AlternC/api/panel/index.php

<?php

/**
 * multiple call-mode API for Alternc
 * you can call this HTTP(s) API as follow: 
 * from the base url https://panel.example.fr/api/
 * 1. /api/post use GETted data (?token=xx&object=xx&action=yy&option1=value1&option2=value2
 * 2. /api/post use POSTED data using the same keys 
 * 3. use a sub-url (rest-style) of the form /api/rest/object/action?token=xx&option1=value1&option2=value2
 * 4. the same (REST) but options and value are POSTED
 * 
 * the json-object contains:
 *  ->object = the Alternc_Api_Object_<classname> to call
 *  ->action = the method to call in this class
 *  ->options = an object passed as it is while calling the method.
 *
 * Authentication is done by asking for /api/auth/<method>?option1=value1&option2=value2
 * or POSTED data
 * a token is returned for this session
 *
 */


// bootstrap AlternC
require_once("bootstrap.php");

// Which api method is used ?
define("API_CALL_GET",       1 );
define("API_CALL_POST",      2 );
define("API_CALL_POST_REST", 3 );
define("API_CALL_GET_REST",  4 );

// TODO : __autoload of classes ? 

function apicall($data,$token,$mode) {
  global $dbh;
  $options["databaseAdapter"]=$dbh;
  $options["loginAdapterList"]=array("sharedsecret","login");
  // TODO (no loggerAdapter PSR3-Interface-compliant class as of now)
  try {

    $service=new Alternc_Api_Service($options);

    $response = $service->call(
			       new Alternc_Api_Request($data)
			       );

    header("Content-Type: application/json");
    echo $response->toJson();
    exit();

  } catch (Exception $e) {
    // something went wrong, we spit out the exception as an Api_Response
    // TODO : Don't do that on production! spit out a generic "fatal error" code and LOG the exception !
    header("Content-Type: application/json");
    $response=new Alternc_Api_Response(array("code" => $e->code, "message" => $e->message));
    echo $response->toJson();
    exit();
  }
}

function apiauth($data,$mode) {
  global $dbh;
  $options["databaseAdapter"]=$dbh;
  // TODO (no loggerAdapter PSR3-Interface-compliant class as of now)
  try {

    $service=new Alternc_Api_Service($options);

    $response = $service->auth($data);

    header("Content-Type: application/json");
    echo $response->toJson();
    exit();

  } catch (Exception $e) {
    // something went wrong, we spit out the exception as an Api_Response
    // TODO : Don't do that on production! spit out a generic "fatal error" code and LOG the exception !
    header("Content-Type: application/json");
    $response=new Alternc_Api_Response(array("code" => $e->code, "message" => $e->message));
    echo $response->toJson();
    exit();
  }
}


// Authentication 
if (preg_match("#^/api/auth/([^/]*)/?#$",$_SERVER["REQUEST_URI"],$mat)) {
  if ($_SERVER["REQUEST_METHOD"]=="POST") {
    $data=array("options" => $_POST,
		"method" => $mat[1]);
    apiauth($data,API_CALL_GET);
    exit(); 
  } else {
    $data=array("options" => $_GET, 
		"method" => $mat[1]);
    apiauth($data,API_CALL_POST);
    exit(); 
  }  
}

// We support 4 api calls methods:
if ($_SERVER["REQUEST_URI"]=="/api/post") {
  // simple ?q or POST of json data
  if ($_SERVER["REQUEST_METHOD"]=="POST") {
    $data=array("options" => $_POST,
		"object" => $_POST["object"],
		"action" => $_POST["action"],
		);
    $token=$_POST["token"];
    apicall($data,$token,API_CALL_POST);
    exit();
  } else {
    $data=array("options" => $_GET,
		"object" => $_GET["object"],
		"action" => $_GET["action"],
		);
    $token=$_GET["token"];
    apicall($data,$token,API_CALL_GET);
    exit();
  }
}

if (preg_match("#^/api/rest/([^/]*)/([^/]*)/?#$",$_SERVER["REQUEST_URI"],$mat)) {
  if ($_SERVER["REQUEST_METHOD"]=="POST") {
    $data=array("options" => $_POST, 
		"object" => $mat[1],
		"action" => $mat[2]
		);
    $token=$_POST["token"];
    apicall($data,$token,API_CALL_POST_REST);
    exit(); 
  } else {
    $data=array("options" => $_GET, 
		"object" => $mat[1],
		"action" => $mat[2]
		);
    $token=$_GET["token"];
    apicall($data,$token,API_CALL_GET_REST);
    exit(); 
  }
}
adding the real api (quick bootstrap + serving apicalls at /api/. need to do AUTH now, and makefile/debian package 2014-09-20 15:29:40 +00:00			`<?php`

			`/**`
			`* multiple call-mode API for Alternc`
			`* you can call this HTTP(s) API as follow:`
			`* from the base url https://panel.example.fr/api/`
			`* 1. /api/post use GETted data (?token=xx&object=xx&action=yy&option1=value1&option2=value2`
			`* 2. /api/post use POSTED data using the same keys`
			`* 3. use a sub-url (rest-style) of the form /api/rest/object/action?token=xx&option1=value1&option2=value2`
			`* 4. the same (REST) but options and value are POSTED`
			`*`
			`* the json-object contains:`
			`* ->object = the Alternc_Api_Object_<classname> to call`
			`* ->action = the method to call in this class`
			`* ->options = an object passed as it is while calling the method.`
adding AUTH to the API 2014-09-20 16:01:22 +00:00			`*`
			`* Authentication is done by asking for /api/auth/<method>?option1=value1&option2=value2`
			`* or POSTED data`
			`* a token is returned for this session`
			`*`
adding the real api (quick bootstrap + serving apicalls at /api/. need to do AUTH now, and makefile/debian package 2014-09-20 15:29:40 +00:00			`*/`


			`// bootstrap AlternC`
			`require_once("bootstrap.php");`

			`// Which api method is used ?`
			`define("API_CALL_GET", 1 );`
			`define("API_CALL_POST", 2 );`
			`define("API_CALL_POST_REST", 3 );`
			`define("API_CALL_GET_REST", 4 );`

			`// TODO : __autoload of classes ?`

			`function apicall($data,$token,$mode) {`
			`global $dbh;`
			`$options["databaseAdapter"]=$dbh;`
			`$options["loginAdapterList"]=array("sharedsecret","login");`
			`// TODO (no loggerAdapter PSR3-Interface-compliant class as of now)`
			`try {`

			`$service=new Alternc_Api_Service($options);`

			`$response = $service->call(`
			`new Alternc_Api_Request($data)`
			`);`

			`header("Content-Type: application/json");`
			`echo $response->toJson();`
			`exit();`

			`} catch (Exception $e) {`
			`// something went wrong, we spit out the exception as an Api_Response`
			`// TODO : Don't do that on production! spit out a generic "fatal error" code and LOG the exception !`
			`header("Content-Type: application/json");`
			`$response=new Alternc_Api_Response(array("code" => $e->code, "message" => $e->message));`
			`echo $response->toJson();`
			`exit();`
			`}`
			`}`

adding AUTH to the API 2014-09-20 16:01:22 +00:00			`function apiauth($data,$mode) {`
			`global $dbh;`
			`$options["databaseAdapter"]=$dbh;`
			`// TODO (no loggerAdapter PSR3-Interface-compliant class as of now)`
			`try {`

			`$service=new Alternc_Api_Service($options);`
adding the real api (quick bootstrap + serving apicalls at /api/. need to do AUTH now, and makefile/debian package 2014-09-20 15:29:40 +00:00
adding AUTH to the API 2014-09-20 16:01:22 +00:00			`$response = $service->auth($data);`

			`header("Content-Type: application/json");`
			`echo $response->toJson();`
			`exit();`

			`} catch (Exception $e) {`
			`// something went wrong, we spit out the exception as an Api_Response`
			`// TODO : Don't do that on production! spit out a generic "fatal error" code and LOG the exception !`
			`header("Content-Type: application/json");`
			`$response=new Alternc_Api_Response(array("code" => $e->code, "message" => $e->message));`
			`echo $response->toJson();`
			`exit();`
			`}`
			`}`


			`// Authentication`
			`if (preg_match("#^/api/auth/([^/]*)/?#$",$_SERVER["REQUEST_URI"],$mat)) {`
			`if ($_SERVER["REQUEST_METHOD"]=="POST") {`
			`$data=array("options" => $_POST,`
			`"method" => $mat[1]);`
			`apiauth($data,API_CALL_GET);`
			`exit();`
			`} else {`
			`$data=array("options" => $_GET,`
			`"method" => $mat[1]);`
			`apiauth($data,API_CALL_POST);`
			`exit();`
			`}`
			`}`
adding the real api (quick bootstrap + serving apicalls at /api/. need to do AUTH now, and makefile/debian package 2014-09-20 15:29:40 +00:00
adding AUTH to the API 2014-09-20 16:01:22 +00:00			`// We support 4 api calls methods:`
adding the real api (quick bootstrap + serving apicalls at /api/. need to do AUTH now, and makefile/debian package 2014-09-20 15:29:40 +00:00			`if ($_SERVER["REQUEST_URI"]=="/api/post") {`
			`// simple ?q or POST of json data`
			`if ($_SERVER["REQUEST_METHOD"]=="POST") {`
			`$data=array("options" => $_POST,`
			`"object" => $_POST["object"],`
			`"action" => $_POST["action"],`
			`);`
			`$token=$_POST["token"];`
			`apicall($data,$token,API_CALL_POST);`
			`exit();`
			`} else {`
			`$data=array("options" => $_GET,`
			`"object" => $_GET["object"],`
			`"action" => $_GET["action"],`
			`);`
			`$token=$_GET["token"];`
			`apicall($data,$token,API_CALL_GET);`
			`exit();`
			`}`
			`}`

			`if (preg_match("#^/api/rest/([^/])/([^/])/?#$",$_SERVER["REQUEST_URI"],$mat)) {`
			`if ($_SERVER["REQUEST_METHOD"]=="POST") {`
			`$data=array("options" => $_POST,`
			`"object" => $mat[1],`
			`"action" => $mat[2]`
			`);`
			`$token=$_POST["token"];`
			`apicall($data,$token,API_CALL_POST_REST);`
			`exit();`
			`} else {`
			`$data=array("options" => $_GET,`
			`"object" => $mat[1],`
			`"action" => $mat[2]`
			`);`
			`$token=$_GET["token"];`
			`apicall($data,$token,API_CALL_GET_REST);`
			`exit();`
			`}`
			`}`