MermsEMR/gate-mermsemr
1
0
Fork 0
Code Issues Pull Requests Releases Activity

Cors fix

Browse Source
This commit is contained in:
Jenkins Automation
2023-01-28 10:25:35 -05:00
parent f3be271ebd
commit 09ddf68c75
4 changed files with 98 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files
app/Config/Filters.php
+3 -1
View File
@@ -8,7 +8,7 @@ use CodeIgniter\Filters\DebugToolbar;
use CodeIgniter\Filters\Honeypot;
use CodeIgniter\Filters\InvalidChars;
use CodeIgniter\Filters\SecureHeaders;
use App\Filters\Cors;
class Filters extends BaseConfig
{
/**
@@ -23,6 +23,7 @@ class Filters extends BaseConfig
'honeypot' => Honeypot::class,
'invalidchars' => InvalidChars::class,
'secureheaders' => SecureHeaders::class,
'cors' => Cors::class,
];
/**
@@ -36,6 +37,7 @@ class Filters extends BaseConfig
// 'honeypot',
// 'csrf',
// 'invalidchars',
'cors'
],
'after' => [
'toolbar',
app/Controllers/Myfituser.php
+25 -6
View File
@@ -32,10 +32,11 @@ class Myfituser extends BaseController
public function users()
{
header('Access-Control-Allow-Origin: * ');
header('Access-Control-Allow-Origin: *');
//header("Access-Control-Allow-Origin: http://localhost:9057 ");
header('Access-Control-Expose-Headers: Access-Control-Allow-Origin');
header('Access-Control-Allow-Credentials: true ');
//header('Access-Control-Allow-Credentials: true ');
//header("Access-Control-Allow-Headers: Cache-Control, Pragma, Origin, Authorization, Content-Type, X-Requested-With");
header('Access-Control-Allow-Methods: POST, GET, PUT, DELETE, OPTIONS');
header('Content-type: application/json');
@@ -52,24 +53,42 @@ class Myfituser extends BaseController
'login' => ['POST'],
];
// $raw_array = [];
$res1 = [];
if (array_key_exists($endpoint, $endpoints)) {
} else {
http_response_code(404);
// tell the user product does not exist
echo json_encode(['message' => 'Enpoint not found.']);
echo json_encode(['message' => 'Endpoint not found.']);
}
// echo "EXYTACT INPUT DATA HERE";
$raw_json = file_get_contents('php://input');
$raw_array = json_decode($raw_json, true);
switch ($endpoint) {
case "login":
$userAccess = new \App\Models\userAccess();
$res1 = $userAccess->startLogin($raw_array);
break;
case "createuser":
$res= $this->dummyData($raw_array);
break;
case 2:
echo "i equals 2";
break;
}
$userAccess = new \App\Models\userAccess();
$res1 = $userAccess->startLogin($raw_array);
return $this->response->setJson($res1);
}
//this is dummy function to establish the endpoints before real implementations
private function dummyData($raw_array){
return [
'msg'=> 'Not implemented yet',
'raw_data' => $raw_array
];
}
public function blogdata()
{
/* header("Access-Control-Allow-Origin: *");
app/Filters/Cors.php
+53
View File
@@ -0,0 +1,53 @@
<?php
namespace App\Filters;
use CodeIgniter\Filters\FilterInterface;
use CodeIgniter\HTTP\RequestInterface;
use CodeIgniter\HTTP\ResponseInterface;
class Cors implements FilterInterface
{
/**
* Do whatever processing this filter needs to do.
* By default it should not return anything during
* normal execution. However, when an abnormal state
* is found, it should return an instance of
* CodeIgniter\HTTP\Response. If it does, script
* execution will end and that Response will be
* sent back to the client, allowing for error pages,
* redirects, etc.
*
* @param RequestInterface $request
* @param array|null $arguments
*
* @return mixed
*/
public function before(RequestInterface $request, $arguments = null)
{
header("Access-Control-Allow-Origin: *");
header("Access-Control-Allow-Headers: X-API-KEY, Origin,X-Requested-With, Content-Type, Accept, Access-Control-Requested-Method, Authorization");
header("Access-Control-Allow-Methods: GET, POST, OPTIONS, PATCH, PUT, DELETE");
$method = $_SERVER['REQUEST_METHOD'];
if($method == "OPTIONS"){
die();
}
}
/**
* Allows After filters to inspect and modify the response
* object as needed. This method does not allow any way
* to stop execution of other after filters, short of
* throwing an Exception or Error.
*
* @param RequestInterface $request
* @param ResponseInterface $response
* @param array|null $arguments
*
* @return mixed
*/
public function after(RequestInterface $request, ResponseInterface $response, $arguments = null)
{
//
}
}
app/Models/userAccess.php
+17 -6
View File
@@ -19,16 +19,26 @@ class userAccess extends Model
{
$sqlQ =
'SELECT m.id as member_id, m.*,mp.* FROM members m LEFT JOIN members_profile mp ON m.id=mp.member_id WHERE m.id =12';
$username = $in['username'];
$password = $in['password'];
$sqlQ =
"SELECT m.id as member_id, m.*,mp.*
FROM members m LEFT
JOIN members_profile mp ON m.id=mp.member_id
WHERE LOWER(m.username) = LOWER('$username')
AND m.password=md5('$password') ";
$query = $this->db->query($sqlQ);
$data['profile_data'] = $query->getResultArray();
if (count($data['profile_data']) == 1) {
$data['profile_data'][0]['password'] = '**REMOVED**';
$member_id = $data['profile_data'][0]['member_id'];
$member_id = $data['profile_data'][0]['member_id'];
return $inx = [
'session_token' => $this->generateSession($member_id),
'member_id'=> $member_id,
'profile' => $data['profile_data'],
'member_id' => $member_id,
'profile' => $data['profile_data'][0],
'settings' => [],
'preferences' => [],
'status' => 1,
@@ -41,15 +51,16 @@ class userAccess extends Model
'preferences' => [],
'status' => 0,
'raw_data' => $in,
'error_msg' => 'Invalid username or password',
];
}
}
private function generateSession()
{
// do the seesion stuffs here - set up all permissions
$tk='';
for($i=1; $i<20; $i++){
// do the seesion stuffs here - set up all permissions
$tk = '';
for ($i = 1; $i < 20; $i++) {
$tk .= rand(11111, 99999);
}
return $tk;