You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
84 lines
3.4 KiB
84 lines
3.4 KiB
<?php
|
|
|
|
require "../../config.php";
|
|
require "../../vendor/autoload.php";
|
|
require "../../sql/database.php";
|
|
require "../../src/index-utils.php";
|
|
|
|
use IQBall\Api\API;
|
|
use IQBall\Api\Controller\APIAccountsController;
|
|
use IQBall\Api\Controller\APIAuthController;
|
|
use IQBall\Api\Controller\APIServerController;
|
|
use IQBall\Api\Controller\APITacticController;
|
|
use IQBall\App\Session\PhpSessionHandle;
|
|
use IQBall\Core\Action;
|
|
use IQBall\Core\Connection;
|
|
use IQBall\Core\Data\Account;
|
|
use IQBall\Core\Gateway\AccountGateway;
|
|
use IQBall\Core\Gateway\TacticInfoGateway;
|
|
use IQBall\Core\Model\AuthModel;
|
|
use IQBall\Core\Model\TacticModel;
|
|
|
|
$basePath = get_public_path(__DIR__);
|
|
|
|
function getTacticController(): APITacticController {
|
|
return new APITacticController(new TacticModel(new TacticInfoGateway(new Connection(get_database()))));
|
|
}
|
|
|
|
function getAuthController(): APIAuthController {
|
|
return new APIAuthController(new AuthModel(new AccountGateway(new Connection(get_database()))));
|
|
}
|
|
|
|
function getAccountController(): APIAccountsController {
|
|
$con = new Connection(get_database());
|
|
$gw = new AccountGateway($con);
|
|
return new APIAccountsController(new AuthModel($gw), $gw);
|
|
}
|
|
|
|
function getServerController(): APIServerController {
|
|
global $basePath;
|
|
return new APIServerController($basePath, get_database());
|
|
}
|
|
|
|
function getRoutes(): AltoRouter {
|
|
$router = new AltoRouter();
|
|
global $basePath;
|
|
$router->setBasePath($basePath);
|
|
|
|
$router->map("POST", "/auth", Action::noAuth(fn() => getAuthController()->authorize()));
|
|
$router->map("POST", "/tactic/[i:id]/edit/name", Action::auth(fn(int $id, Account $acc) => getTacticController()->updateName($id, $acc)));
|
|
$router->map("POST", "/tactic/[i:id]/save", Action::auth(fn(int $id, Account $acc) => getTacticController()->saveContent($id, $acc)));
|
|
|
|
$router->map("GET", "/admin/list-users", Action::noAuth(fn() => getAccountController()->listUsers($_GET)));
|
|
$router->map("GET", "/admin/user/[i:id]", Action::noAuth(fn(int $id) => getAccountController()->getUser($id)));
|
|
$router->map("GET", "/admin/user/[i:id]/space", Action::noAuth(fn(int $id) => getTacticController()->getUserTactics($id)));
|
|
$router->map("POST", "/admin/user/add", Action::noAuth(fn() => getAccountController()->addUser()));
|
|
$router->map("POST", "/admin/user/remove-all", Action::noAuth(fn() => getAccountController()->removeUsers()));
|
|
$router->map("POST", "/admin/user/[i:id]/update", Action::noAuth(fn(int $id) => getAccountController()->updateUser($id)));
|
|
$router->map("GET", "/admin/server-info", Action::noAuth(fn() => getServerController()->getServerInfo()));
|
|
|
|
return $router;
|
|
}
|
|
|
|
/**
|
|
* Defines the way of being authorised through the API
|
|
* By checking if an Authorisation header is set, and by expecting its value to be a valid token of an account.
|
|
* If the header is not set, fallback to the App's PHP session system, and try to extract the account from it.
|
|
* @return Account|null
|
|
* @throws Exception
|
|
*/
|
|
function tryGetAuthorization(): ?Account {
|
|
$headers = getallheaders();
|
|
|
|
// If no authorization header is set, try fallback to php session.
|
|
if (!isset($headers['Authorization'])) {
|
|
$session = PhpSessionHandle::init();
|
|
return $session->getAccount();
|
|
}
|
|
$token = $headers['Authorization'];
|
|
$gateway = new AccountGateway(new Connection(get_database()));
|
|
return $gateway->getAccountFromToken($token);
|
|
}
|
|
|
|
Api::consume(API::handleMatch(getRoutes()->match(), fn() => tryGetAuthorization()));
|