$member_id<1) {
|
||||
throw new Exception("Invalid member ID");
|
||||
}
|
||||
$db = new Db();
|
||||
$member = Auth::getMemberById($db->getConnect(), (int)$member_id);
|
||||
if(!$member || !isset($member["id"])) {
|
||||
throw new Exception("Invalid member ID");
|
||||
}
|
||||
if (isset($headers["sessionid"]) && $headers["sessionid"]!="") {
|
||||
$session = Auth::getMemberSession($db->getConnect(), (int)$member_id, $headers["sessionid"]);
|
||||
if (!$session || !isset($session["id"])) {
|
||||
throw new Exception("Invalid session ID");
|
||||
}
|
||||
}
|
||||
if (isset($headers["access_token"]) && $headers["access_token"]!="") {
|
||||
$device = Auth::verifyAccessToken($db->getConnect(), (int)$member_id, $headers["access_token"]);
|
||||
if (!$devices || !isset($device["id"])) {
|
||||
throw new Exception("Invalid access token");
|
||||
}
|
||||
return $this->response($member, 200);
|
||||
}
|
||||
if (isset($headers["refresh_token"]) && $headers["refresh_token"]!="") {
|
||||
$device = Auth::verifyRefreshToken($db->getConnect(), (int)$member_id, $headers["refresh_token"]);
|
||||
if (!$devices || !isset($device["id"])) {
|
||||
throw new Exception("Invalid refresh token");
|
||||
}
|
||||
// Get new tokens
|
||||
$device = self::generateTokens($db, $device["id"]);
|
||||
$member["refresh_token"] = $device["refresh_token"];
|
||||
$member["access_token"] = $device["access_token"];
|
||||
return $this->response($member, 200);
|
||||
}
|
||||
return $this->response($member, 200);
|
||||
} catch (Exception $e) {
|
||||
$message = $e->getMessage();
|
||||
}
|
||||
return $this->response(
|
||||
array(
|
||||
'error'=> $message
|
||||
), 404);
|
||||
}
|
||||
|
||||
public function createAction()
|
||||
{
|
||||
error_log("AuthApi::createAction()");
|
||||
$message = "Data not found";
|
||||
$sessionid = $this->requestParams["sessionid"] ?? "";
|
||||
$member_id = (int)($this->requestParams["member_id"] ?? "0");
|
||||
$cordova = $this->requestParams["cordova"] ?? "";
|
||||
$model = $this->requestParams["model"] ?? "";
|
||||
$platform = $this->requestParams["platform"] ?? "";
|
||||
$uuid = $this->requestParams["uuid"] ?? "";
|
||||
$version = $this->requestParams["version"] ?? "";
|
||||
$manufacturer = $this->requestParams["manufacturer"] ?? "";
|
||||
$is_virtual = $this->requestParams["is_virtual"] ?? "false";
|
||||
$player_id = $this->requestParams["player_id"] ?? "";
|
||||
$country = $this->requestParams["country"] ?? "SG";
|
||||
$access_token = $this->requestParams["access_token"] ?? "";
|
||||
$refresh_token = $this->requestParams["refresh_token"] ?? "";
|
||||
error_log("member_id=".$member_id);
|
||||
error_log("player_id=".$player_id);
|
||||
error_log("sessionid=".$sessionid);
|
||||
error_log("access_token=".$access_token);
|
||||
error_log("refresh_token=".$refresh_token);
|
||||
try {
|
||||
if ($member_id<1 || $sessionid=="") {
|
||||
throw new Exception('Invalid member and/or session ID');
|
||||
}
|
||||
$data = [
|
||||
'member_id' => $member_id,
|
||||
'sessionid' => $sessionid,
|
||||
'player_id' => $player_id,
|
||||
'cordova' => $cordova,
|
||||
'model' => $model,
|
||||
'platform' => $platform,
|
||||
'uuid' => $uuid,
|
||||
'version' => $version,
|
||||
'manufacturer' => $manufacturer,
|
||||
'is_virtual' => $is_virtual,
|
||||
'country' => $country,
|
||||
'access_token' => $access_token,
|
||||
'refresh_token' => $refresh_token
|
||||
];
|
||||
$db = new Db();
|
||||
$session = Auth::getMemberSession($db->getConnect(), $member_id, $sessionid);
|
||||
if ($session==NULL || !isset($session["id"])) {
|
||||
throw new Exception('Invalid member session ID');
|
||||
}
|
||||
$device = Auth::getMemberDevice($db->getConnect(), $data);
|
||||
if ($device==NULL || !isset($device["id"])) {
|
||||
$device = Push::saveMemberPlayerId($db->getConnect(), $data);
|
||||
}
|
||||
if ($device==NULL || !isset($device["id"])) {
|
||||
throw new Exception('Failed to create or load device record');
|
||||
}
|
||||
// Generate new access/refresh tokens
|
||||
$generator = new RandomStringGenerator();
|
||||
$tokenLength = 36;
|
||||
$access_token = $generator->generate($tokenLength);
|
||||
$refresh_token = $generator->generate($tokenLength);
|
||||
$device = Auth::saveTokens($db->getConnect(), $device["id"], $refresh_token, $access_token);
|
||||
if ($device==NULL || !isset($device["id"])) {
|
||||
throw new Exception('Failed to persist tokens');
|
||||
}
|
||||
return $this->response($device, 200);
|
||||
} catch (Exception $e) {
|
||||
$message = $e->getMessage();
|
||||
}
|
||||
return $this->response(
|
||||
array(
|
||||
"error" => $message
|
||||
), 404);
|
||||
}
|
||||
|
||||
public function updateAction()
|
||||
{
|
||||
return $this->response(
|
||||
array(
|
||||
"error" => "Update error"
|
||||
), 400);
|
||||
}
|
||||
|
||||
public function deleteAction()
|
||||
{
|
||||
return $this->response(
|
||||
array(
|
||||
"error" => "Delete error"
|
||||
), 500);
|
||||
}
|
||||
|
||||
public function generateTokens($db, $id) {
|
||||
// Generate new access/refresh tokens
|
||||
$generator = new RandomStringGenerator();
|
||||
$tokenLength = 36;
|
||||
$access_token = $generator->generate($tokenLength);
|
||||
$refresh_token = $generator->generate($tokenLength);
|
||||
$device = Auth::saveTokens($db->getConnect(), $id, $refresh_token, $access_token);
|
||||
if ($device==NULL || !isset($device["id"])) {
|
||||
throw new Exception('Failed to persist tokens');
|
||||
}
|
||||
return $device;
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,26 @@
|
||||
<?php
|
||||
|
||||
class Crash {
|
||||
|
||||
public function create($db, $member_id, $ip, $callstack, $data, $notes) {
|
||||
syslog(LOG_WARNING,"Crash::create(\$db, $member_id, $ip, \$callstack, \$data, \$notes)");
|
||||
$db_member_id = (int)$member_id;
|
||||
$db_ip = pg_escape_string($ip);
|
||||
$db_callstack = pg_escape_string($callstack);
|
||||
$db_data = pg_escape_string($data);
|
||||
$db_notes = pg_escape_string($notes);
|
||||
$db_number = md5(time());
|
||||
|
||||
$q = "INSERT INTO crash_log (member_id, ip, callstack, data, notes, number) ";
|
||||
$q.= " VALUES(${db_member_id}, '${db_ip}', '${db_callstack}', '${db_data}', '${db_notes}','${db_number}') RETURNING id,number";
|
||||
//syslog(LOG_WARNING,$q);
|
||||
$r = pg_query($db, $q);
|
||||
if ($r && pg_num_rows($r) && $f=pg_fetch_assoc($r)) {
|
||||
return $f;
|
||||
}
|
||||
return NULL;
|
||||
}
|
||||
}
|
||||
|
||||
// vi:ts=2
|
||||
|
||||
@@ -0,0 +1,86 @@
|
||||
<?php
|
||||
|
||||
class CrashApi extends Api
|
||||
{
|
||||
public $apiName = 'crash';
|
||||
|
||||
public function __construct($requestUri, $encryption=true) {
|
||||
$this->requestWhitelist['createAction'] = 1;
|
||||
parent::__construct($requestUri, $encryption);
|
||||
}
|
||||
|
||||
public function indexAction()
|
||||
{
|
||||
return $this->response(
|
||||
array(
|
||||
'error' => 'Data not found'
|
||||
), 404);
|
||||
}
|
||||
|
||||
/**
|
||||
* Method GET
|
||||
* Get single record (by id)
|
||||
* http://DOMAIN/address/1
|
||||
* @return string
|
||||
*/
|
||||
public function viewAction()
|
||||
{
|
||||
return $this->response(
|
||||
array(
|
||||
'error'=> 'Data not found'
|
||||
), 404);
|
||||
}
|
||||
|
||||
public function createAction()
|
||||
{
|
||||
syslog(LOG_WARNING,"CrashApi::createAction()");
|
||||
$message = "CrashApi data not found";
|
||||
|
||||
$member_id = $this->requestParams["member_id"] ?? "";
|
||||
$ip = $this->clientIP;
|
||||
$callstack = $this->requestParams["callstack"] ?? "";
|
||||
$data = $this->requestParams["data"] ?? "";
|
||||
$notes = $this->requestParams["notes"] ?? "";
|
||||
|
||||
try {
|
||||
if ($callback=="" && $data=="" && $notes=="") {
|
||||
throw new Exception('No data to save in the crash log');
|
||||
}
|
||||
$db = new Db();
|
||||
$res = Crash::create(
|
||||
$db->getConnect(), $member_id, $ip, $callstack, $data, $notes
|
||||
);
|
||||
if (!$res || !array_key_exists('id',$res) || $res['id']<1) {
|
||||
syslog(LOG_WARNING, "$member_id, $ip, $callstack, $data, $notes");
|
||||
throw new Exception('Failed to create the crash log record');
|
||||
}
|
||||
return $this->response([
|
||||
"id" => $res["id"],
|
||||
"number" => $res["number"]
|
||||
],200);
|
||||
} catch (Exception $e) {
|
||||
$message = $e->getMessage();
|
||||
syslog(LOG_WARNING,$message);
|
||||
}
|
||||
return $this->response(
|
||||
array(
|
||||
"error" => $message
|
||||
), 404);
|
||||
}
|
||||
|
||||
public function updateAction()
|
||||
{
|
||||
return $this->response(
|
||||
array(
|
||||
"error" => "Update error"
|
||||
), 400);
|
||||
}
|
||||
|
||||
public function deleteAction()
|
||||
{
|
||||
return $this->response(
|
||||
array(
|
||||
"error" => "Delete error"
|
||||
), 500);
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,112 @@
|
||||
<?php
|
||||
|
||||
class Push {
|
||||
|
||||
public function getMemberPlayerId($db, $member_id, $player_id, $access_token) {
|
||||
$db_player_id = pg_escape_string($player_id);
|
||||
$db_access_token = pg_escape_string(substr($access_token,0,36));
|
||||
$q = "SELECT * FROM members_devices WHERE member_id=".((int)$member_id)." AND player_id='${db_player_id}' AND (player_id<>'' OR model_id=1)";
|
||||
error_log($q);
|
||||
$r = pg_query($db, $q);
|
||||
if ($r && pg_num_rows($r) && $f=pg_fetch_assoc($r)) {
|
||||
return $f;
|
||||
}
|
||||
$q = "SELECT * FROM members_devices WHERE member_id=".((int)$member_id)." AND player_id='' AND access_token='${db_access_token}'";
|
||||
error_log($q);
|
||||
$r = pg_query($db, $q);
|
||||
if ($r && pg_num_rows($r) && $f=pg_fetch_assoc($r)) {
|
||||
return $f;
|
||||
}
|
||||
return NULL;
|
||||
}
|
||||
|
||||
public function saveMemberPlayerId($db, $data) {
|
||||
$db_player_id = pg_escape_string(substr($data['player_id'],0,36));
|
||||
$db_cordova = pg_escape_string(substr($data['cordova'],0,10));
|
||||
$model = Push::getModelByName($db, $data['model']);
|
||||
$model_id = $model==NULL?0:$model['id'];
|
||||
$platform = Push::getPlatformByName($db, $data['platform']);
|
||||
$platform_id = $platform==NULL?0:$platform['id'];
|
||||
$db_uuid = pg_escape_string(substr($data['uuid'],0,36));
|
||||
$db_version = pg_escape_string(substr($data['version'],0,10));
|
||||
$manufacturer = Push::getManufacturerByName($db, $data['manufacturer']);
|
||||
$manufacturer_id = $manufacturer==NULL?0:$manufacturer['id'];
|
||||
$is_virtual = (!$data['is_virtual'] || $data['is_virtual']=='') ? 'f' : 't';
|
||||
$db_country = pg_escape_string($data['country']);
|
||||
$db_access_token = pg_escape_string($data['access_token']);
|
||||
$db_refresh_token = pg_escape_string($data['refresh_token']);
|
||||
|
||||
$device = Push::getMemberPlayerId($db, $data['member_id'], $data['player_id'], $data['access_token']);
|
||||
if ($device && isset($device["id"]) && $device["id"]>0) {
|
||||
$q = "UPDATE members_devices SET ".(($device["player_id"]=="" || $device["player_id"]!=$data['player_id'])?"player_id='${db_player_id}',":"");
|
||||
$q.= "cordova='${db_cordova}',model_id=".((int)$model_id).",platform_id=".((int)$platform_id).",uuid='${db_uuid}',version='${db_version}',";
|
||||
$q.= "manufacturer_id=".((int)$manufacturer_id).",is_virtual='${is_virtual}', updated=now(), status=1, ";
|
||||
$q.= "country='${db_country}'";
|
||||
$q.= " WHERE id=".$device['id']." RETURNING *";
|
||||
error_log($q);
|
||||
$r = pg_query($db, $q);
|
||||
if ($r && pg_num_rows($r) && $f=pg_fetch_assoc($r)) {
|
||||
return $f; // Updated
|
||||
}
|
||||
return $device; // No update
|
||||
} else {
|
||||
$q = "INSERT INTO members_devices (member_id,player_id,cordova,model_id,platform_id,uuid,version,manufacturer_id,is_virtual,access_token,refresh_token,status,country) VALUES (";
|
||||
$q.= ((int)$data['member_id']).",'${db_player_id}','${db_cordova}',".((int)$model_id).",".((int)$platform_id).",'${db_uuid}','${db_version}',".((int)$manufacturer_id).",";
|
||||
$q.= "'${is_virtual}','${db_access_token}','${db_refresh_token}',1,'${db_country}') RETURNING *";
|
||||
error_log($q);
|
||||
$r = pg_query($db, $q);
|
||||
if ($r && pg_num_rows($r) && $f=pg_fetch_assoc($r)) {
|
||||
return $f; // New record
|
||||
}
|
||||
}
|
||||
return NULL;
|
||||
}
|
||||
|
||||
public function getModelByName($db, $model) {
|
||||
$db_model = pg_escape_string(substr($model,0,100));
|
||||
$q = "SELECT * FROM members_device_models WHERE lower(model)=lower('${db_model}')";
|
||||
$r = pg_query($db, $q);
|
||||
if ($r && pg_num_rows($r) && $f=pg_fetch_assoc($r)) {
|
||||
return $f;
|
||||
}
|
||||
$q = "INSERT INTO members_device_models (model) VALUES ('${db_model}') RETURNING *";
|
||||
$r = pg_query($db, $q);
|
||||
if ($r && pg_num_rows($r) && $f=pg_fetch_assoc($r)) {
|
||||
return $f;
|
||||
}
|
||||
return NULL;
|
||||
}
|
||||
|
||||
public function getPlatformByName($db, $platform) {
|
||||
$db_platform = pg_escape_string(substr($platform,0,50));
|
||||
$q = "SELECT * FROM members_device_platforms WHERE lower(platform)=lower('${db_platform}')";
|
||||
$r = pg_query($db, $q);
|
||||
if ($r && pg_num_rows($r) && $f=pg_fetch_assoc($r)) {
|
||||
return $f;
|
||||
}
|
||||
$q = "INSERT INTO members_device_platforms (platform) VALUES ('${db_platform}') RETURNING *";
|
||||
$r = pg_query($db, $q);
|
||||
if ($r && pg_num_rows($r) && $f=pg_fetch_assoc($r)) {
|
||||
return $f;
|
||||
}
|
||||
return NULL;
|
||||
}
|
||||
|
||||
public function getManufacturerByName($db, $manufacturer) {
|
||||
$db_manufacturer = pg_escape_string(substr($manufacturer,0,50));
|
||||
$q = "SELECT * FROM members_device_manufacturers WHERE lower(manufacturer)=lower('${db_manufacturer}')";
|
||||
$r = pg_query($db, $q);
|
||||
if ($r && pg_num_rows($r) && $f=pg_fetch_assoc($r)) {
|
||||
return $f;
|
||||
}
|
||||
$q = "INSERT INTO members_device_manufacturers (manufacturer) VALUES ('${db_manufacturer}') RETURNING *";
|
||||
$r = pg_query($db, $q);
|
||||
if ($r && pg_num_rows($r) && $f=pg_fetch_assoc($r)) {
|
||||
return $f;
|
||||
}
|
||||
return NULL;
|
||||
}
|
||||
}
|
||||
|
||||
// vi:ts=2
|
||||
|
||||
@@ -0,0 +1,136 @@
|
||||
<?php
|
||||
|
||||
class PushApi extends Api
|
||||
{
|
||||
public $apiName = 'push';
|
||||
|
||||
public function __construct($requestUri, $encryption=true) {
|
||||
$this->requestWhitelist['createAction'] = 1;
|
||||
parent::__construct($requestUri, $encryption);
|
||||
}
|
||||
|
||||
public function indexAction()
|
||||
{
|
||||
return $this->response(
|
||||
array(
|
||||
'error' => 'Data not found'
|
||||
), 404);
|
||||
}
|
||||
|
||||
/**
|
||||
* Method GET
|
||||
* Get single record (by id)
|
||||
* http://DOMAIN/address/1
|
||||
* @return string
|
||||
*/
|
||||
public function viewAction()
|
||||
{
|
||||
//id must be the first parameter after /address/x
|
||||
$id = array_shift($this->requestUri);
|
||||
|
||||
if($id && (int)$id>0){
|
||||
/*$db = new Db();
|
||||
$address = Address::getAddressById($db->getConnect(), (int)$id);
|
||||
if(is_array($address) && count($address)>0){
|
||||
return $this->response($address, 200);
|
||||
}*/
|
||||
}
|
||||
return $this->response(
|
||||
array(
|
||||
'error'=> 'Data not found'
|
||||
), 404);
|
||||
}
|
||||
|
||||
public function createAction()
|
||||
{
|
||||
error_log("PushApi::createAction()");
|
||||
$message = "Data not found";
|
||||
$player_id = $this->requestParams["player_id"] ?? "";
|
||||
$member_id = (int)($this->requestParams["member_id"] ?? "0");
|
||||
$cordova = $this->requestParams["cordova"] ?? "";
|
||||
$model = $this->requestParams["model"] ?? "";
|
||||
$platform = $this->requestParams["platform"] ?? "";
|
||||
$uuid = $this->requestParams["uuid"] ?? "";
|
||||
$version = $this->requestParams["version"] ?? "";
|
||||
$manufacturer = $this->requestParams["manufacturer"] ?? "";
|
||||
$is_virtual = $this->requestParams["is_virtual"] ?? "false";
|
||||
$country = $this->requestParams["country"] ?? "SG";
|
||||
$sessionid = $this->requestParams["sessionid"] ?? "";
|
||||
$access_token = $this->requestParams["access_token"] ?? "";
|
||||
$refresh_token = $this->requestParams["refresh_token"] ?? "";
|
||||
error_log("member_id=".$member_id);
|
||||
error_log("player_id=".$player_id);
|
||||
error_log("sessionid=".$sessionid);
|
||||
error_log("access_token=".$access_token);
|
||||
error_log("refresh_token=".$refresh_token);
|
||||
try {
|
||||
$db = new Db();
|
||||
$session = Auth::getMemberSession($db->getConnect(), $member_id, $sessionid);
|
||||
if ($session==NULL || !isset($session["id"])) {
|
||||
error_log('Invalid member session ID - cannot save player ID!');
|
||||
throw new Exception('Invalid member session ID');
|
||||
}
|
||||
if ($member_id<1 || $player_id=="") {
|
||||
throw new Exception('Invalid member and/or player ID');
|
||||
}
|
||||
$data = [
|
||||
'member_id' => $member_id,
|
||||
'player_id' => $player_id,
|
||||
'cordova' => $cordova,
|
||||
'model' => $model,
|
||||
'platform' => $platform,
|
||||
'uuid' => $uuid,
|
||||
'version' => $version,
|
||||
'manufacturer' => $manufacturer,
|
||||
'is_virtual' => $is_virtual,
|
||||
'country' => $country,
|
||||
'access_token' => $access_token,
|
||||
'refresh_token' => $refresh_token
|
||||
];
|
||||
$result = Push::getMemberPlayerId($db->getConnect(), $member_id, $player_id, $access_token);
|
||||
if ($result!=NULL && is_array($result) && $result["id"]>0) {
|
||||
if ($result["access_token"]=="" || $result["refresh_token"]=="") {
|
||||
$result = AuthApi::generateTokens($db, $result["id"]);
|
||||
$data['access_token'] = $result['access_token'];
|
||||
$data['refresh_token'] = $result['refresh_token'];
|
||||
}
|
||||
// This will update the data...
|
||||
$updated = Push::saveMemberPlayerId($db->getConnect(), $data);
|
||||
if ($updated!=NULL && is_array($updated) && $updated["id"]>0) {
|
||||
return $this->response($updated, 200);
|
||||
}
|
||||
return $this->response($result, 200);
|
||||
}
|
||||
$result = Push::saveMemberPlayerId($db->getConnect(), $data);
|
||||
if ($result!=NULL && is_array($result) && $result["id"]>0) {
|
||||
if ($result["access_token"]=="" || $result["refresh_token"]=="") {
|
||||
$result = AuthApi::generateTokens($db, $result["id"]);
|
||||
}
|
||||
return $this->response($result, 200);
|
||||
}
|
||||
return $this->response(array("error" => "Failed to save"),500);
|
||||
} catch (Exception $e) {
|
||||
$message = $e->getMessage();
|
||||
}
|
||||
return $this->response(
|
||||
array(
|
||||
"error" => $message
|
||||
), 404);
|
||||
}
|
||||
|
||||
public function updateAction()
|
||||
{
|
||||
return $this->response(
|
||||
array(
|
||||
"error" => "Update error"
|
||||
), 400);
|
||||
}
|
||||
|
||||
public function deleteAction()
|
||||
{
|
||||
return $this->response(
|
||||
array(
|
||||
"error" => "Delete error"
|
||||
), 500);
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,41 @@
|
||||
<?php
|
||||
|
||||
class Version {
|
||||
|
||||
|
||||
public function getAppVersion($db, $platform_name, $rev_count, $short_hash) {
|
||||
syslog(LOG_WARNING,"Version::getAppVersion(\$db, $platform_name, $rev_count, $short_hash)");
|
||||
$platform = Push::getPlatformByName($db, $platform_name);
|
||||
$platform_id = $platform==NULL?0:$platform['id'];
|
||||
$db_rev_count = (int)$rev_count;
|
||||
$db_short_hash = pg_escape_string($short_hash);
|
||||
|
||||
$q = "SELECT * FROM myfloat_version WHERE platform_id=${platform_id} AND rev_count=${db_rev_count} AND short_hash='${db_short_hash}'";
|
||||
syslog(LOG_WARNING,$q);
|
||||
$r = pg_query($db, $q);
|
||||
if ($r && pg_num_rows($r) && $f=pg_fetch_assoc($r)) {
|
||||
return $f;
|
||||
}
|
||||
return NULL;
|
||||
}
|
||||
|
||||
public function getNewAppVersion($db, $platform_name, $rev_count, $short_hash) {
|
||||
syslog(LOG_WARNING,"Version::getNewAppVersion(\$db, $platform_name, $rev_count, $short_hash)");
|
||||
$platform = Push::getPlatformByName($db, $platform_name);
|
||||
$platform_id = $platform==NULL?0:$platform['id'];
|
||||
$db_rev_count = (int)$rev_count;
|
||||
$db_short_hash = pg_escape_string($short_hash);
|
||||
|
||||
$q = "SELECT * FROM myfloat_version WHERE platform_id=${platform_id} AND rev_count>${db_rev_count} AND short_hash<>'${db_short_hash}'";
|
||||
$q.= " ORDER BY rev_count DESC LIMIT 1";
|
||||
syslog(LOG_WARNING,$q);
|
||||
$r = pg_query($db, $q);
|
||||
if ($r && pg_num_rows($r) && $f=pg_fetch_assoc($r)) {
|
||||
return $f;
|
||||
}
|
||||
return NULL;
|
||||
}
|
||||
}
|
||||
|
||||
// vi:ts=2
|
||||
|
||||
@@ -0,0 +1,80 @@
|
||||
<?php
|
||||
|
||||
class VersionApi extends Api
|
||||
{
|
||||
public $apiName = 'version';
|
||||
|
||||
public function __construct($requestUri, $encryption=true) {
|
||||
$this->requestWhitelist['createAction'] = 1;
|
||||
parent::__construct($requestUri, $encryption);
|
||||
}
|
||||
|
||||
public function indexAction()
|
||||
{
|
||||
return $this->response(
|
||||
array(
|
||||
'error' => 'Data not found'
|
||||
), 404);
|
||||
}
|
||||
|
||||
/**
|
||||
* Method GET
|
||||
* Get single record (by id)
|
||||
* http://DOMAIN/address/1
|
||||
* @return string
|
||||
*/
|
||||
public function viewAction()
|
||||
{
|
||||
return $this->response(
|
||||
array(
|
||||
'error'=> 'Data not found'
|
||||
), 404);
|
||||
}
|
||||
|
||||
public function createAction()
|
||||
{
|
||||
syslog(LOG_WARNING,"VersionApi::createAction()");
|
||||
$message = "Version data not found";
|
||||
|
||||
$platform = $this->requestParams["platform"] ?? "";
|
||||
$rev_count = $this->requestParams["rev_count"] ?? "";
|
||||
$short_hash = $this->requestParams["short_hash"] ?? "";
|
||||
|
||||
try {
|
||||
$db = new Db();
|
||||
$current = Version::getAppVersion($db->getConnect(), $platform, $rev_count, $short_hash);
|
||||
$newer = Version::getNewAppVersion($db->getConnect(), $platform, $rev_count, $short_hash);
|
||||
if ((!is_array($current) || !array_key_exists("id",$current))
|
||||
&& (!is_array($newer) || !array_key_exists("id",$newer))) {
|
||||
syslog(LOG_WARNING,'Invalid platform and/or revision and/or hash');
|
||||
throw new Exception('Invalid platform and/or revision and/or hash');
|
||||
}
|
||||
return $this->response([
|
||||
"current" => $current,
|
||||
"newer" => $newer
|
||||
],200);
|
||||
} catch (Exception $e) {
|
||||
$message = $e->getMessage();
|
||||
}
|
||||
return $this->response(
|
||||
array(
|
||||
"error" => $message
|
||||
), 404);
|
||||
}
|
||||
|
||||
public function updateAction()
|
||||
{
|
||||
return $this->response(
|
||||
array(
|
||||
"error" => "Update error"
|
||||
), 400);
|
||||
}
|
||||
|
||||
public function deleteAction()
|
||||
{
|
||||
return $this->response(
|
||||
array(
|
||||
"error" => "Delete error"
|
||||
), 500);
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,69 @@
|
||||
<?php
|
||||
require_once('../../core/backend.php');
|
||||
require_once('../constants.php');
|
||||
|
||||
require_once('../common/Api.php');
|
||||
require_once('../common/Db.php');
|
||||
require_once('../common/RandomStringGenerator.php');
|
||||
|
||||
require_once('Auth.php');
|
||||
require_once('AuthApi.php');
|
||||
|
||||
require_once('Crash.php');
|
||||
require_once('CrashApi.php');
|
||||
|
||||
require_once('Push.php');
|
||||
require_once('PushApi.php');
|
||||
|
||||
require_once('Version.php');
|
||||
require_once('VersionApi.php');
|
||||
|
||||
$httpAuthToken = $savvyext->cfgReadChar('system.oauth2_token');
|
||||
|
||||
header("Access-Control-Allow-Origin: *");
|
||||
header("Access-Control-Expose-Headers: Access-Control-Allow-Origin");
|
||||
header("Access-Control-Allow-Headers: Cache-Control, Pragma, Origin, Authorization, Content-Type, X-Requested-With, client_id");
|
||||
header("Access-Control-Allow-Methods: POST, GET, PUT, DELETE, OPTIONS");
|
||||
header('Content-type: application/json');
|
||||
|
||||
if ("OPTIONS" === $_SERVER['REQUEST_METHOD']) {
|
||||
exit();
|
||||
}
|
||||
|
||||
$headers = getallheaders();
|
||||
if ((!isset($headers["Authorization"]) || substr($headers["Authorization"],-strlen($httpAuthToken))!=$httpAuthToken) &&
|
||||
(!isset($headers["authorization"]) || substr($headers["authorization"],-strlen($httpAuthToken))!=$httpAuthToken)) {
|
||||
header('HTTP/1.1 401 Unauthorized');
|
||||
header('Status: 401 Unauthorized');
|
||||
echo "{\"status\":\"Missing authorization\"}";
|
||||
exit();
|
||||
}
|
||||
|
||||
try {
|
||||
if (strpos($_SERVER['REQUEST_URI'],'/api/')===false) {
|
||||
throw new Exception("Invalid API request");
|
||||
}
|
||||
$requestUri = explode('/', trim($_SERVER['REQUEST_URI'],'/'));
|
||||
while (array_shift($requestUri) !== 'api') {
|
||||
};
|
||||
if ($requestUri[0]=='auth') {
|
||||
$api = new AuthApi($requestUri);
|
||||
}
|
||||
else if ($requestUri[0]=='crash') {
|
||||
$api = new CrashApi($requestUri);
|
||||
}
|
||||
else if ($requestUri[0]=='push') {
|
||||
$api = new PushApi($requestUri);
|
||||
}
|
||||
else if ($requestUri[0]=='version') {
|
||||
$api = new VersionApi($requestUri);
|
||||
}
|
||||
else {
|
||||
echo json_encode(Array('error' => 'Invalid API request'));
|
||||
}
|
||||
echo $api->run();
|
||||
}
|
||||
catch (Exception $e) {
|
||||
echo json_encode(Array('error' => $e->getMessage()));
|
||||
}
|
||||
|
||||
Binary file not shown.
|
After Width: | Height: | Size: 665 B |
Binary file not shown.
|
After Width: | Height: | Size: 628 B |
@@ -0,0 +1,60 @@
|
||||
<!-- HTML for static distribution bundle build -->
|
||||
<!DOCTYPE html>
|
||||
<html lang="en">
|
||||
<head>
|
||||
<meta charset="UTF-8">
|
||||
<title>Swagger UI</title>
|
||||
<link rel="stylesheet" type="text/css" href="swagger-ui.css" >
|
||||
<link rel="icon" type="image/png" href="favicon-32x32.png" sizes="32x32" />
|
||||
<link rel="icon" type="image/png" href="favicon-16x16.png" sizes="16x16" />
|
||||
<style>
|
||||
html
|
||||
{
|
||||
box-sizing: border-box;
|
||||
overflow: -moz-scrollbars-vertical;
|
||||
overflow-y: scroll;
|
||||
}
|
||||
|
||||
*,
|
||||
*:before,
|
||||
*:after
|
||||
{
|
||||
box-sizing: inherit;
|
||||
}
|
||||
|
||||
body
|
||||
{
|
||||
margin:0;
|
||||
background: #fafafa;
|
||||
}
|
||||
</style>
|
||||
</head>
|
||||
|
||||
<body>
|
||||
<div id="swagger-ui"></div>
|
||||
|
||||
<script src="swagger-ui-bundle.js"> </script>
|
||||
<script src="swagger-ui-standalone-preset.js"> </script>
|
||||
<script>
|
||||
window.onload = function() {
|
||||
// Begin Swagger UI call region
|
||||
const ui = SwaggerUIBundle({
|
||||
url: "../swagger.php",
|
||||
dom_id: '#swagger-ui',
|
||||
deepLinking: true,
|
||||
presets: [
|
||||
SwaggerUIBundle.presets.apis,
|
||||
SwaggerUIStandalonePreset
|
||||
],
|
||||
plugins: [
|
||||
SwaggerUIBundle.plugins.DownloadUrl
|
||||
],
|
||||
layout: "StandaloneLayout"
|
||||
})
|
||||
// End Swagger UI call region
|
||||
|
||||
window.ui = ui
|
||||
}
|
||||
</script>
|
||||
</body>
|
||||
</html>
|
||||
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
@@ -0,0 +1,6 @@
|
||||
<?php
|
||||
require('../../../adminsavvy/vendor/autoload.php');
|
||||
$openapi = \OpenApi\scan('.');
|
||||
header('Content-Type: application/json');
|
||||
echo $openapi->toJson();
|
||||
?>
|
||||
Reference in New Issue
Block a user