From 46291ea5102407c1c913f5960e262d392af1371b Mon Sep 17 00:00:00 2001 From: RemRem Date: Thu, 9 Nov 2023 14:20:39 +0100 Subject: [PATCH] api done (some things to redo) --- app/gateway/file_gateway.php | 84 +++++++++++++++++++++ app/gateway/user_gateway.php | 83 ++++++++++++--------- app/routes.php | 141 ++++++++++++++++++++++++++++------- 3 files changed, 246 insertions(+), 62 deletions(-) create mode 100644 app/gateway/file_gateway.php diff --git a/app/gateway/file_gateway.php b/app/gateway/file_gateway.php new file mode 100644 index 0000000..8b8db99 --- /dev/null +++ b/app/gateway/file_gateway.php @@ -0,0 +1,84 @@ +con = (new DatabaseCon)->connect(); + } catch(PDOException $e) { + throw new PDOException($e->getMessage(), $e->getCode(), $e); + } + } + + public function createFile(string $filename, string $user_uuid) { + $query = "INSERT INTO file VALUES(UUID(), :user_uuid, :filename, CURDATE());"; + try { + $this->con->executeQuery($query, array( + ':filename' => array($filename, PDO::PARAM_STR), + ':user_uuid' => array($user_uuid, PDO::PARAM_STR) + )); + } catch (PDOException $e) { + return -1; + } + + return 0; + } + + // Delete User: (1:OK, 2:Unauthorize, 3:No User) + public function deleteFile(string $file_uuid) : int { + $query = "DELETE FROM file WHERE id=:file_uuid;"; + try { + $this->con->executeQuery($query, array( + ':file_uuid' => array($file_uuid, PDO::PARAM_STR) + )); + } catch (PDOException $e) { + return -1; + } + + return 0; + } + + public function getFilename(string $file_uuid, string $user_uuid) { + $query = "SELECT filename FROM file WHERE user_id=:user_uuid and id=:file_uuid;"; + try { + $this->con->executeQuery($query, array( + ':user_uuid' => array($user_uuid, PDO::PARAM_STR), + ':file_uuid' => array($file_uuid, PDO::PARAM_STR) + )); + $results = $this->con->getResults(); + } catch (PDOException) { + return -1; + } + if(count($results) === 0) return -2; + + return $results[0]['filename']; + } + + public function listFiles(string $user_uuid) { + $query = "SELECT f.id, f.filename FROM file f, user u WHERE f.user_id=u.id and u.id=:user_uuid;"; + try { + $this->con->executeQuery($query, array( + ':user_uuid' => array($user_uuid, PDO::PARAM_STR) + )); + $results = $this->con->getResults(); + } catch (PDOException $e) { + return -1; + } + + $rows = []; + foreach ($results as $row) { + $rows[] = [ + 'uuid' => $row['id'], + 'filename' => $row['filename'], + ]; + } + + return $rows; + } +} \ No newline at end of file diff --git a/app/gateway/user_gateway.php b/app/gateway/user_gateway.php index f11703f..807e8e5 100644 --- a/app/gateway/user_gateway.php +++ b/app/gateway/user_gateway.php @@ -6,6 +6,8 @@ use PDOException; use PDO; use Config\Token; +use function PHPUnit\Framework\isEmpty; + class UserGateway { private Connection $con; private Token $token; @@ -19,18 +21,17 @@ class UserGateway { } } - public function createUser(string $mail, string $hash, string $username) { - $query = "INSERT INTO user VALUES(UUID(), :mail, :hash, :username, CURDATE());"; + public function createUser(string $email, string $hash, string $username) { + $query = "INSERT INTO user VALUES(UUID(), :email, :hash, :username, CURDATE()) RETURNING id;"; + try { $this->con->executeQuery($query, array( - ':mail' => array($mail, PDO::PARAM_STR), + ':email' => array($email, PDO::PARAM_STR), ':hash' => array($hash, PDO::PARAM_STR), ':username' => array($username, PDO::PARAM_STR) )); - - $query = "SELECT id FROM user WHERE email=:mail;"; - $this->con->executeQuery($query, array( - ':mail' => array($mail, PDO::PARAM_STR) - )); + } catch (PDOException $e) { + return -1; + } $results = $this->con->getResults(); return $this->token->getNewJsonToken($results[0]['id']); @@ -39,46 +40,60 @@ class UserGateway { // Delete User: (1:OK, 2:Unauthorize, 3:No User) public function deleteUser(string $uuid) : int { $query = "DELETE FROM user WHERE id=:uuid;"; - $this->con->executeQuery($query, array( - ':uuid' => array($uuid, PDO::PARAM_STR) - )); + try { + $this->con->executeQuery($query, array( + ':uuid' => array($uuid, PDO::PARAM_STR) + )); + } catch (PDOException $e) { + return -1; + } return 0; } // Login User (get token) - public function login(string $mail, string $hash) { - $query = "SELECT hash, id FROM user WHERE email=:mail;"; - $this->con->executeQuery($query, array( - ':mail' => array($mail, PDO::PARAM_STR) - )); - $results = $this->con->getResults(); + public function login(string $email, string $hash) { + $query = "SELECT hash, id FROM user WHERE email=:email;"; - if(empty($results)) { - // Not Found - return 404; - } - if($hash !== (string) $results[0]['hash']) { - // Unauthorized - return 401; + try{ + $this->con->executeQuery($query, array( + ':email' => array($email, PDO::PARAM_STR) + )); + $results = $this->con->getResults(); + } catch (PDOException $e) { + return -3; } + if(count($results) === 0) return -1; + if($hash !== (string) $results[0]['hash']) return -2; return json_encode($this->token->getNewJsonToken($results[0]['id'])); } - public function updateMail(string $uuid, string $new_mail) { - $query = "UPDATE user SET email=:new_mail WHERE id=:uuid;"; - $this->con->executeQuery($query, array( - ':new_mail' => array($new_mail, PDO::PARAM_STR), - ':uuid' => array($uuid, PDO::PARAM_STR) - )); + public function updateMail(string $uuid, string $new_email) { + $query = "UPDATE user SET email=:new_email WHERE id=:uuid;"; + try { + $this->con->executeQuery($query, array( + ':new_email' => array($new_email, PDO::PARAM_STR), + ':uuid' => array($uuid, PDO::PARAM_STR) + )); + } catch (PDOException $e) { + return -1; + } + + return 0; } public function updateUsername(string $uuid, string $new_username) { $query = "UPDATE user SET username=:new_username WHERE id=:uuid;"; - $this->con->executeQuery($query, array( - ':new_username' => array($new_username, PDO::PARAM_STR), - ':uuid' => array($uuid, PDO::PARAM_STR) - )); + try{ + $this->con->executeQuery($query, array( + ':new_username' => array($new_username, PDO::PARAM_STR), + ':uuid' => array($uuid, PDO::PARAM_STR) + )); + } catch (PDOException $e) { + return -1; + } + + return 0; } } \ No newline at end of file diff --git a/app/routes.php b/app/routes.php index 5495bce..d43f3f0 100644 --- a/app/routes.php +++ b/app/routes.php @@ -1,6 +1,7 @@ post('/user', function (Request $req, Response $res) { $req_body = $req->getParsedBody(); - $res->getBody()->write(json_encode((new UserGateway)->createUser($req_body['mail'], $req_body['password'], $req_body['user']))); + if(!array_key_exists('email',$req_body) || !array_key_exists('hash', $req_body) || !array_key_exists('username', $req_body)) { + return $res->withStatus(400); + } + $code = (new UserGateway)->createUser($req_body['email'], $req_body['hash'], $req_body['username']); + if($code === -1) return $res->withStatus(409); + + $res->getBody()->write(json_encode($code)); return $res; }); // Delete User $app->delete('/user', function (Request $req, Response $res) { $token = $req->getHeader('Authorization')[0]; + if(!(new Token)->verifyToken($token)) { + return $res->withStatus(401); + } + $uuid = (new Token)->getUuidFromToken($token); $code = (new UserGateway)->deleteUser($uuid); @@ -35,85 +47,158 @@ return function (App $app) { case 0: return $res->withStatus(200); case -1: - return $res->withStatus(401); - case -2: return $res->withStatus(404); } return $res->withStatus(500); }); // Get Token - $app->get('/user/login/{mail}/{hash}', function (Request $req, Response $res, $args) { - $mail = $args['mail']; + $app->get('/user/login/{email}/{hash}', function (Request $req, Response $res, $args) { + $email = $args['email']; $hash = $args['hash']; - $value = (new UserGateway)->login($mail, $hash); - // If error statusCode else token - if($value instanceOf int) { - return $res->withStatus($value); + $value = (new UserGateway)->login($email, $hash); + switch($value) { + case -1: + return $res->withStatus(404); + case -2: + return $res->withStatus(401); + case -3: + return $res->withStatus(500); } + $res->getBody()->write($value); return $res; }); // Update Mail - $app->put('/user/mail', function(Request $req, Response $res) { + $app->put('/user/email', function(Request $req, Response $res) { $token = $req->getHeader('Authorization')[0]; - $new_mail = $req->getParsedBody()['mail']; if(!(new Token)->verifyToken($token)) { return $res->withStatus(401); } + $body = $req->getParsedBody(); + if(!isset($body['email'])) { + return $res->withStatus(400); + } + $new_email = $req->getParsedBody()['email']; + $uuid = (new Token)->getUuidFromToken($token); - (new UserGateway)->updateMail($uuid, $new_mail); + $code = (new UserGateway)->updateMail($uuid, $new_email); + if($code === -1) return $res->withStatus(500); return $res->withStatus(200); }); // Update Username $app->put('/user/username', function(Request $req, Response $res) { $token = $req->getHeader('Authorization')[0]; - $new_username = $req->getParsedBody()['username']; - if(!(new Token)->verifyToken($token)) { + if(!(new Token)->verifyToken($token)){ return $res->withStatus(401); } + $body = $req->getParsedBody(); + if(!isset($body['username'])) { + return $res->withStatus(400); + } + $new_username = $req->getParsedBody()['username']; + $uuid = (new Token)->getUuidFromToken($token); - (new UserGateway)->updateUsername($uuid, $new_username); + $code = (new UserGateway)->updateUsername($uuid, $new_username); + if($code === -1) return $res->withStatus(500); return $res->withStatus(200); }); #### FILES #### - // Get list of files + // Get list of files $app->get('/user/files', function (Request $req, Response $res) { $token = $req->getHeader('Authorization')[0]; + $save_folder = '/home/hel/smartfit_hdd'; + if(!(new Token)->verifyToken($token)) { + return $res->withStatus(401); + } - $res->getBody()->write('/user/files' . ' Auth:' . $token); + $uuid = (new Token)->getUuidFromToken($token); + $code = (new FileGateway)->listFiles($uuid); + if($code === -1) return $res->withStatus(500); + $res->getBody()->write(json_encode($code)); return $res; }); - // Get file + // Get file $app->get('/user/files/{uuid}', function (Request $req, Response $res, $args) { $token = $req->getHeader('Authorization')[0]; - $uuid = $args['uuid']; + $file_uuid = $args['uuid']; + $save_folder = '/home/hel/smartfit_hdd'; + if(!(new Token)->verifyToken($token)) { + return $res->withStatus(401); + } - $res->getBody()->write('/user/files/'.$uuid.' Auth:'.$token); + $user_uuid = (new Token)->getUuidFromToken($token); + $filename = (new FileGateway)->getFilename($file_uuid, $user_uuid); + switch($filename) { + case -1: + return $res->withStatus(500); + case -2: + return $res->withStatus(404); + } + + $download_file = fopen($save_folder.'/'.$user_uuid.'/'.$filename, 'r'); + $res->getBody()->write(fread($download_file, (int)fstat($download_file)['size'])); return $res; }); // Delete file $app->delete('/user/files/{uuid}', function (Request $req, Response $res, $args) { $token = $req->getHeader('Authorization')[0]; - $uuid = $args['uuid']; + $file_uuid = $args['uuid']; + $save_folder = '/home/hel/smartfit_hdd'; + if(!(new Token)->verifyToken($token)) { + return $res->withStatus(401); + } + + $user_uuid = (new Token)->getUuidFromToken($token); + $filename = (new FileGateway)->getFilename($file_uuid, $user_uuid); + switch($filename) { + case -1: + return $res->withStatus(500); + case -2: + return $res->withStatus(404); + } + $code = (new FileGateway)->deleteFile($file_uuid, $user_uuid); + if($code === -1) return $res->withStatus(500); - $res->getBody()->write('/user/files/'.$uuid.' Auth:'.$token); - return $res; - }); - - // Upload file + $file_path = $save_folder.'/'.$user_uuid.'/'.$filename; + if(file_exists($file_path)) { + unlink($file_path); + } + + return $res->withStatus(200); + }); + + // Upload file + #file_put_contents("test_save_upload.bin", $file->getStream()->getContents()); $app->post('/user/files', function (Request $req, Response $res) { $token = $req->getHeader('Authorization')[0]; + $save_folder = '/home/hel/smartfit_hdd'; + if(!(new Token)->verifyToken($token)) { + return $res->withStatus(401); + } - $res->getBody()->write('/user/files'.' Auth:'.$token); - return $res; + $uuid = (new Token)->getUuidFromToken($token); + $file = $req->getUploadedFiles()['file']; + $filename = $file->getClientFilename(); + $code = (new FileGateway)->listFiles($uuid); + if(in_array($filename, $code, false)) return $res->withStatus(409); + + $file_save_folder = $save_folder.'/'.$uuid.'/'; + if(!is_dir($file_save_folder)) { + mkdir($file_save_folder, 0777, false); + } + $file->moveTo($file_save_folder.'/'.$filename); + + $code = (new FileGateway)->createFile($filename, $uuid); + if($code === -1) return $res->withStatus(500); + return $res->withStatus(200); }); }; \ No newline at end of file