Skip to content
Snippets Groups Projects
Select Git revision
  • fba12a07c4f62db35b0f7ef297ed9b284b9f45c0
  • main default protected
  • weblate-byecorps-id-web
3 results

en_US.php

Blame
  • Forked from ByeCorps / ID / strings
    Source project has a limited visibility.
    api_handler.php 3.25 KiB
    <?php
    
    $output_format = "json";
    header('Content-type: application/json');
    
    if (array_key_exists('HTTP_AUTHORIZATION', $_SERVER)) {
        $access_token = str_replace("Bearer ", "", $_SERVER['HTTP_AUTHORIZATION']);
    }
    
    if (!empty($access_token)) {
        // Check who the access token belongs to
        $token = db_execute("SELECT * FROM tokens WHERE access_token = ?", [$access_token]);
        // if the token doesn't exist...
        if (empty($token)) {
            $invalid_token = true; // We won't tell this to the end-user immediately because I'd prefer to tell them about
                                    // 404 first.
        } else {
            $token_owner = $token['owner_id'];
        }
    }
    
    function check_authorisation($token): int
    {
        // Validate token
        if (!validate_access_token($token)) {
            return 0; // Unauthorised
        }
    
        // Check the type of token
        $token_row = db_execute("SELECT * FROM tokens WHERE access_token = ?", [$token]);
    
        if (null == $token_row) {
            return 0;
        }
    
        return match ($token_row['type']) {
            "basic" => 1,
            default => 0,
        };
    }
    
    // Misc (unauthorised)
    
    function redirect_to_documentation(): void
    {
        header('Location: /docs/api');
    }
    
    // Health check
    
    function api_health_check(): array
    {
        return ["message" => "Science compels us to explode the sun!", "time" => time(), "response_code" => 200];
    }
    
    // Potentially authenticated image endpoints
    
    function get_avatar(): array
    {
        if (!array_key_exists('id', $query)) {
            return [
                'response_code' => 404,
                'message' => 'ID not assigned/found'
            ];
        }
        $user_id = $query['id'];
    }
    
    // User (REQUIRES AUTHORISATION)