198 行
6.6 KiB
PHP
198 行
6.6 KiB
PHP
<?php
|
|
|
|
namespace App\Http\Controllers;
|
|
|
|
use App\Models\ForUser;
|
|
|
|
use Illuminate\Support\Facades\DB;
|
|
use Illuminate\Http\Request;
|
|
use Illuminate\Http\Response;
|
|
use Illuminate\Support\Facades\Log;
|
|
use Tymon\JWTAuth\Facades\JWTAuth;
|
|
use Tymon\JWTAuth\Exceptions\JWTException;
|
|
|
|
class UserController extends Controller {
|
|
// User
|
|
public function getUsers() { // /api/rpc/user/user/getusers
|
|
return DB::table('for_users')
|
|
->select('*')
|
|
->get();
|
|
}
|
|
|
|
public function getUser($id) { // /api/rpc/user/user/getuser/id
|
|
return DB::table('for_users')
|
|
->select(
|
|
'id',
|
|
'username',
|
|
'perm_id',
|
|
'member_title',
|
|
'reg_date',
|
|
'website_address',
|
|
'website_name',
|
|
'gender',
|
|
'location',
|
|
'birthday',
|
|
'bio',
|
|
'avatar',
|
|
'timezone',
|
|
'strikes',
|
|
'name_colour',
|
|
'display_name',
|
|
'yt_channel',
|
|
'country',
|
|
'curTZ', 'curDF', 'curTF', // Time and date stuff
|
|
'usr_per_id', 'str_per_id', // Permission stuff.
|
|
// TODO: hide the following stuff away from unprivileaged users.
|
|
'email',
|
|
'ip_address',
|
|
'strikes'
|
|
)
|
|
->where('id', $id)
|
|
->get();
|
|
}
|
|
|
|
public function getPostStyle($id) { // /api/rpc/user/user/getpoststyle/id
|
|
return DB:: table('for_users')
|
|
->select('header', 'footer')
|
|
->where('id', $id)
|
|
->get();
|
|
}
|
|
|
|
public function getGroupColours() { // /api/rpc/user/user/getgroupcolours
|
|
return DB::table('usr_perm_module')
|
|
->select(
|
|
'id',
|
|
'name',
|
|
'colour_m',
|
|
'colour_f',
|
|
'colour_u'
|
|
// 'badge' (this is a pipeline feature, please don't uncomment for now!)
|
|
)
|
|
->get();
|
|
}
|
|
|
|
public function isAuth(Request $request) { // /apt/rpc/user/auth/isauth
|
|
return $request->cookie('username');
|
|
}
|
|
|
|
public function login(Request $request) { // /api/rpc/user/auth/login
|
|
$getUser = DB::table('for_users')
|
|
->select('id', 'username', 'password', 'salt')
|
|
->where('username', $request->username)
|
|
->get();
|
|
|
|
$login_ok = false;
|
|
|
|
try {
|
|
$check_password = hash('sha256', $request->password . $getUser[0]->salt);
|
|
|
|
for ($round = 0; $round < 65536; $round++) {
|
|
$check_password = hash('sha256', $check_password . $getUser[0]->salt);
|
|
}
|
|
|
|
if ($check_password === $getUser[0]->password) {
|
|
$login_ok = true;
|
|
|
|
$credentials = $request->only('username', $check_password); // grab credentials from the request
|
|
|
|
try {
|
|
if (!$token = JWTAuth::attempt($credentials)) { // attempt to verify the credentials and create a token for the user
|
|
return response()->json(['error' => 'invalid_credentials'], 401);
|
|
}
|
|
}
|
|
catch (JWTException $e) {
|
|
return response()->json(['error' => 'could_not_create_token'], 500); // something went wrong whilst attempting to encode the token
|
|
}
|
|
|
|
return response()->json(['token' => "Bearer $token"]);
|
|
//return $_SERVER['HTTP_HOST'];
|
|
// setcookie("username", $_POST['username'], time()+3600*24*30*72, "/", $_SERVER['HTTP_HOST'], false, true);
|
|
// setcookie("password", $check_password, time()+3600*24*30*72, "/", $_SERVER['HTTP_HOST'], false, true);
|
|
//$cookieU = $request->cookie('username', $request->username, time()+3600*24*30*72);
|
|
//$cookieP = $request->cookie('password', $check_password, time()+3600*24*30*72);
|
|
|
|
//dd($cookieP);
|
|
//dd($request);
|
|
//dd($cookie->name));
|
|
//return response('')
|
|
//->cookie('username', $cookieU)
|
|
//->cookie('password', $cookieP);
|
|
}
|
|
|
|
return "bad";
|
|
}
|
|
catch (Exception $e) {
|
|
return $e->getMessage();
|
|
}
|
|
}
|
|
|
|
public function register(Request $request) { // /api/rpc/user/auth/register
|
|
return;
|
|
}
|
|
|
|
public function logout(Request $request) { // /api/rpc/user/auth/logout
|
|
return;
|
|
}
|
|
|
|
// public function passwordReset() {}
|
|
// public function confirmReset() {}
|
|
|
|
// Owner
|
|
public function countOwnersOfEntry($file_id) { // /api/rpc/user/owner/countownersofentry/id
|
|
return DB::table('str_owners')
|
|
->where('file_id', $file_id)
|
|
->count();
|
|
}
|
|
|
|
public function getOwnersOfEntry($file_id) { // /api/rpc/user/owner/getownersofentry/id
|
|
return DB::table('str_owners')
|
|
->join('str_file', 'str_owners.file_id', '=', 'str_file.id')
|
|
->join('for_users', 'str_owners.user_id', '=', 'for_users.id')
|
|
->where('file_id', $file_id)
|
|
->get(array(
|
|
"user_id",
|
|
"title",
|
|
"version",
|
|
"views",
|
|
"downloads",
|
|
"submit_date",
|
|
"last_date",
|
|
"username",
|
|
"avatar",
|
|
"perm_id",
|
|
"gender",
|
|
"display_name",
|
|
"name_colour",
|
|
));
|
|
}
|
|
|
|
public function countEntriesOfOwner($user_id) { // /api/rpc/user/owner/countentriesofowner/id
|
|
return DB::table('str_owners')
|
|
->where('user_id', $user_id)
|
|
->count();
|
|
}
|
|
|
|
|
|
public function getEntriesOfOwner($user_id) { // /api/rpc/user/owner/getentriesofowner/id
|
|
return DB::table('str_owners')
|
|
->join('str_file', 'str_owners.file_id', '=', 'str_file.id')
|
|
->join('for_users', 'str_owners.user_id', '=', 'for_users.id')
|
|
->where('user_id', $user_id)
|
|
->get(array(
|
|
"user_id",
|
|
"title",
|
|
"version",
|
|
"views",
|
|
"downloads",
|
|
"submit_date",
|
|
"last_date",
|
|
"username",
|
|
"avatar",
|
|
"perm_id",
|
|
"gender",
|
|
"display_name",
|
|
"name_colour",
|
|
));
|
|
}
|
|
}
|