Created
January 23, 2015 15:16
-
-
Save pives/22ee6fe06db46789ce70 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| use Phalcon\Mvc\Micro, | |
| Phalcon\Logger as Logger, | |
| Phalcon\Logger\Adapter\File as FileLogger, | |
| Phalcon\Events\Manager as EventsManager, | |
| Phalcon\Filter as Filter; | |
| $loader = new \Phalcon\Loader(); | |
| date_default_timezone_set("UTC"); | |
| $loader->registerDirs(array( | |
| __DIR__ . '/app/models/', | |
| __DIR__ . '/app/library/', | |
| __DIR__ . '/app/plugins' | |
| ))->register(); | |
| $di = new \Phalcon\DI\FactoryDefault(); | |
| $loader->registerClasses( | |
| array( | |
| "Password" => __DIR__ . "/app/library/password.php", | |
| "validateJSONTransaction" => __DIR__ ."/app/library/ValidateJSONTransacion.php" | |
| ) | |
| ); | |
| $config = new Phalcon\Config\Adapter\Ini(__DIR__ . '/app/config/config.ini'); | |
| $apilog = property_exists($config->apilog, 'apilogfile')? $config->apilog->apilogfile : __DIR__ ."bwgapi.log"; | |
| $logger = new \Phalcon\Logger\Adapter\File($apilog, array( | |
| 'mode' => 'a+')); | |
| if (property_exists($config, 'apilog') && property_exists($config->apilog, 'loglevel')){ | |
| $f = $config->apilog->loglevel; | |
| $l=constant("Phalcon\Logger::$f"); | |
| $logger->setLogLevel($l); | |
| } else { | |
| $logger->setLogLevel(Logger::DEBUG); | |
| $logger->error('LOG LEVEL NOT SET.****************************'); | |
| } | |
| $di->set('config', $config); | |
| $di->set('logger', $logger); | |
| $di->set('db', function() use ($config, $di) { | |
| $connection = new \Phalcon\Db\Adapter\Pdo\Mysql(array( | |
| "host" => $config->database->host, | |
| "username" => $config->database->username, | |
| "password" => $config->database->password, | |
| "dbname" => $config->database->name, | |
| "charset" => "utf8", | |
| "options" => array( | |
| PDO::MYSQL_ATTR_INIT_COMMAND => 'SET NAMES utf8' | |
| ) | |
| )); | |
| $dblogger = new FileLogger(property_exists($config->database, 'dblogfile') | |
| ? $config->database->dblogfile | |
| : __DIR__ ."bwgweb-".date('Ymd').".log"); | |
| $eventsManager = $di->getShared('eventsManager'); | |
| //Listen all the database events | |
| $eventsManager->attach('db', function($event, $connection) use ($dblogger) { | |
| $dblogger->log( $event->getType()); | |
| if ($event->getType() == 'beforeQuery') { | |
| $sqlVariables = $connection->getSQLVariables(); | |
| if (count($sqlVariables)) { | |
| $dblogger->log($connection->getSQLStatement() . ' ' . join(', ', $sqlVariables), Logger::INFO); | |
| } else { | |
| $dblogger->log($connection->getSQLStatement(), Logger::INFO); | |
| } | |
| } | |
| }); | |
| //Assign the eventsManager to the db adapter instance | |
| $connection->setEventsManager($eventsManager); | |
| return $connection; | |
| }); | |
| $filter = new Filter(); | |
| $filter->add('xmlname', function ($value) { | |
| return preg_replace('[a-zA-Z0-9\-]', '', $value); | |
| }); | |
| $di->set('filter', $filter); | |
| $security = new Security($di); | |
| $di->set('security', $security); | |
| $helper = new Helper(); | |
| $di->set('helper', $helper); | |
| $ApiSession = new ApiSession(); | |
| $di->set('ApiSession', $ApiSession); | |
| $di->set('session', function(){ | |
| $session = new Phalcon\Session\Adapter\Files(); | |
| $session->start(); | |
| return $session; | |
| }); | |
| $app = new Phalcon\Mvc\Micro($di); | |
| $app->response->setContentType('application/json')->sendHeaders(); | |
| $eventManager = new EventsManager(); | |
| $eventManager->attach('micro', function($event, $app) { | |
| if ($event->getType() == 'beforeExecuteRoute') { | |
| // ACL ish /: pw | |
| if (strpos($app->request->getURI(), '/api/auth/login') !== false || | |
| strpos($app->request->getURI(), '/api/auth/logout') !== false) { | |
| return true; | |
| } | |
| // otherwise auth or die | |
| if (isset($app->session->auth)) { | |
| return true; | |
| } else { | |
| $app->response->setStatusCode(403, 'Unauthorized')->setContent("Authentication failed")->send(); | |
| return false; | |
| } | |
| } | |
| }); | |
| $app->setEventsManager($eventManager); | |
| /** | |
| * @api {post} /api/auth/login Login | |
| * @apiName Login | |
| * @ApiVersion 0.9.1 | |
| * @apiGroup Auth | |
| * | |
| * @apiExample Example usage: | |
| * http://api.bwg.com/api/auth/login | |
| * | |
| * @apiSuccess {String} session_token Session token. | |
| * @apiSuccess {String} first_name First name of user. | |
| * @apiSuccess {String} last_name Last name of user. | |
| * @apiSuccess {Bool} is_manager User is manager: true /false. | |
| * @apiSuccess {Array} campaigns Array of campaign ids user can access. | |
| * | |
| * | |
| * | |
| */ | |
| $app->post('/api/auth/login', function() use ($app) { | |
| $app->logger->debug("l1"); | |
| $creds = $app->request->getJsonRawBody(); | |
| $app->logger->debug(print_r($creds, true)); | |
| if(!property_exists($creds, 'email') || !property_exists($creds, 'pass')) { | |
| $data = array('error' => 'true', | |
| 'msg' => 'user or password not sent.'); | |
| $app->response->setStatusCode(500, 'invalid post')->sendHeaders(); | |
| echo json_encode($data); | |
| return; | |
| } | |
| return loginUser($creds->email ,$creds->pass, $app); | |
| }); | |
| /** | |
| * @api {get} /auth/logout Logout | |
| * @apiName Logout | |
| * @apiGroup Auth | |
| * @apiDescription Destroy user session | |
| * @apiSuccess 200 | |
| * | |
| */ | |
| $app->get('/api/auth/logout', function () use ($app) { | |
| $app->session->destroy(); | |
| $app->response->setStatusCode(200, "Success")->sendHeaders(); | |
| }); | |
| $app->get('/api/auth/test', function () use ($app) { | |
| echo $app->ApiSession->test(); | |
| }); | |
| /** | |
| * @api {get} /api/campaigns Get all campaigns | |
| * @apiName Get all campaigns | |
| * @apiGroup Campaigns | |
| * | |
| * @apiSuccess {array} Array of campaign id's User is authorized to access. | |
| * @apiSuccess {String} source_code ROI Campaign Source Code (unique id) | |
| * @apiSuccess {String} ROI_short_description one line description | |
| * @apiSuccess {String} skin_location url of base (soon to be deprecated) | |
| * @apiSuccess {int} skin_id | |
| * @apiSuccess {String} bannerTab2x Banner url . | |
| * @apiSuccess {String} bannerTab Banner url . | |
| * @apiSuccess {String} bannerMob2x Banner url . | |
| * @apiSuccess {String} bannerMob Banner url . | |
| * @apiSuccess {String} video video url . | |
| * @apiSuccess {float} sugg_donation_amount Suggested donation amount. | |
| * @apiSuccess {int} entity_id id of organization | |
| * @apiSuccess {DateTime} start_date start date of campaign | |
| * @apiSuccess {DateTime} end_date end date of campaign | |
| * @apiSuccess {boolean} is_active is this campaing active. | |
| **/ | |
| $app->get('/api/campaigns', function() use ($app) { | |
| return getCampaigns(false, $app); | |
| }); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment