Kilian/PHP-Course
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Endpoints

Browse Source
This commit is contained in:
Kilian Hofmann 2024-07-22 21:38:21 +02:00
parent 5251c43a6b
commit 700faf4351
10 changed files with 367 additions and 158 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
exam/api/Logout/Logout.php
View File

@ -11,7 +11,7 @@ class Logout extends Api
{ {
public function post(): void public function post(): void
{ {
$token = Request::header("token"); $token = Request::token();
Response::json(User::getByToken($token)->logOut()); Response::json(User::getByToken($token)->logOut());
} }

67
exam/api/Post/Post.php Normal file
View File

@ -0,0 +1,67 @@
<?php
namespace Api\Post;
use Exception;
use Khofmann\Api\Api;
use Khofmann\Input\Input;
use Khofmann\Models\Post\Post as MPost;
use Khofmann\Models\User\User;
use Khofmann\Request\Request;
use Khofmann\Response\Response;
class Post extends Api
{
public function post(): void
{
$content = Input::patch("content");
$self = User::getByToken(Request::token());
try {
Response::json(MPost::create($self, $content));
} catch (Exception $err) {
switch ($err->getMessage()) {
default:
throw $err;
}
}
}
public function patch($id): void
{
$content = Input::patch("content");
$self = User::getByToken(Request::token());
$post = MPost::getByID($id);
if (!$self->getIsAdmin() && $post->getUser()->getID() !== $self->getID()) throw new Exception("Not Authorized", 401);
try {
Response::json(MPost::getByID($id)->update($content));
} catch (Exception $err) {
switch ($err->getMessage()) {
case "NotFound":
throw new Exception("Post not found", 404);
case "FailedContent":
throw new Exception("Failed to update content", 500);
default:
throw $err;
}
}
}
public function delete($id): void
{
try {
Response::json(MPost::getByID($id)->delete());
} catch (Exception $err) {
switch ($err->getMessage()) {
case "NotFound":
throw new Exception("Post not found", 404);
default:
throw $err;
}
}
}
}

3
exam/api/Posts/Posts.php
View File

@ -14,7 +14,8 @@ class Posts extends Api
{ {
$page = max(0, intval(Input::get("p", 0))); $page = max(0, intval(Input::get("p", 0)));
$limit = constrain(0, 30, intval(Input::get("l", 10))); $limit = constrain(0, 30, intval(Input::get("l", 10)));
$authed = Request::header("token") !== null; $authed = Request::token() !== null;
Response::json(Post::list($page, $limit, $authed)); Response::json(Post::list($page, $limit, $authed));
} }
} }

2
exam/api/User/User.php
View File

@ -51,7 +51,7 @@ class User extends Api
public function patchSelf(): void public function patchSelf(): void
{ {
$token = Request::header("token"); $token = Request::token();
$username = Input::patch("username"); $username = Input::patch("username");
$password = Input::patch("password"); $password = Input::patch("password");
$image = Input::file("image"); $image = Input::file("image");

288
exam/api/docs/api.yaml
View File

@ -23,10 +23,7 @@ paths:
content: content:
application/json: application/json:
schema: schema:
$ref: "#/components/schemas/BooleanResponse" $ref: "#/components/schemas/LoginResponse"
examples:
Success:
value: true
400: 400:
description: Missing fields. description: Missing fields.
content: content:
@ -99,10 +96,7 @@ paths:
content: content:
application/json: application/json:
schema: schema:
$ref: "#/components/schemas/BooleanResponse" $ref: "#/components/schemas/UserResponse"
examples:
Success:
value: true
400: 400:
description: Missing fields or duplicate description: Missing fields or duplicate
content: content:
@ -187,48 +181,9 @@ paths:
application/json: application/json:
schema: schema:
$ref: "#/components/schemas/UserListResponse" $ref: "#/components/schemas/UserListResponse"
examples:
Success:
value:
{
"pages": 1,
"data":
[
{
"id": 1,
"username": "Admin",
"status": 1,
"email": "marvin@zedat.fu-berlin.de",
"image": "669d41fbdb56b.png",
"isAdmin": true,
"memberSince":
{
"date": "2024-07-22 14:02:49.000000",
"timezone_type": 3,
"timezone": "Europe/Berlin",
},
"postCount": 3,
},
{
"id": 2,
"username": "Max",
"status": 1,
"email": "max@moritz.net",
"image": "profilbilder/max.svg",
"isAdmin": false,
"memberSince":
{
"date": "2024-07-22 03:07:41.000000",
"timezone_type": 3,
"timezone": "Europe/Berlin",
},
"postCount": 2,
},
],
}
tags: tags:
- User - User
/user{id}: /user/{id}:
get: get:
summary: Get user summary: Get user
description: Get user by ID. description: Get user by ID.
@ -249,24 +204,6 @@ paths:
application/json: application/json:
schema: schema:
$ref: "#/components/schemas/UserResponse" $ref: "#/components/schemas/UserResponse"
examples:
Success:
value:
{
"id": 1,
"username": "Admin",
"status": 1,
"email": "marvin@zedat.fu-berlin.de",
"image": "669d41fbdb56b.png",
"isAdmin": true,
"memberSince":
{
"date": "2024-07-22 14:02:49.000000",
"timezone_type": 3,
"timezone": "Europe/Berlin",
},
"postCount": 3,
}
404: 404:
description: User not found. description: User not found.
content: content:
@ -285,6 +222,7 @@ paths:
Use special ID <code>self</code> to update logged in user. <br> Use special ID <code>self</code> to update logged in user. <br>
Requires logged in user to have admin permissions for any ID other than <code>self</code>. Requires logged in user to have admin permissions for any ID other than <code>self</code>.
security: security:
- BasicAuth: []
- BasicAuth: [isAdmin] - BasicAuth: [isAdmin]
parameters: parameters:
- name: id - name: id
@ -305,10 +243,7 @@ paths:
content: content:
application/json: application/json:
schema: schema:
$ref: "#/components/schemas/BooleanResponse" $ref: "#/components/schemas/UserResponse"
examples:
Success:
value: true
404: 404:
description: User not found. description: User not found.
content: content:
@ -325,7 +260,7 @@ paths:
schema: schema:
$ref: "#/components/schemas/ErrorResponse" $ref: "#/components/schemas/ErrorResponse"
examples: examples:
User not found: Failed username:
value: { "message": "Failed to update username" } value: { "message": "Failed to update username" }
tags: tags:
- User - User
@ -348,10 +283,7 @@ paths:
content: content:
application/json: application/json:
schema: schema:
$ref: "#/components/schemas/BooleanResponse" $ref: "#/components/schemas/UserResponse"
examples:
Success:
value: true
404: 404:
description: User not found. description: User not found.
content: content:
@ -397,29 +329,18 @@ paths:
Not authenticated: Not authenticated:
value: value:
{ {
"pages": 1, "pages": 0,
"data": "data":
[ [
{ {
"id": 1, "id": 0,
"user": { "username": "Admin" }, "user": { "username": "string" },
"content": "Hey,\r\nGästebucher sind cool…\r\nDas Gästebuch ist freigegeben.\r\nIch hoffe auf viele Beiträge!", "content": "string",
"postedAt": "postedAt":
{ {
"date": "2020-03-03 09:03:00.000000", "date": "2019-08-24T14:15:22Z",
"timezone_type": 3, "timezone_type": 0,
"timezone": "Europe/Berlin", "timezone": "string",
},
},
{
"id": 2,
"user": { "username": "Max" },
"content": "Bin über Google auf deine Seite gestoßen, danke für das geniale Gästebuch. Werde in Zukunft des Öftern vorbeischaun…\r\n\r\nLiebe Grüsse, Max",
"postedAt":
{
"date": "2020-03-04 12:26:40.000000",
"timezone_type": 3,
"timezone": "Europe/Berlin",
}, },
}, },
], ],
@ -434,58 +355,140 @@ paths:
"id": 1, "id": 1,
"user": "user":
{ {
"id": 1, "id": 0,
"username": "Admin", "username": "string",
"status": 1, "status": 0,
"email": "marvin@zedat.fu-berlin.de", "email": "string",
"image": "669d41fbdb56b.png", "image": "string",
"isAdmin": true, "isAdmin": true,
"memberSince": "memberSince":
{ {
"date": "2024-07-22 14:02:49.000000", "date": "2019-08-24T14:15:22Z",
"timezone_type": 3, "timezone_type": 0,
"timezone": "Europe/Berlin", "timezone": "string",
}, },
"postCount": 3, "postCount": 0,
}, },
"content": "Hey,\r\nGästebucher sind cool…\r\nDas Gästebuch ist freigegeben.\r\nIch hoffe auf viele Beiträge!", "content": "string",
"postedAt": "postedAt":
{ {
"date": "2020-03-03 09:03:00.000000", "date": "2019-08-24T14:15:22Z",
"timezone_type": 3, "timezone_type": 0,
"timezone": "Europe/Berlin", "timezone": "string",
},
},
{
"id": 2,
"user":
{
"id": 2,
"username": "Max",
"status": 1,
"email": "max@moritz.net",
"image": "profilbilder/max.svg",
"isAdmin": false,
"memberSince":
{
"date": "2024-07-22 03:07:41.000000",
"timezone_type": 3,
"timezone": "Europe/Berlin",
},
"postCount": 2,
},
"content": "Bin über Google auf deine Seite gestoßen, danke für das geniale Gästebuch. Werde in Zukunft des Öftern vorbeischaun…\r\n\r\nLiebe Grüsse, Max",
"postedAt":
{
"date": "2020-03-04 12:26:40.000000",
"timezone_type": 3,
"timezone": "Europe/Berlin",
}, },
}, },
], ],
} }
tags: tags:
- Post - Post
post:
summary: New post
description: Create a new post.
security:
- BasicAuth: []
requestBody:
required: true
content:
application/json:
schema:
$ref: "#/components/schemas/PostCreateRequest"
responses:
200:
description: Success.
content:
application/json:
schema:
$ref: "#/components/schemas/PostResponse"
400:
description: Missing fields.
content:
application/json:
schema:
$ref: "#/components/schemas/ErrorResponse"
examples:
Missing fields:
value: { "message": "Missing content" }
tags:
- Post
/post/{id}:
patch:
summary: Update post
description: Update post with ID. <br>
Requires logged in user to have admin permissions for posts not made by them.
security:
- BasicAuth: []
- BasicAuth: [isAdmin]
parameters:
- name: id
in: path
description: Post ID
required: true
schema:
type: integer
format: int14
requestBody:
content:
application/json:
schema:
$ref: "#/components/schemas/PostUpdateRequest"
responses:
200:
description: Success.
content:
application/json:
schema:
$ref: "#/components/schemas/PostResponse"
404:
description: Post not found.
content:
application/json:
schema:
$ref: "#/components/schemas/ErrorResponse"
examples:
User not found:
value: { "message": "Post not found" }
500:
description: Update failed.
content:
application/json:
schema:
$ref: "#/components/schemas/ErrorResponse"
examples:
Failed:
value: { "message": "Failed to update post" }
tags:
- Post
delete:
summary: Delete post
description: Delete post with ID.
security:
- BasicAuth: [isAdmin]
parameters:
- name: id
in: path
description: Post ID
required: true
schema:
type: integer
format: int14
responses:
200:
description: Success.
content:
application/json:
schema:
$ref: "#/components/schemas/PostResponse"
404:
description: Post not found.
content:
application/json:
schema:
$ref: "#/components/schemas/ErrorResponse"
examples:
Post not found:
value: { "message": "Post not found" }
tags:
- Post
externalDocs: externalDocs:
url: https://khofmann.userpage.fu-berlin.de/phpCourse/exam/api/docs/ url: https://khofmann.userpage.fu-berlin.de/phpCourse/exam/api/docs/
security: [] security: []
@ -510,6 +513,13 @@ components:
type: string type: string
password: password:
type: string type: string
LoginResponse:
type: object
properties:
user:
$ref: "#/components/schemas/UserResponse"
token:
type: string
UserResponse: UserResponse:
type: object type: object
properties: properties:
@ -585,6 +595,8 @@ components:
type: number type: number
user: user:
$ref: "#/components/schemas/UserResponse" $ref: "#/components/schemas/UserResponse"
content:
type: string
postedAt: postedAt:
type: object type: object
properties: properties:
@ -604,6 +616,18 @@ components:
type: array type: array
items: items:
$ref: "#/components/schemas/PostResponse" $ref: "#/components/schemas/PostResponse"
PostUpdateRequest:
type: object
properties:
content:
type: string
PostCreateRequest:
type: object
required:
- content
properties:
content:
type: string
securitySchemes: securitySchemes:
BasicAuth: BasicAuth:
type: apiKey type: apiKey

44
exam/api/docs/index.html
View File

File diff suppressed because one or more lines are too long

73
exam/classes/Models/Post/Post.php
View File

@ -2,7 +2,9 @@
namespace Khofmann\Models\Post; namespace Khofmann\Models\Post;
use Api\User\User as UserUser;
use DateTime; use DateTime;
use Exception;
use Khofmann\Models\User\User; use Khofmann\Models\User\User;
use JsonSerializable; use JsonSerializable;
use Khofmann\Database\Database; use Khofmann\Database\Database;
@ -13,6 +15,7 @@ class Post implements JsonSerializable
private int $id; private int $id;
// User is set if the post was fetched by an authenticated user // User is set if the post was fetched by an authenticated user
private ?User $user; private ?User $user;
// Name is set if the post was fetched by a non authenticated user
private ?string $name; private ?string $name;
private string $content; private string $content;
private DateTime $postedAt; private DateTime $postedAt;
@ -30,7 +33,46 @@ class Post implements JsonSerializable
* Statics * Statics
*/ */
public static function list(int $page, int $limit, bool $authed = false) public static function getByID(int $id): Post
{
$db = Database::getInstance();
$stmt = $db->prepare(
"SELECT
*
FROM
egb_gaestebuch
WHERE
id = :ID"
);
$stmt->bindValue(":ID", $id);
$stmt->execute();
$data = $stmt->fetch();
if (!$data) throw new Exception("NotFound");
$user = User::getByID($data["benutzer_id"]);
return new Post($data["id"], $user, null, $data["beitrag"], $data["zeitstempel"]);
}
public static function create(User $user, string $content): Post
{
$db = Database::getInstance();
$stmt = $db->prepare(
"INSERT INTO
egb_gaestebuch(benutzer_id, beitrag)
VALUES(:USR, :CON)"
);
$stmt->bindValue(":USR", $user->getID());
$stmt->bindValue(":CON", $content);
$stmt->execute();
return Post::getByID($db->lastInsertId());
}
public static function list(int $page, int $limit, bool $authed = false): array
{ {
$db = Database::getInstance(); $db = Database::getInstance();
$stmt = $db->prepare( $stmt = $db->prepare(
@ -63,6 +105,35 @@ class Post implements JsonSerializable
return ["pages" => intdiv($count, $limit) + 1, "data" => $list]; return ["pages" => intdiv($count, $limit) + 1, "data" => $list];
} }
/*
* Members
*/
public function update(?string $content): Post
{
$db = Database::getInstance();
$error = false;
if (!empty($content)) {
$stmt = $db->prepare("UPDATE egb_gaestebuch SET beitrag = :CON WHERE id = :ID");
$stmt->bindValue(":CON", $content);
$stmt->bindValue(":ID", $this->id);
$error = !$stmt->execute();
}
if ($error) throw new Exception("FailedContent");
return Post::getByID($this->id);
}
public function delete(): Post
{
$db = Database::getInstance();
$stmt = $db->prepare("DELETE FROM egb_gaestebuch WHERE id = :ID");
$stmt->bindValue(":ID", $this->id);
return $this;
}
/* /*
* Getters * Getters
*/ */

15
exam/classes/Models/User/User.php
View File

@ -177,7 +177,7 @@ class User implements JsonSerializable
} }
} }
public static function create(string $username, string $email, string $password): bool public static function create(string $username, string $email, string $password): User
{ {
$db = Database::getInstance(); $db = Database::getInstance();
$guid = GUID::v4(); $guid = GUID::v4();
@ -192,6 +192,8 @@ class User implements JsonSerializable
$stmt->bindValue(":EMA", $email); $stmt->bindValue(":EMA", $email);
$stmt->bindValue(":COD", $guid); $stmt->bindValue(":COD", $guid);
$user = User::getByID($db->lastInsertId());
try { try {
$stmt->execute(); $stmt->execute();
@ -201,7 +203,7 @@ class User implements JsonSerializable
"Hello $username. To activate your account, visit https://khofmann.userpage.fu-berlin.de/phpCourse/exam/confirm?c=$guid" "Hello $username. To activate your account, visit https://khofmann.userpage.fu-berlin.de/phpCourse/exam/confirm?c=$guid"
); );
return true; return $user;
} catch (Exception $err) { } catch (Exception $err) {
if ($err->getCode() === "23000") throw new Exception("Duplicate"); if ($err->getCode() === "23000") throw new Exception("Duplicate");
@ -267,7 +269,7 @@ class User implements JsonSerializable
return $stmt->execute(); return $stmt->execute();
} }
public function update(?string $username, ?string $password, $image = null): bool public function update(?string $username, ?string $password, $image = null): User
{ {
$db = Database::getInstance(); $db = Database::getInstance();
@ -299,15 +301,16 @@ class User implements JsonSerializable
} }
if ($error) throw new Exception("FailedImage"); if ($error) throw new Exception("FailedImage");
return true; return User::getByID($this->id);
} }
public function delete(): bool public function delete(): User
{ {
$db = Database::getInstance(); $db = Database::getInstance();
$stmt = $db->prepare("DELETE FROM egb_benutzer WHERE id = :ID"); $stmt = $db->prepare("DELETE FROM egb_benutzer WHERE id = :ID");
$stmt->bindValue(":ID", $this->id); $stmt->bindValue(":ID", $this->id);
return $stmt->execute();
return $this;
} }
/* /*

5
exam/classes/Request/Request.php
View File

@ -16,4 +16,9 @@ class Request
{ {
return Request::request()->getHeader($name, $defaultValue, $tryParse); return Request::request()->getHeader($name, $defaultValue, $tryParse);
} }
public static function token()
{
return Request::header("token");
}
} }

26
exam/routes/routes.php
View File

@ -1,36 +1,42 @@
<?php <?php
// Namespaces // Namespaces
use Pecee\SimpleRouter\SimpleRouter; use Pecee\SimpleRouter\SimpleRouter;
use Pecee\Http\Request; use Pecee\Http\Request;
use Khofmann\Response\Response; use Khofmann\Response\Response;
// Error handling // Error handling
SimpleRouter::error(function (Request $request, Exception $exception) { SimpleRouter::error(function (Request $request, Exception $exception) {
$code = $exception->getCode(); $code = $exception->getCode();
Response::response()->httpCode(is_int($code) ? $code : 500)->json(["message" => $exception->getMessage()]); Response::response()->httpCode(is_int($code) ? $code : 500)->json(["message" => $exception->getMessage()]);
}); });
// Index // Index
SimpleRouter::all("/", function () { SimpleRouter::all("/", function () {
Response::redirect("docs", 301); Response::redirect("docs", 301);
}); });
/* /*
* Open routes * Open
*/ */
// Login // Login
SimpleRouter::post("/login", [Api\Login\Login::class, "post"]); SimpleRouter::post("/login", [Api\Login\Login::class, "post"]);
// Register and confirm // Register and confirm
SimpleRouter::post("/register", [Api\Register\Register::class, "post"]); SimpleRouter::post("/register", [Api\Register\Register::class, "post"]);
SimpleRouter::patch("/register", [Api\Register\Register::class, "patch"]); SimpleRouter::patch("/register", [Api\Register\Register::class, "patch"]);
/* /*
* Optional Auth * Optional Auth
*/ */
SimpleRouter::group(["middleware" => Khofmann\Auth\OptAuth::class], function () { SimpleRouter::group(["middleware" => Khofmann\Auth\OptAuth::class], function () {
// List posts with user data // List posts
SimpleRouter::get("/posts", [Api\Posts\Posts::class, "get"]); SimpleRouter::get("/posts", [Api\Posts\Posts::class, "get"]);
}); });
/* /*
* Normal Auth routes * Normal Auth
*/ */
SimpleRouter::group(["middleware" => Khofmann\Auth\Auth::class], function () { SimpleRouter::group(["middleware" => Khofmann\Auth\Auth::class], function () {
// Logout // Logout
SimpleRouter::post("/logout", [Api\Logout\Logout::class, "post"]); SimpleRouter::post("/logout", [Api\Logout\Logout::class, "post"]);
@ -38,15 +44,23 @@ SimpleRouter::group(["middleware" => Khofmann\Auth\Auth::class], function () {
SimpleRouter::get("/user/{id}", [Api\User\User::class, "get"]); SimpleRouter::get("/user/{id}", [Api\User\User::class, "get"]);
// Update self // Update self
SimpleRouter::patch("/user/self", [Api\User\User::class, "patchSelf"]); SimpleRouter::patch("/user/self", [Api\User\User::class, "patchSelf"]);
// Update post
SimpleRouter::patch("/post/{id}", [Api\Post\Post::class, "patch"]);
// Create post
SimpleRouter::post("/posts", [Api\Post\Post::class, "post"]);
}); });
/* /*
* Admin Auth routes * Admin Auth
*/ */
SimpleRouter::group(["middleware" => Khofmann\Auth\AdminAuth::class], function () { SimpleRouter::group(["middleware" => Khofmann\Auth\AdminAuth::class], function () {
// List users // List users
SimpleRouter::get("/users", [Api\Users\Users::class, "get"]); SimpleRouter::get("/users", [Api\Users\Users::class, "get"]);
// Update any user // Update user
SimpleRouter::patch("/user/{id}", [Api\User\User::class, "patch"]); SimpleRouter::patch("/user/{id}", [Api\User\User::class, "patch"]);
// Delete any user // Delete user
SimpleRouter::delete("/user/{id}", [Api\User\User::class, "delete"]); SimpleRouter::delete("/user/{id}", [Api\User\User::class, "delete"]);
// Delete post
SimpleRouter::delete("/post/{id}", [Api\Post\Post::class, "delete"]);
}); });