gnu-social/plugins/DomainStatusNetwork/actions/globalapi.php

121 lines
3.4 KiB
PHP
Raw Normal View History

2011-06-10 20:51:30 +01:00
<?php
// This file is part of GNU social - https://www.gnu.org/software/social
//
// GNU social is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// GNU social is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with GNU social. If not, see <http://www.gnu.org/licenses/>.
2011-06-10 20:51:30 +01:00
/**
* An action that requires an API key
*
* @category DomainStatusNetwork
* @package GNUsocial
2011-06-10 20:51:30 +01:00
* @author Evan Prodromou <evan@status.net>
* @copyright 2011 StatusNet, Inc.
* @license https://www.gnu.org/licenses/agpl.html GNU AGPL v3 or later
2011-06-10 20:51:30 +01:00
*/
defined('GNUSOCIAL') || die();
2011-06-10 20:51:30 +01:00
/**
* An action that requires an API key
*
* @category General
* @package GNUsocial
2011-06-10 20:51:30 +01:00
* @author Evan Prodromou <evan@status.net>
* @copyright 2011 StatusNet, Inc.
* @license https://www.gnu.org/licenses/agpl.html GNU AGPL v3 or later
2011-06-10 20:51:30 +01:00
*/
class GlobalApiAction extends Action
{
public $email;
2011-06-10 20:51:30 +01:00
/**
* Check for an API key, and throw an exception if it's not set
*
* @param array $args URL and POST params
*
* @return boolean continuation flag
*/
public function prepare(array $args = [])
2011-06-10 20:51:30 +01:00
{
GNUsocial::setApi(true); // reduce exception reports to aid in debugging
2011-06-10 20:51:30 +01:00
parent::prepare($args);
if (!common_config('globalapi', 'enabled')) {
2011-06-10 21:50:06 +01:00
throw new ClientException(_('Global API not enabled.'), 403);
2011-06-10 20:51:30 +01:00
}
$apikey = $this->trimmed('apikey');
if (empty($apikey)) {
2011-06-10 21:50:06 +01:00
throw new ClientException(_('No API key.'), 403);
2011-06-10 20:51:30 +01:00
}
$expected = common_config('globalapi', 'key');
if ($expected != $apikey) {
// FIXME: increment a counter by IP address to prevent brute-force
// attacks on the key.
2011-06-10 21:50:06 +01:00
throw new ClientException(_('Bad API key.'), 403);
2011-06-10 20:51:30 +01:00
}
$email = common_canonical_email($this->trimmed('email'));
if (empty($email)) {
throw new ClientException(_('No email address.'));
}
if (!Validate::email($email, common_config('email', 'check_domain'))) {
throw new ClientException(_('Invalid email address.'));
}
$this->email = $email;
return true;
}
public function showError($message, $code = 400)
2011-06-10 20:51:30 +01:00
{
2011-06-10 21:50:06 +01:00
$this->showOutput(array('error' => $message), $code);
2011-06-10 20:51:30 +01:00
}
public function showSuccess($values = null, $code = 200)
2011-06-10 20:51:30 +01:00
{
if (empty($values)) {
$values = array();
}
$values['success'] = 1;
2011-06-10 21:50:06 +01:00
$this->showOutput($values, $code);
2011-06-10 20:51:30 +01:00
}
public function showOutput($values, $code)
2011-06-10 20:51:30 +01:00
{
if (
!array_key_exists($code, ClientErrorAction::$status)
&& !array_key_exists($code, ServerErrorAction::$status)
) {
2011-06-10 21:50:06 +01:00
// bad code!
$code = 500;
}
http_response_code($code);
2011-06-10 21:50:06 +01:00
2011-06-10 20:51:30 +01:00
header('Content-Type: application/json; charset=utf-8');
print(json_encode($values));
2011-06-10 21:50:06 +01:00
print("\n");
2011-06-10 20:51:30 +01:00
}
}