NicolaBizzoca/.htaccess Secret

## .htaccess
RewriteEngine on
RewriteRule ^products/?$ api.php?type=products [L,QSA]
RewriteRule ^products/(.*)/options/?$ api.php?type=productOptions&code=$1 [L,QSA]

RewriteCond %{REQUEST_METHOD} =POST
RewriteRule ^products/(.*)/configurator/?$ api.php?type=product&code=$1 [L,QSA]

RewriteCond %{REQUEST_METHOD} =DELETE
RewriteRule ^products/(.*)/configurator/?$ api.php?type=productDelete&code=$1 [L,QSA]

## api.php
<?php

define("PRODUCT_PER_PAGE", 20);

define("ZAKEKE_API_CLIENT_ID", "654");
define("ZAKEKE_API_SECRET", "RREGREjrkh398ug-reyter.");

// The response must always be in json format
header("Content-Type: application/json");

// Dummy data
$products = [
    [
       "code" => "1343242",
       "name" => "Woman handbag",
       "thumbnail" => "https://..."
    ],
    [
       "code" => "1343243",
       "name" => "Watch",
       "thumbnail" => "https://...",
       "metadata" => [
          "additional_info" => "info"
       ]
    ]
];

$productOptions = [
    "1343242" => [
        [
            "code" => "34523",
            "name" => "Color",
            "values" => [
               [
                  "code" => "537564567",
                  "name" => "White"
               ],
               [
                  "code" => "646456464",
                  "name" => "Black"
               ]
            ]
        ]
    ]
];

function isAuth() {
    if (isset($_SERVER["HTTP_AUTHORIZATION"])) {
        $auth = $_SERVER["HTTP_AUTHORIZATION"];
        $auth_array = explode(" ", $auth);
        $un_pw = explode(":", base64_decode($auth_array[1]));
        $client_id = $un_pw[0];
        $secret_key = $un_pw[1];

        return $client_id === ZAKEKE_API_CLIENT_ID && $secret_key === ZAKEKE_API_SECRET;
    }

    return false;
}

function checkAuth() {
    if (!isAuth()) {
       header("HTTP/1.1 401 Unauthorized");
       exit;
    }
}

function products($page) {
    global $products;


    // Return an empty array in case of a missing resoult
    echo json_encode(array_slice($products, PRODUCT_PER_PAGE * ($page - 1), PRODUCT_PER_PAGE));
}

function product($code) {
    // Set the product as configurable
}

function productDelete($code) {
    // Set the product as not longer configurable
}

function productOptions($code) {
    global $productOptions;
    // Return an empty array in case of a missing resoult
    echo json_encode(isset($productOptions[$code]) ? $productOptions[$code] : []);
}

checkAuth();
switch($_REQUEST["type"]) {
    case "products":
        products(isset($_REQUEST["page"]) ? intval($_REQUEST["page"]) : 1);
    break;
    case "product":
        product($_REQUEST["code"]);
    break;
    case "productDelete":
        productDelete($_REQUEST["code"]);
    break;
    case "productOptions":
        productOptions($_REQUEST["code"]);
    break;
}
	RewriteEngine on
	RewriteRule ^products/?$ api.php?type=products [L,QSA]
	RewriteRule ^products/(.*)/options/?$ api.php?type=productOptions&code=$1 [L,QSA]

	RewriteCond %{REQUEST_METHOD} =POST
	RewriteRule ^products/(.*)/configurator/?$ api.php?type=product&code=$1 [L,QSA]

	RewriteCond %{REQUEST_METHOD} =DELETE
	RewriteRule ^products/(.*)/configurator/?$ api.php?type=productDelete&code=$1 [L,QSA]
	<?php

	define("PRODUCT_PER_PAGE", 20);

	define("ZAKEKE_API_CLIENT_ID", "654");
	define("ZAKEKE_API_SECRET", "RREGREjrkh398ug-reyter.");

	// The response must always be in json format
	header("Content-Type: application/json");

	// Dummy data
	$products = [
	[
	"code" => "1343242",
	"name" => "Woman handbag",
	"thumbnail" => "https://..."
	],
	[
	"code" => "1343243",
	"name" => "Watch",
	"thumbnail" => "https://...",
	"metadata" => [
	"additional_info" => "info"
	]
	]
	];

	$productOptions = [
	"1343242" => [
	[
	"code" => "34523",
	"name" => "Color",
	"values" => [
	[
	"code" => "537564567",
	"name" => "White"
	],
	[
	"code" => "646456464",
	"name" => "Black"
	]
	]
	]
	]
	];

	function isAuth() {
	if (isset($_SERVER["HTTP_AUTHORIZATION"])) {
	$auth = $_SERVER["HTTP_AUTHORIZATION"];
	$auth_array = explode(" ", $auth);
	$un_pw = explode(":", base64_decode($auth_array[1]));
	$client_id = $un_pw[0];
	$secret_key = $un_pw[1];

	return $client_id === ZAKEKE_API_CLIENT_ID && $secret_key === ZAKEKE_API_SECRET;
	}

	return false;
	}

	function checkAuth() {
	if (!isAuth()) {
	header("HTTP/1.1 401 Unauthorized");
	exit;
	}
	}

	function products($page) {
	global $products;



	// Return an empty array in case of a missing resoult
	echo json_encode(array_slice($products, PRODUCT_PER_PAGE * ($page - 1), PRODUCT_PER_PAGE));
	}

	function product($code) {
	// Set the product as configurable
	}

	function productDelete($code) {
	// Set the product as not longer configurable
	}

	function productOptions($code) {
	global $productOptions;
	// Return an empty array in case of a missing resoult
	echo json_encode(isset($productOptions[$code]) ? $productOptions[$code] : []);
	}

	checkAuth();
	switch($_REQUEST["type"]) {
	case "products":
	products(isset($_REQUEST["page"]) ? intval($_REQUEST["page"]) : 1);
	break;
	case "product":
	product($_REQUEST["code"]);
	break;
	case "productDelete":
	productDelete($_REQUEST["code"]);
	break;
	case "productOptions":
	productOptions($_REQUEST["code"]);
	break;
	}