Kilian/PHP-Course
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Better Errors

Browse Source
This commit is contained in:
Kilian Hofmann 2024-07-23 01:12:05 +02:00
parent 30849019af
commit 85d20e034a
18 changed files with 567 additions and 390 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
exam/api/Login/Login.php
View File

@ -4,6 +4,7 @@ namespace Api\Login;
use Exception; use Exception;
use Khofmann\Api\Api; use Khofmann\Api\Api;
use Khofmann\ApiError\ApiError;
use Khofmann\Input\Input; use Khofmann\Input\Input;
use Khofmann\Response\Response; use Khofmann\Response\Response;
use Khofmann\Models\User\User; use Khofmann\Models\User\User;
@ -12,21 +13,27 @@ class Login extends Api
{ {
public function post(): void public function post(): void
{ {
// Fetch all required inputs.
// Throw 400 error if a required one is missing.
$missing = [];
$email = Input::post("email"); $email = Input::post("email");
if (empty($email)) throw new Exception("Missing email", 400);
$password = Input::post("password"); $password = Input::post("password");
if (empty($password)) throw new Exception("Missing password", 400); if (empty($email)) array_push($missing, "email");
if (empty($password)) array_push($missing, "password");
if (count($missing) > 0) throw ApiError::missingField($missing);
// Try and log in user.
// Throw errors according to situation.
try { try {
Response::json(User::logIn($email, $password)); Response::json(User::logIn($email, $password));
} catch (Exception $err) { } catch (Exception $err) {
switch ($err->getMessage()) { switch ($err->getMessage()) {
case "Failed": case "Failed":
throw new Exception("Login failed", 500); throw ApiError::failed("Login failed");
case "NotFound": case "NotFound":
throw new Exception("User not found", 404); throw ApiError::notFound("user");
case "Invalid": case "Invalid":
throw new Exception("Invalid username or password", 401); throw ApiError::unauthorized("Invalid username or password");
default: default:
throw $err; throw $err;
} }

2
exam/api/Logout/Logout.php
View File

@ -11,8 +11,10 @@ class Logout extends Api
{ {
public function post(): void public function post(): void
{ {
// Get user auth token.
$token = Request::token(); $token = Request::token();
// Log out.
Response::json(User::getByToken($token)->logOut()); Response::json(User::getByToken($token)->logOut());
} }
} }

39
exam/api/Post/Post.php
View File

@ -4,6 +4,7 @@ namespace Api\Post;
use Exception; use Exception;
use Khofmann\Api\Api; use Khofmann\Api\Api;
use Khofmann\ApiError\ApiError;
use Khofmann\Input\Input; use Khofmann\Input\Input;
use Khofmann\Models\Post\Post as MPost; use Khofmann\Models\Post\Post as MPost;
use Khofmann\Models\User\User; use Khofmann\Models\User\User;
@ -12,40 +13,29 @@ use Khofmann\Response\Response;
class Post extends Api class Post extends Api
{ {
public function post(): void
{
$content = Input::patch("content");
$self = User::getByToken(Request::token());
try {
Response::json(MPost::create($self, $content));
} catch (Exception $err) {
switch ($err->getMessage()) {
default:
throw $err;
}
}
}
public function patch($id): void public function patch($id): void
{ {
// Fetch all inputs.
$content = Input::patch("content"); $content = Input::patch("content");
// Fetch authed user.
$self = User::getByToken(Request::token()); $self = User::getByToken(Request::token());
$post = MPost::getByID($id);
if (!$self->getIsAdmin() && $post->getUser()->getID() !== $self->getID()) throw new Exception("Not Authorized", 401);
try { try {
Response::json(MPost::getByID($id)->update($content)); // Try fetch the post in question, 404 if not found.
$post = MPost::getByID($id);
// Throw 400 if we aren't admin but trying to edit another users post.
if (!$self->getIsAdmin() && $post->getUser()->getID() !== $self->getID()) throw ApiError::unauthorized("Not allowed");
// Try update.
Response::json($post->update($content));
} catch (Exception $err) { } catch (Exception $err) {
switch ($err->getMessage()) { switch ($err->getMessage()) {
case "NotFound": case "NotFound":
throw new Exception("Post not found", 404); throw ApiError::notFound("post");
case "FailedContent":
throw new Exception("Failed to update content", 500);
default: default:
// Due to how the failed field is handled, it's ApiError is inside the models update
throw $err; throw $err;
} }
} }
@ -53,12 +43,13 @@ class Post extends Api
public function delete($id): void public function delete($id): void
{ {
// Try delete, 404 if post was not found.
try { try {
Response::json(MPost::getByID($id)->delete()); Response::json(MPost::getByID($id)->delete());
} catch (Exception $err) { } catch (Exception $err) {
switch ($err->getMessage()) { switch ($err->getMessage()) {
case "NotFound": case "NotFound":
throw new Exception("Post not found", 404); throw ApiError::notFound("post");
default: default:
throw $err; throw $err;
} }

26
exam/api/Posts/Posts.php
View File

@ -2,9 +2,12 @@
namespace Api\Posts; namespace Api\Posts;
use Exception;
use Khofmann\Api\Api; use Khofmann\Api\Api;
use Khofmann\ApiError\ApiError;
use Khofmann\Input\Input; use Khofmann\Input\Input;
use Khofmann\Models\Post\Post; use Khofmann\Models\Post\Post;
use Khofmann\Models\User\User;
use Khofmann\Request\Request; use Khofmann\Request\Request;
use Khofmann\Response\Response; use Khofmann\Response\Response;
@ -12,10 +15,33 @@ class Posts extends Api
{ {
public function get() public function get()
{ {
// Fetch and constrain all parameters.
$page = max(0, intval(Input::get("p", 0))); $page = max(0, intval(Input::get("p", 0)));
$limit = constrain(0, 30, intval(Input::get("l", 10))); $limit = constrain(0, 30, intval(Input::get("l", 10)));
$authed = Request::token() !== null; $authed = Request::token() !== null;
// Return list of posts.
Response::json(Post::list($page, $limit, $authed)); Response::json(Post::list($page, $limit, $authed));
} }
public function post(): void
{
// Fetch all required inputs.
// Throw 400 error if a required one is missing.
$content = Input::post("content");
if (empty($content)) throw ApiError::missingField(["content"]);
// Get logged in user
$self = User::getByToken(Request::token());
// Try to create a new post for logged in user.
try {
Response::json(Post::create($self, $content));
} catch (Exception $err) {
switch ($err->getMessage()) {
default:
throw $err;
}
}
}
} }

23
exam/api/Register/Register.php
View File

@ -4,6 +4,7 @@ namespace Api\Register;
use Exception; use Exception;
use Khofmann\Api\Api; use Khofmann\Api\Api;
use Khofmann\ApiError\ApiError;
use Khofmann\Input\Input; use Khofmann\Input\Input;
use Khofmann\Response\Response; use Khofmann\Response\Response;
use Khofmann\Models\User\User; use Khofmann\Models\User\User;
@ -12,19 +13,26 @@ class Register extends Api
{ {
public function post(): void public function post(): void
{ {
// Fetch all required inputs.
// Throw 400 error if a required one is missing.
$missing = [];
$username = Input::post("username"); $username = Input::post("username");
if (empty($username)) throw new Exception("Missing username", 400);
$email = Input::post("email"); $email = Input::post("email");
if (empty($email)) throw new Exception("Missing email", 400);
$password = Input::post("password"); $password = Input::post("password");
if (empty($password)) throw new Exception("Missing password", 400); if (empty($username)) array_push($missing, "username");
if (empty($email)) array_push($missing, "email");
if (empty($password)) array_push($missing, "password");
if (count($missing) > 0) throw ApiError::missingField($missing);
// Try and create a new user, 400 if duplicate.
try { try {
Response::json(User::create($username, $email, $password)); Response::json(User::create($username, $email, $password));
} catch (Exception $err) { } catch (Exception $err) {
switch ($err->getMessage()) { switch ($err->getMessage()) {
case "NotFound":
throw ApiError::failed("Failed to create user");
case "Duplicate": case "Duplicate":
throw new Exception("A user with this username or email already exists", 400); throw ApiError::duplicate("user");
default: default:
throw $err; throw $err;
} }
@ -33,15 +41,18 @@ class Register extends Api
public function patch(): void public function patch(): void
{ {
// Fetch all required inputs.
// Throw 400 error if a required one is missing.
$code = Input::post("code"); $code = Input::post("code");
if (empty($code)) throw new Exception("Missing code", 400); if (empty($code)) throw ApiError::missingField(["code"]);
// Try and confirm user, 404 if user not found.
try { try {
Response::json(User::confirm($code)); Response::json(User::confirm($code));
} catch (Exception $err) { } catch (Exception $err) {
switch ($err->getMessage()) { switch ($err->getMessage()) {
case "NotFound": case "NotFound":
throw new Exception("User not found", 404); throw ApiError::notFound("user");
default: default:
throw $err; throw $err;
} }

31
exam/api/User/User.php
View File

@ -7,18 +7,20 @@ use Khofmann\Models\User\User as MUser;
use Khofmann\Input\Input; use Khofmann\Input\Input;
use Khofmann\Response\Response; use Khofmann\Response\Response;
use Khofmann\Api\Api; use Khofmann\Api\Api;
use Khofmann\ApiError\ApiError;
use Khofmann\Request\Request; use Khofmann\Request\Request;
class User extends Api class User extends Api
{ {
public function get($id): void public function get($id): void
{ {
// Try and get a user, 404 if not found.
try { try {
Response::json(MUser::getByID($id)); Response::json(MUser::getByID($id));
} catch (Exception $err) { } catch (Exception $err) {
switch ($err->getMessage()) { switch ($err->getMessage()) {
case "NotFound": case "NotFound":
throw new Exception("User not found", 404); throw ApiError::notFound("user");
default: default:
throw $err; throw $err;
} }
@ -27,23 +29,21 @@ class User extends Api
public function patch($id): void public function patch($id): void
{ {
// Fetch all inputs.
$username = Input::patch("username"); $username = Input::patch("username");
$password = Input::patch("password"); $password = Input::patch("password");
$image = Input::file("image"); $image = Input::file("image");
// Try and update user.
// Throw errors according to situation.
try { try {
Response::json(MUser::getByID($id)->update($username, $password, $image)); Response::json(MUser::getByID($id)->update($username, $password, $image));
} catch (Exception $err) { } catch (Exception $err) {
switch ($err->getMessage()) { switch ($err->getMessage()) {
case "NotFound": case "NotFound":
throw new Exception("User not found", 404); throw ApiError::notFound("user");
case "FailedUsername":
throw new Exception("Failed to update username", 500);
case "FailedPassword":
throw new Exception("Failed to update password", 500);
case "FailedImage":
throw new Exception("Failed to update image", 500);
default: default:
// Due to how the failed field is handled, it's ApiError is inside the models update
throw $err; throw $err;
} }
} }
@ -51,24 +51,22 @@ class User extends Api
public function patchSelf(): void public function patchSelf(): void
{ {
// Fetch all inputs.
$token = Request::token(); $token = Request::token();
$username = Input::patch("username"); $username = Input::patch("username");
$password = Input::patch("password"); $password = Input::patch("password");
$image = Input::file("image"); $image = Input::file("image");
// Try and update user.
// Throw errors according to situation.
try { try {
Response::json(MUser::getByToken($token)->update($username, $password, $image)); Response::json(MUser::getByToken($token)->update($username, $password, $image));
} catch (Exception $err) { } catch (Exception $err) {
switch ($err->getMessage()) { switch ($err->getMessage()) {
case "NotFound": case "NotFound":
throw new Exception("User not found", 404); throw ApiError::notFound("user");
case "FailedUsername":
throw new Exception("Failed to update username", 500);
case "FailedPassword":
throw new Exception("Failed to update password", 500);
case "FailedImage":
throw new Exception("Failed to update image", 500);
default: default:
// Due to how the failed field is handled, it's ApiError is inside the models update
throw $err; throw $err;
} }
} }
@ -76,12 +74,13 @@ class User extends Api
public function delete($id): void public function delete($id): void
{ {
// Try to delete user, 404 if not found.
try { try {
Response::json(MUser::getByID($id)->delete()); Response::json(MUser::getByID($id)->delete());
} catch (Exception $err) { } catch (Exception $err) {
switch ($err->getMessage()) { switch ($err->getMessage()) {
case "NotFound": case "NotFound":
throw new Exception("User not found", 404); throw ApiError::notFound("user");
default: default:
throw $err; throw $err;
} }

3
exam/api/Users/Users.php
View File

@ -11,8 +11,11 @@ class Users extends Api
{ {
public function get() public function get()
{ {
// Fetch and constrain all parameters.
$page = max(0, intval(Input::get("p", 0))); $page = max(0, intval(Input::get("p", 0)));
$limit = constrain(0, 30, intval(Input::get("l", 10))); $limit = constrain(0, 30, intval(Input::get("l", 10)));
// Return list of users.
Response::json(User::list($page, $limit)); Response::json(User::list($page, $limit));
} }
} }

543
exam/api/docs/api.yaml
View File

@ -29,37 +29,42 @@ paths:
content: content:
application/json: application/json:
schema: schema:
$ref: "#/components/schemas/ErrorResponse" $ref: "#/components/schemas/MissingFieldResponse"
examples: examples:
Missing fields: Missing fields:
value: { "message": "Missing email" } value:
{ "code": "MissingField", "fields": ["email", "password"] }
401: 401:
description: Invalid credentials. description: Invalid credentials.
content: content:
application/json: application/json:
schema: schema:
$ref: "#/components/schemas/ErrorResponse" $ref: "#/components/schemas/UnauthorizedResponse"
examples: examples:
Invalid username or password: Invalid username or password:
value: { "message": "Invalid username or password" } value:
{
"code": "Unauthorized",
"message": "Invalid username or password",
}
404: 404:
description: User not found. description: User not found.
content: content:
application/json: application/json:
schema: schema:
$ref: "#/components/schemas/ErrorResponse" $ref: "#/components/schemas/NotFoundResponse"
examples: examples:
User not found: User not found:
value: { "message": "User not found" } value: { "code": "NotFound", "entity": "user" }
500: 500:
description: Failed. description: Failed.
content: content:
application/json: application/json:
schema: schema:
$ref: "#/components/schemas/ErrorResponse" $ref: "#/components/schemas/FailedResponse"
examples: examples:
Failed: Failed:
value: { "message": "Login failed" } value: { "code": "Failed", "message": "Login failed" }
tags: tags:
- Login/Logout - Login/Logout
/logout: /logout:
@ -80,221 +85,6 @@ paths:
value: true value: true
tags: tags:
- Login/Logout - Login/Logout
/register:
post:
summary: Register
description: Register a new user
requestBody:
required: true
content:
application/json:
schema:
$ref: "#/components/schemas/RegisterRequest"
responses:
200:
description: Success
content:
application/json:
schema:
$ref: "#/components/schemas/UserResponse"
400:
description: Missing fields or duplicate
content:
application/json:
schema:
$ref: "#/components/schemas/ErrorResponse"
examples:
Missing fields:
value: { "message": "Missing email" }
Duplicate:
value:
{
"message": "A user with this username or email already exists",
}
tags:
- Register
patch:
summary: Confirm register
description: Confirm a registration
requestBody:
required: true
content:
application/json:
schema:
$ref: "#/components/schemas/ConfirmRequest"
responses:
200:
description: Success
content:
application/json:
schema:
$ref: "#/components/schemas/BooleanResponse"
examples:
Success:
value: true
400:
description: Missing fields
content:
application/json:
schema:
$ref: "#/components/schemas/ErrorResponse"
examples:
Missing fields:
value: { "message": "Missing code" }
404:
description: User not found
content:
application/json:
schema:
$ref: "#/components/schemas/ErrorResponse"
examples:
User not found:
value: { "message": "User not found" }
tags:
- Register
/users:
get:
summary: List users
description: List all users.
security:
- BasicAuth: []
parameters:
- in: query
name: p
schema:
type: integer
minimum: 0
default: 0
description: Current page.
- in: query
name: l
schema:
type: integer
minimum: 0
maximum: 30
default: 10
description: The number of items to return.
responses:
200:
description: Success
content:
application/json:
schema:
$ref: "#/components/schemas/UserListResponse"
tags:
- User
/user/{id}:
get:
summary: Get user
description: Get user by ID.
security:
- BasicAuth: [isAdmin]
parameters:
- name: id
in: path
description: User ID
required: true
schema:
type: integer
format: int14
responses:
200:
description: Success.
content:
application/json:
schema:
$ref: "#/components/schemas/UserResponse"
404:
description: User not found.
content:
application/json:
schema:
$ref: "#/components/schemas/ErrorResponse"
examples:
User not found:
value: { "message": "User not found" }
tags:
- User
patch:
summary: Update user
description:
Update user with ID. Fields are updated in order username, password, image. If one fails, subsequent are not updated. <br>
Use special ID <code>self</code> to update logged in user. <br>
Requires logged in user to have admin permissions for any ID other than <code>self</code>.
security:
- BasicAuth: []
- BasicAuth: [isAdmin]
parameters:
- name: id
in: path
description: User ID
required: true
schema:
type: integer
format: int14
requestBody:
content:
application/json:
schema:
$ref: "#/components/schemas/UserUpdateRequest"
responses:
200:
description: Success.
content:
application/json:
schema:
$ref: "#/components/schemas/UserResponse"
404:
description: User not found.
content:
application/json:
schema:
$ref: "#/components/schemas/ErrorResponse"
examples:
User not found:
value: { "message": "User not found" }
500:
description: Update failed.
content:
application/json:
schema:
$ref: "#/components/schemas/ErrorResponse"
examples:
Failed username:
value: { "message": "Failed to update username" }
tags:
- User
delete:
summary: Delete user
description: Delete user with ID.
security:
- BasicAuth: [isAdmin]
parameters:
- name: id
in: path
description: User ID
required: true
schema:
type: integer
format: int14
responses:
200:
description: Success.
content:
application/json:
schema:
$ref: "#/components/schemas/UserResponse"
404:
description: User not found.
content:
application/json:
schema:
$ref: "#/components/schemas/ErrorResponse"
examples:
User not found:
value: { "message": "User not found" }
tags:
- User
/posts: /posts:
get: get:
summary: List posts summary: List posts
@ -404,16 +194,16 @@ paths:
content: content:
application/json: application/json:
schema: schema:
$ref: "#/components/schemas/ErrorResponse" $ref: "#/components/schemas/MissingFieldResponse"
examples: examples:
Missing fields: Missing fields:
value: { "message": "Missing content" } value: { "code": "MissingField", "fields": ["content"] }
tags: tags:
- Post - Post
/post/{id}: /post/{id}:
patch: patch:
summary: Update post summary: Update post
description: Update post with ID. <br> description: Update post with ID. <br>
Requires logged in user to have admin permissions for posts not made by them. Requires logged in user to have admin permissions for posts not made by them.
security: security:
- BasicAuth: [] - BasicAuth: []
@ -438,24 +228,33 @@ paths:
application/json: application/json:
schema: schema:
$ref: "#/components/schemas/PostResponse" $ref: "#/components/schemas/PostResponse"
401:
description: Not allowed.
content:
application/json:
schema:
$ref: "#/components/schemas/UnauthorizedResponse"
examples:
Not allowed:
value: { "code": "Unauthorized", "message": "Not allowed" }
404: 404:
description: Post not found. description: Post not found.
content: content:
application/json: application/json:
schema: schema:
$ref: "#/components/schemas/ErrorResponse" $ref: "#/components/schemas/NotFoundResponse"
examples: examples:
User not found: Post not found:
value: { "message": "Post not found" } value: { "code": "NotFound", "entity": "post" }
500: 500:
description: Update failed. description: Update failed.
content: content:
application/json: application/json:
schema: schema:
$ref: "#/components/schemas/ErrorResponse" $ref: "#/components/schemas/FailedUpdateResponse"
examples: examples:
Failed: Failed:
value: { "message": "Failed to update post" } value: { "code": "FailedUpdate", "fields": ["content"] }
tags: tags:
- Post - Post
delete: delete:
@ -483,12 +282,242 @@ paths:
content: content:
application/json: application/json:
schema: schema:
$ref: "#/components/schemas/ErrorResponse" $ref: "#/components/schemas/NotFoundResponse"
examples: examples:
Post not found: Post not found:
value: { "message": "Post not found" } value: { "code": "NotFound", "entity": "post" }
tags: tags:
- Post - Post
/register:
post:
summary: Register
description: Register a new user.
requestBody:
required: true
content:
application/json:
schema:
$ref: "#/components/schemas/RegisterRequest"
responses:
200:
description: Success.
content:
application/json:
schema:
$ref: "#/components/schemas/UserResponse"
400:
description: Missing fields or duplicate.
content:
application/json:
schema:
oneOf:
- $ref: "#/components/schemas/MissingFieldResponse"
- $ref: "#/components/schemas/DuplicateResponse"
examples:
Missing fields:
value:
{
"code": "MissingField",
"fields": ["username", "email", "password"],
}
Duplicate:
value: { "code": "Duplicate", "entity": "user" }
404:
description: Failed to create
content:
application/json:
schema:
$ref: "#/components/schemas/FailedResponse"
examples:
Failed to create:
value:
{ "code": "Failed", "message": "Failed to create user" }
tags:
- Register
patch:
summary: Confirm register
description: Confirm a registration.
requestBody:
required: true
content:
application/json:
schema:
$ref: "#/components/schemas/ConfirmRequest"
responses:
200:
description: Success.
content:
application/json:
schema:
$ref: "#/components/schemas/UserResponse"
400:
description: Missing fields.
content:
application/json:
schema:
$ref: "#/components/schemas/MissingFieldResponse"
examples:
Missing fields:
value: { "code": "MissingField", "fields": ["code"] }
404:
description: User not found.
content:
application/json:
schema:
$ref: "#/components/schemas/NotFoundResponse"
examples:
User not found:
value: { "code": "NotFound", "entity": "user" }
tags:
- Register
/users:
get:
summary: List users
description: List all users.
security:
- BasicAuth: []
parameters:
- in: query
name: p
schema:
type: integer
minimum: 0
default: 0
description: Current page.
- in: query
name: l
schema:
type: integer
minimum: 0
maximum: 30
default: 10
description: The number of items to return.
responses:
200:
description: Success
content:
application/json:
schema:
$ref: "#/components/schemas/UserListResponse"
tags:
- User
/user/{id}:
get:
summary: Get user
description: Get user by ID.
security:
- BasicAuth: [isAdmin]
parameters:
- name: id
in: path
description: User ID
required: true
schema:
type: integer
format: int14
responses:
200:
description: Success.
content:
application/json:
schema:
$ref: "#/components/schemas/UserResponse"
404:
description: User not found.
content:
application/json:
schema:
$ref: "#/components/schemas/NotFoundResponse"
examples:
User not found:
value: { "code": "NotFound", "entity": "user" }
tags:
- User
patch:
summary: Update user
description: Update user with ID. <br>
Use special ID <code>self</code> to update logged in user. <br>
Requires logged in user to have admin permissions for any ID other than <code>self</code>.
security:
- BasicAuth: []
- BasicAuth: [isAdmin]
parameters:
- name: id
in: path
description: User ID
required: true
schema:
type: integer
format: int14
requestBody:
content:
application/json:
schema:
$ref: "#/components/schemas/UserUpdateRequest"
responses:
200:
description: Success.
content:
application/json:
schema:
$ref: "#/components/schemas/UserResponse"
404:
description: User not found.
content:
application/json:
schema:
$ref: "#/components/schemas/NotFoundResponse"
examples:
User not found:
value: { "code": "NotFound", "entity": "username" }
500:
description: Update failed.
content:
application/json:
schema:
$ref: "#/components/schemas/FailedUpdateResponse"
examples:
Failed username:
value:
{
"code": "FailedUpdate",
"fields": ["username", "email", "password"],
}
tags:
- User
delete:
summary: Delete user
description: Delete user with ID.
security:
- BasicAuth: [isAdmin]
parameters:
- name: id
in: path
description: User ID
required: true
schema:
type: integer
format: int14
responses:
200:
description: Success.
content:
application/json:
schema:
$ref: "#/components/schemas/UserResponse"
404:
description: User not found.
content:
application/json:
schema:
$ref: "#/components/schemas/NotFoundResponse"
examples:
User not found:
value: { "code": "NotFound", "entity": "user" }
tags:
- User
externalDocs: externalDocs:
url: https://khofmann.userpage.fu-berlin.de/phpCourse/exam/api/docs/ url: https://khofmann.userpage.fu-berlin.de/phpCourse/exam/api/docs/
security: [] security: []
@ -498,6 +527,52 @@ components:
schemas: schemas:
BooleanResponse: BooleanResponse:
type: boolean type: boolean
MissingFieldResponse:
type: object
properties:
code:
type: MissingField
fields:
type: array
items:
type: string
NotFoundResponse:
type: object
properties:
code:
type: NotFound
entity:
type: string
UnauthorizedResponse:
type: object
properties:
code:
type: Unauthorized
message:
type: string
FailedResponse:
type: object
properties:
code:
type: Failed
message:
type: string
DuplicateResponse:
type: object
properties:
code:
type: Duplicate
entity:
type: string
FailedUpdateResponse:
type: object
properties:
code:
type: FailedUpdate
fields:
type: array
items:
type: string
ErrorResponse: ErrorResponse:
type: object type: object
properties: properties:
@ -635,6 +710,6 @@ components:
in: header in: header
tags: tags:
- name: Login/Logout - name: Login/Logout
- name: Post
- name: Register - name: Register
- name: User - name: User
- name: Post

116
exam/api/docs/index.html
View File

File diff suppressed because one or more lines are too long

61
exam/classes/ApiError/ApiError.php Normal file
View File

@ -0,0 +1,61 @@
<?php
namespace Khofmann\ApiError;
use Exception;
class ApiError extends Exception
{
private function __construct($message = "", $code = 0)
{
parent::__construct($message, $code);
}
public static function missingField(array $fields): ApiError
{
return new ApiError(json_encode([
"code" => "MissingField",
"fields" => $fields,
]), 400);
}
public static function duplicate(string $entity): ApiError
{
return new ApiError(json_encode([
"code" => "Duplicate",
"entity" => $entity,
]), 400);
}
public static function unauthorized(string $message)
{
return new ApiError(json_encode([
"code" => "Unauthorized",
"message" => $message,
]), 401);
}
public static function notFound(string $entity)
{
return new ApiError(json_encode([
"code" => "NotFound",
"entity" => $entity,
]), 404);
}
public static function failed(string $message)
{
return new ApiError(json_encode([
"code" => "Failed",
"message" => $message,
]), 500);
}
public static function failedUpdate(array $fields)
{
return new ApiError(json_encode([
"code" => "FailedUpdate",
"fields" => $fields,
]), 500);
}
}

6
exam/classes/Auth/AdminAuth.php
View File

@ -16,17 +16,17 @@ class AdminAuth implements IMiddleware
// No token // No token
if ($token === null) { if ($token === null) {
Response::response()->httpCode(401)->json(["message" => "Not Authorized"]); Response::response()->httpCode(401)->json(["code" => "Unauthorized", "message" => "Not Authorized"]);
} }
try { try {
$user = User::getByToken($token); $user = User::getByToken($token);
if (!$user->getIsAdmin()) { if (!$user->getIsAdmin()) {
Response::response()->httpCode(401)->json(["message" => "Not Authorized"]); Response::response()->httpCode(401)->json(["code" => "Unauthorized", "message" => "Not Authorized"]);
} }
} catch (Exception $err) { } catch (Exception $err) {
// No user with this token exists // No user with this token exists
Response::response()->httpCode(401)->json(["message" => "Not Authorized"]); Response::response()->httpCode(401)->json(["code" => "Unauthorized", "message" => "Not Authorized"]);
} }
} }
} }

4
exam/classes/Auth/Auth.php
View File

@ -16,14 +16,14 @@ class Auth implements IMiddleware
// No token // No token
if ($token === null) { if ($token === null) {
Response::response()->httpCode(401)->json(["message" => "Not Authorized"]); Response::response()->httpCode(401)->json(["code" => "Unauthorized", "message" => "Not Authorized"]);
} }
try { try {
User::getByToken($token); User::getByToken($token);
} catch (Exception $err) { } catch (Exception $err) {
// No user with this token exists // No user with this token exists
Response::response()->httpCode(401)->json(["message" => "Not Authorized"]); Response::response()->httpCode(401)->json(["code" => "Unauthorized", "message" => "Not Authorized"]);
} }
} }
} }

2
exam/classes/Auth/OptAuth.php
View File

@ -23,7 +23,7 @@ class OptAuth implements IMiddleware
User::getByToken($token); User::getByToken($token);
} catch (Exception $err) { } catch (Exception $err) {
// No user with this token exists // No user with this token exists
Response::response()->httpCode(401)->json(["message" => "Not Authorized"]); Response::response()->httpCode(401)->json(["code" => "Unauthorized", "message" => "Not Authorized"]);
} }
} }
} }

9
exam/classes/Models/Post/Post.php
View File

@ -7,6 +7,7 @@ use DateTime;
use Exception; use Exception;
use Khofmann\Models\User\User; use Khofmann\Models\User\User;
use JsonSerializable; use JsonSerializable;
use Khofmann\ApiError\ApiError;
use Khofmann\Database\Database; use Khofmann\Database\Database;
use PDO; use PDO;
@ -113,14 +114,16 @@ class Post implements JsonSerializable
{ {
$db = Database::getInstance(); $db = Database::getInstance();
$error = false;
if (!empty($content)) { if (!empty($content)) {
$stmt = $db->prepare("UPDATE egb_gaestebuch SET beitrag = :CON WHERE id = :ID"); $stmt = $db->prepare("UPDATE egb_gaestebuch SET beitrag = :CON WHERE id = :ID");
$stmt->bindValue(":CON", $content); $stmt->bindValue(":CON", $content);
$stmt->bindValue(":ID", $this->id); $stmt->bindValue(":ID", $this->id);
$error = !$stmt->execute(); try {
if (!$stmt->execute()) throw ApiError::failedUpdate(["content"]);
} catch (Exception $e) {
throw ApiError::failedUpdate(["content"]);
}
} }
if ($error) throw new Exception("FailedContent");
return Post::getByID($this->id); return Post::getByID($this->id);
} }

33
exam/classes/Models/User/User.php
View File

@ -8,6 +8,7 @@ use DateTime;
use Khofmann\Database\Database; use Khofmann\Database\Database;
use Config\Config; use Config\Config;
use JsonSerializable; use JsonSerializable;
use Khofmann\ApiError\ApiError;
use Khofmann\GUID\GUID; use Khofmann\GUID\GUID;
use PDOException; use PDOException;
@ -192,11 +193,11 @@ class User implements JsonSerializable
$stmt->bindValue(":EMA", $email); $stmt->bindValue(":EMA", $email);
$stmt->bindValue(":COD", $guid); $stmt->bindValue(":COD", $guid);
$user = User::getByID($db->lastInsertId());
try { try {
$stmt->execute(); $stmt->execute();
$user = User::getByID($db->lastInsertId());
mail( mail(
$email, $email,
"Account activation GuestBookDB", "Account activation GuestBookDB",
@ -211,7 +212,7 @@ class User implements JsonSerializable
} }
} }
public static function confirm(string $confirmCode): bool public static function confirm(string $confirmCode): User
{ {
$db = Database::getInstance(); $db = Database::getInstance();
$user = User::getByConfirmCode($confirmCode); $user = User::getByConfirmCode($confirmCode);
@ -225,7 +226,7 @@ class User implements JsonSerializable
WHERE id = :UID" WHERE id = :UID"
); );
$stmt->bindValue(":UID", $user->getID()); $stmt->bindValue(":UID", $user->getID());
return $stmt->execute(); return User::getByID($user->getID());
} }
public static function list(int $page, int $limit) public static function list(int $page, int $limit)
@ -273,22 +274,28 @@ class User implements JsonSerializable
{ {
$db = Database::getInstance(); $db = Database::getInstance();
$error = false; $failed = [];
if (!empty($username)) { if (!empty($username)) {
$stmt = $db->prepare("UPDATE egb_benutzer SET benutzer = :USR WHERE id = :ID"); $stmt = $db->prepare("UPDATE egb_benutzer SET benutzer = :USR WHERE id = :ID");
$stmt->bindValue(":USR", $username); $stmt->bindValue(":USR", $username);
$stmt->bindValue(":ID", $this->id); $stmt->bindValue(":ID", $this->id);
$error = !$stmt->execute(); try {
if (!$stmt->execute()) array_push($failed, "username");
} catch (Exception $e) {
array_push($failed, "username");
}
} }
if ($error) throw new Exception("FailedUsername");
if (!empty($password)) { if (!empty($password)) {
$stmt = $db->prepare("UPDATE egb_benutzer SET passwort = :PAS WHERE id = :ID"); $stmt = $db->prepare("UPDATE egb_benutzer SET passwort = :PAS WHERE id = :ID");
$stmt->bindValue(":PAS", password_hash($password, PASSWORD_DEFAULT)); $stmt->bindValue(":PAS", password_hash($password, PASSWORD_DEFAULT));
$stmt->bindValue(":ID", $this->id); $stmt->bindValue(":ID", $this->id);
$error = !$stmt->execute(); try {
if (!$stmt->execute()) array_push($failed, "password");
} catch (Exception $e) {
array_push($failed, "password");
}
} }
if ($error) throw new Exception("FailedPassword");
if (!empty($image)) { if (!empty($image)) {
$destinationFilename = sprintf('%s.%s', uniqid(), $image->getExtension()); $destinationFilename = sprintf('%s.%s', uniqid(), $image->getExtension());
@ -297,9 +304,13 @@ class User implements JsonSerializable
$stmt = $db->prepare("UPDATE egb_benutzer SET image = :IMG WHERE id = :ID"); $stmt = $db->prepare("UPDATE egb_benutzer SET image = :IMG WHERE id = :ID");
$stmt->bindValue(":IMG", $destinationFilename); $stmt->bindValue(":IMG", $destinationFilename);
$stmt->bindValue(":ID", $this->id); $stmt->bindValue(":ID", $this->id);
$error = !$stmt->execute(); try {
if (!$stmt->execute()) array_push($failed, "image");
} catch (Exception $e) {
array_push($failed, "image");
}
} }
if ($error) throw new Exception("FailedImage"); if (count($failed) > 0) throw ApiError::failedUpdate($failed);
return User::getByID($this->id); return User::getByID($this->id);
} }

7
exam/classes/Response/Response.php
View File

@ -22,6 +22,13 @@ class Response
SimpleRouter::response()->json($value, $options, $dept); SimpleRouter::response()->json($value, $options, $dept);
} }
public static function apiError(string $value, int $code): void
{
Response::response()->header('Content-Type: application/json; charset=utf-8')->httpCode($code);
echo $value;
exit(0);
}
public static function redirect(string $url, ?int $code = null): void public static function redirect(string $url, ?int $code = null): void
{ {
if ($code !== null) { if ($code !== null) {

7
exam/routes/routes.php
View File

@ -1,6 +1,8 @@
<?php <?php
// Namespaces // Namespaces
use Khofmann\ApiError\ApiError;
use Pecee\SimpleRouter\SimpleRouter; use Pecee\SimpleRouter\SimpleRouter;
use Pecee\Http\Request; use Pecee\Http\Request;
use Khofmann\Response\Response; use Khofmann\Response\Response;
@ -8,7 +10,8 @@ use Khofmann\Response\Response;
// Error handling // Error handling
SimpleRouter::error(function (Request $request, Exception $exception) { SimpleRouter::error(function (Request $request, Exception $exception) {
$code = $exception->getCode(); $code = $exception->getCode();
Response::response()->httpCode(is_int($code) ? $code : 500)->json(["message" => $exception->getMessage()]); if ($exception instanceof ApiError) Response::apiError($exception->getMessage(), $code);
else Response::response()->httpCode(is_int($code) ? $code : 500)->json(["message" => $exception->getMessage()]);
}); });
// CORS // CORS
@ -55,7 +58,7 @@ SimpleRouter::group(["middleware" => Khofmann\Auth\Auth::class], function () {
// Update post // Update post
SimpleRouter::patch("/post/{id}", [Api\Post\Post::class, "patch"]); SimpleRouter::patch("/post/{id}", [Api\Post\Post::class, "patch"]);
// Create post // Create post
SimpleRouter::post("/posts", [Api\Post\Post::class, "post"]); SimpleRouter::post("/posts", [Api\Posts\Posts::class, "post"]);
}); });
/* /*

28
exam/utils/helpers.php
View File

@ -1,32 +1,6 @@
<?php <?php
use Pecee\SimpleRouter\SimpleRouter as Router;
use Pecee\Http\Url;
/**
* Get url for a route by using either name/alias, class or method name.
*
* The name parameter supports the following values:
* - Route name
* - Controller/resource name (with or without method)
* - Controller class name
*
* When searching for controller/resource by name, you can use this syntax "route.name@method".
* You can also use the same syntax when searching for a specific controller-class "MyController@home".
* If no arguments is specified, it will return the url for the current loaded route.
*
* @param string|null $name
* @param string|array|null $parameters
* @param array|null $getParams
* @return \Pecee\Http\Url
* @throws \InvalidArgumentException
*/
function url(?string $name = null, $parameters = null, ?array $getParams = null): Url
{
return Router::getUrl($name, $parameters, $getParams);
}
function constrain(int $min, int $max, $n): int function constrain(int $min, int $max, $n): int
{ {
return max(min($max, $n), $min); return max(min($max, $n), $min);
} }