186 lines
5.6 KiB
PHP
186 lines
5.6 KiB
PHP
<?php
|
|
/**
|
|
* FuzeWorks.
|
|
*
|
|
* The FuzeWorks MVC PHP FrameWork
|
|
*
|
|
* Copyright (C) 2015 TechFuze
|
|
*
|
|
* This program is free software: you can redistribute it and/or modify
|
|
* it under the terms of the GNU General Public License as published by
|
|
* the Free Software Foundation, either version 3 of the License, or
|
|
* (at your option) any later version.
|
|
*
|
|
* This program is distributed in the hope that it will be useful,
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
* GNU General Public License for more details.
|
|
*
|
|
* You should have received a copy of the GNU General Public License
|
|
* along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
*
|
|
* @author TechFuze
|
|
* @copyright Copyright (c) 2013 - 2016, Techfuze. (http://techfuze.net)
|
|
* @copyright Copyright (c) 1996 - 2015, Free Software Foundation, Inc. (http://www.fsf.org/)
|
|
* @license http://opensource.org/licenses/GPL-3.0 GPLv3 License
|
|
*
|
|
* @link http://fuzeworks.techfuze.net
|
|
* @since Version 0.0.1
|
|
*
|
|
* @version Version 0.0.1
|
|
*/
|
|
|
|
namespace Module\Api;
|
|
|
|
use FuzeWorks\Layout;
|
|
|
|
/**
|
|
* RestAPI class for creating API's out of modules or contrllers.
|
|
*
|
|
* Extend a Controller with this class, and be sure to return the data from methods of your controller.
|
|
* This data will be parsed by this class and returned as valid JSON data.
|
|
* The necessity of API keys can be configured in the controller by settings $this->requireApiKey = false;
|
|
*
|
|
* @author Abel Hoogeveen <abel@techfuze.net>
|
|
* @copyright Copyright (c) 2013 - 2016, Techfuze. (http://techfuze.net)
|
|
*/
|
|
abstract class RestAPI
|
|
{
|
|
/**
|
|
* Property: method
|
|
* The HTTP method this request was made in, either GET, POST, PUT or DELETE.
|
|
*/
|
|
protected $method = '';
|
|
/**
|
|
* Property: endpoint
|
|
* The Model requested in the URI. eg: /files.
|
|
*/
|
|
protected $endpoint = '';
|
|
/**
|
|
* Property: verb
|
|
* An optional additional descriptor about the endpoint, used for things that can
|
|
* not be handled by the basic methods. eg: /files/process.
|
|
*/
|
|
protected $verb = '';
|
|
/**
|
|
* Property: args
|
|
* Any additional URI components after the endpoint and verb have been removed, in our
|
|
* case, an integer ID for the resource. eg: /<endpoint>/<verb>/<arg0>/<arg1>
|
|
* or /<endpoint>/<arg0>.
|
|
*/
|
|
protected $args = array();
|
|
/**
|
|
* Property: file
|
|
* Stores the input of the PUT request.
|
|
*/
|
|
protected $file = null;
|
|
|
|
/**
|
|
* Whether API authentication is needed before interacting with the API.
|
|
*/
|
|
protected $requireApiKey = true;
|
|
|
|
/**
|
|
* Constructor: __construct
|
|
* Allow for CORS, assemble and pre-process the data.
|
|
*/
|
|
public function __construct($request)
|
|
{
|
|
header('Access-Control-Allow-Orgin: *');
|
|
header('Access-Control-Allow-Methods: *');
|
|
header('Content-Type: application/json');
|
|
|
|
// Return layout data as string
|
|
Layout::setEngine('JSON');
|
|
Layout::returnAsString(false);
|
|
|
|
$this->args = explode('/', rtrim($request, '/'));
|
|
$this->endpoint = array_shift($this->args);
|
|
if (array_key_exists(0, $this->args) && !is_numeric($this->args[0])) {
|
|
$this->verb = array_shift($this->args);
|
|
}
|
|
|
|
$this->method = $_SERVER['REQUEST_METHOD'];
|
|
if ($this->method == 'POST' && array_key_exists('HTTP_X_HTTP_METHOD', $_SERVER)) {
|
|
if ($_SERVER['HTTP_X_HTTP_METHOD'] == 'DELETE') {
|
|
$this->method = 'DELETE';
|
|
} elseif ($_SERVER['HTTP_X_HTTP_METHOD'] == 'PUT') {
|
|
$this->method = 'PUT';
|
|
} else {
|
|
throw new Exception('Unexpected Header');
|
|
}
|
|
}
|
|
|
|
switch ($this->method) {
|
|
case 'DELETE':
|
|
case 'POST':
|
|
$this->request = $this->_cleanInputs($_POST);
|
|
break;
|
|
case 'GET':
|
|
$this->request = $this->_cleanInputs($_GET);
|
|
break;
|
|
case 'PUT':
|
|
$this->request = $this->_cleanInputs($_GET);
|
|
$this->file = file_get_contents('php://input');
|
|
break;
|
|
default:
|
|
$this->_response('Invalid Method', 405);
|
|
break;
|
|
}
|
|
|
|
// And afterwards process the data
|
|
echo $this->processAPI();
|
|
|
|
// Halter for when the RestApi is used by a controller
|
|
$this->halt = true;
|
|
Layout::reset();
|
|
}
|
|
|
|
/**
|
|
* Process an API request when retrieving.
|
|
*
|
|
* @return string JSON encoded response
|
|
*/
|
|
public function processAPI()
|
|
{
|
|
if (method_exists($this, $this->endpoint)) {
|
|
return $this->_response($this->{$this->endpoint}($this->args));
|
|
}
|
|
|
|
return $this->_response("No Endpoint: $this->endpoint", 404);
|
|
}
|
|
|
|
private function _response($data, $status = 200)
|
|
{
|
|
header('HTTP/1.1 '.$status.' '.$this->_requestStatus($status));
|
|
|
|
return json_encode($data);
|
|
}
|
|
|
|
private function _cleanInputs($data)
|
|
{
|
|
$clean_input = array();
|
|
if (is_array($data)) {
|
|
foreach ($data as $k => $v) {
|
|
$clean_input[$k] = $this->_cleanInputs($v);
|
|
}
|
|
} else {
|
|
$clean_input = trim(strip_tags($data));
|
|
}
|
|
|
|
return $clean_input;
|
|
}
|
|
|
|
private function _requestStatus($code)
|
|
{
|
|
$status = array(
|
|
200 => 'OK',
|
|
404 => 'Not Found',
|
|
405 => 'Method Not Allowed',
|
|
500 => 'Internal Server Error',
|
|
);
|
|
|
|
return ($status[$code]) ? $status[$code] : $status[500];
|
|
}
|
|
}
|