@@ -94,7 +94,7 @@ discard block |
||
94 | 94 | * @param string $apiKey [description] |
95 | 95 | * @return array [description] |
96 | 96 | */ |
97 | - public function getAPIKeyData(string $apiKey):?array { |
|
97 | + public function getAPIKeyData(string $apiKey): ?array { |
|
98 | 98 | // Preliminary Check. |
99 | 99 | if ($this->api_key_table == null || $this->api_key_column == null) return null; |
100 | 100 | // Query. |
@@ -120,7 +120,7 @@ discard block |
||
120 | 120 | * @param string $group [description] |
121 | 121 | * @return [type] [description] |
122 | 122 | */ |
123 | - public function getLimitData(string $client, string $group):?array { |
|
123 | + public function getLimitData(string $client, string $group): ?array { |
|
124 | 124 | $sql = 'SELECT count, start, (`start` + INTERVAL (1 - TIMESTAMPDIFF(HOUR, UTC_TIMESTAMP(), NOW())) HOUR) AS reset_epoch FROM rest_api_rate_limit WHERE client = ? AND _group = ?'; |
125 | 125 | $query = $this->db->query($sql, [$client, $group]); |
126 | 126 | if ($query->num_rows() > 0) return $query->result_array()[0]; |
@@ -81,10 +81,14 @@ discard block |
||
81 | 81 | $this->db->where($this->users_username_column, $username); |
82 | 82 | } |
83 | 83 | $query = $this->db->get(); |
84 | - if ($query->num_rows() == 0) return false; |
|
84 | + if ($query->num_rows() == 0) { |
|
85 | + return false; |
|
86 | + } |
|
85 | 87 | // Authenticate. |
86 | 88 | if (password_verify($password, $query->result()[0]->{$this->users_password_column})) { |
87 | - if ($this->users_id_column != null) $context->user_id = $query->result()[0]->{$this->users_id_column}; |
|
89 | + if ($this->users_id_column != null) { |
|
90 | + $context->user_id = $query->result()[0]->{$this->users_id_column}; |
|
91 | + } |
|
88 | 92 | return true; |
89 | 93 | } |
90 | 94 | return false; |
@@ -96,15 +100,21 @@ discard block |
||
96 | 100 | */ |
97 | 101 | public function getAPIKeyData(string $apiKey):?array { |
98 | 102 | // Preliminary Check. |
99 | - if ($this->api_key_table == null || $this->api_key_column == null) return null; |
|
103 | + if ($this->api_key_table == null || $this->api_key_column == null) { |
|
104 | + return null; |
|
105 | + } |
|
100 | 106 | // Query. |
101 | 107 | $this->db->select($this->api_key_column); |
102 | - if ($this->api_key_limit_column != null) $this->db->select($this->api_key_limit_column); |
|
108 | + if ($this->api_key_limit_column != null) { |
|
109 | + $this->db->select($this->api_key_limit_column); |
|
110 | + } |
|
103 | 111 | $this->db->from($this->api_key_table); |
104 | 112 | $this->db->where($this->api_key_column, $apiKey); |
105 | 113 | $query = $this->db->get(); |
106 | 114 | // Process Result. |
107 | - if ($query->num_rows() > 0) return $query->result_array()[0]; |
|
115 | + if ($query->num_rows() > 0) { |
|
116 | + return $query->result_array()[0]; |
|
117 | + } |
|
108 | 118 | return null; |
109 | 119 | } |
110 | 120 | /** |
@@ -123,7 +133,9 @@ discard block |
||
123 | 133 | public function getLimitData(string $client, string $group):?array { |
124 | 134 | $sql = 'SELECT count, start, (`start` + INTERVAL (1 - TIMESTAMPDIFF(HOUR, UTC_TIMESTAMP(), NOW())) HOUR) AS reset_epoch FROM rest_api_rate_limit WHERE client = ? AND _group = ?'; |
125 | 135 | $query = $this->db->query($sql, [$client, $group]); |
126 | - if ($query->num_rows() > 0) return $query->result_array()[0]; |
|
136 | + if ($query->num_rows() > 0) { |
|
137 | + return $query->result_array()[0]; |
|
138 | + } |
|
127 | 139 | return null; |
128 | 140 | } |
129 | 141 | /** |
@@ -142,7 +142,7 @@ |
||
142 | 142 | $auths = null; |
143 | 143 | foreach ($uri_auths as $uri => $auth_array) { |
144 | 144 | // Convert wildcards to RegEx. |
145 | - $uri = str_replace(array(':any', ':num'), array('[^/]+', '[0-9]+'), $uri); |
|
145 | + $uri = str_replace(array(':any', ':num'), array('[^/]+', '[0-9]+'), $uri); |
|
146 | 146 | if (preg_match('#^'.$uri.'$#', uri_string())) $auths = $auth_array; // Assign Authentication Steps. |
147 | 147 | break; |
148 | 148 | } |
@@ -78,7 +78,7 @@ discard block |
||
78 | 78 | * [PACKAGE description] |
79 | 79 | * @var string |
80 | 80 | */ |
81 | - const PACKAGE = "francis94c/ci-rest"; |
|
81 | + const PACKAGE = "francis94c/ci-rest"; |
|
82 | 82 | /** |
83 | 83 | * [RATE_LIMIT description] |
84 | 84 | * @var string |
@@ -89,15 +89,15 @@ discard block |
||
89 | 89 | * [__construct description] |
90 | 90 | * @param [type] $params [description] |
91 | 91 | */ |
92 | - function __construct($params=null) { |
|
93 | - $this->ci =& get_instance(); |
|
92 | + function __construct($params = null) { |
|
93 | + $this->ci = & get_instance(); |
|
94 | 94 | // Load Config If Exists. |
95 | 95 | $this->ci->config->load('rest', true, true); |
96 | 96 | // Load Database. |
97 | 97 | $this->ci->load->database(); |
98 | 98 | // Load Model. |
99 | 99 | $this->ci->load->splint(self::PACKAGE, '*RESTModel', 'rest_model'); |
100 | - $this->rest_model =& $this->ci->rest_model; |
|
100 | + $this->rest_model = & $this->ci->rest_model; |
|
101 | 101 | $config = [ |
102 | 102 | 'users_table' => $this->ci->config->item('rest')['basic_auth']['users_table'] ?? null, |
103 | 103 | 'users_id_column' => $this->ci->config->item('rest')['basic_auth']['id_column'] ?? null, |
@@ -176,7 +176,7 @@ discard block |
||
176 | 176 | /** |
177 | 177 | * [bearer_auth description] |
178 | 178 | */ |
179 | - private function bearer_auth($auth=RESTAuth::BEARER):void { |
|
179 | + private function bearer_auth($auth = RESTAuth::BEARER):void { |
|
180 | 180 | $authorization = $this->get_authorization_header(); |
181 | 181 | if ($authorization == null || substr_count($authorization, " ") != 1) { |
182 | 182 | $this->handle_response(RESTResponse::BAD_REQUEST, $auth); // Exits. |
@@ -209,11 +209,11 @@ discard block |
||
209 | 209 | * [api_key_auth description] |
210 | 210 | */ |
211 | 211 | private function api_key_auth():void { |
212 | - if (!isset($_SERVER['HTTP_' . str_replace("-", "_", $this->apiKeyHeader)])) { |
|
212 | + if (!isset($_SERVER['HTTP_'.str_replace("-", "_", $this->apiKeyHeader)])) { |
|
213 | 213 | $this->handle_response(RESTResponse::BAD_REQUEST, RESTAuth::API_KEY); // Exits. |
214 | 214 | } |
215 | 215 | $apiKey = $this->rest_model->getAPIKeyData( |
216 | - $_SERVER['HTTP_' . str_replace("-", "_", $this->apiKeyHeader)] |
|
216 | + $_SERVER['HTTP_'.str_replace("-", "_", $this->apiKeyHeader)] |
|
217 | 217 | ); |
218 | 218 | if ($apiKey == null) { |
219 | 219 | $this->handle_response(RESTResponse::UN_AUTHORIZED, RESTAuth::API_KEY); // Exits. |
@@ -229,7 +229,7 @@ discard block |
||
229 | 229 | } |
230 | 230 | // Should we acyually Limit? |
231 | 231 | if ($this->per_hour > 0) { |
232 | - $client = hash('md5', $this->ci->input->ip_address() . "%" . $apiKey[$this->api_key_column]); |
|
232 | + $client = hash('md5', $this->ci->input->ip_address()."%".$apiKey[$this->api_key_column]); |
|
233 | 233 | $limitData = $this->rest_model->getLimitData($client, '_api_keyed_user'); |
234 | 234 | if ($limitData == null) { |
235 | 235 | $limitData = []; |
@@ -312,7 +312,7 @@ discard block |
||
312 | 312 | * [get_authorization_header description] |
313 | 313 | * @return [type] [description] |
314 | 314 | */ |
315 | - private function get_authorization_header():?string { |
|
315 | + private function get_authorization_header(): ?string { |
|
316 | 316 | if (isset($_SERVER['Authorization'])) { |
317 | 317 | return trim($_SERVER["Authorization"]); |
318 | 318 | } else if (isset($_SERVER['HTTP_AUTHORIZATION'])) { //Nginx or fast CGI |
@@ -333,7 +333,7 @@ discard block |
||
333 | 333 | * [handle_response description] |
334 | 334 | * @param int $code [description] |
335 | 335 | */ |
336 | - private function handle_response(int $code, $auth=null):void { |
|
336 | + private function handle_response(int $code, $auth = null):void { |
|
337 | 337 | http_response_code($code); |
338 | 338 | header("Content-Type: application/json"); |
339 | 339 | if (isset($this->ci->config->item('rest')['response_callbacks'][$code])) { |
@@ -138,16 +138,24 @@ discard block |
||
138 | 138 | // Match Auth Routes. |
139 | 139 | // The below algorithm is similar to the one Code Igniter uses in its |
140 | 140 | // Routing Class. |
141 | - if ($uri_auths == null || !is_array($uri_auths)) return; |
|
141 | + if ($uri_auths == null || !is_array($uri_auths)) { |
|
142 | + return; |
|
143 | + } |
|
142 | 144 | $auths = null; |
143 | 145 | foreach ($uri_auths as $uri => $auth_array) { |
144 | 146 | // Convert wildcards to RegEx. |
145 | 147 | $uri = str_replace(array(':any', ':num'), array('[^/]+', '[0-9]+'), $uri); |
146 | - if (preg_match('#^'.$uri.'$#', uri_string())) $auths = $auth_array; // Assign Authentication Steps. |
|
148 | + if (preg_match('#^'.$uri.'$#', uri_string())) { |
|
149 | + $auths = $auth_array; |
|
150 | + } |
|
151 | + // Assign Authentication Steps. |
|
147 | 152 | break; |
148 | 153 | } |
149 | 154 | //$auths = $this->ci->config->item('rest')['uri_auth'][uri_string()] ?? null; |
150 | - if ($auths == null) return; // No authentication(s) to acrry out. |
|
155 | + if ($auths == null) { |
|
156 | + return; |
|
157 | + } |
|
158 | + // No authentication(s) to acrry out. |
|
151 | 159 | // $this->process_auth() terminates the script if authentication fails |
152 | 160 | // It will call the callable in the rest.php config file under |
153 | 161 | // response_callbacks which matches the necesarry RESTResponse constant |
@@ -157,7 +165,9 @@ discard block |
||
157 | 165 | $this->process_auth($auths); |
158 | 166 | return; |
159 | 167 | } |
160 | - foreach ($auths as $auth) $this->process_auth($auth); |
|
168 | + foreach ($auths as $auth) { |
|
169 | + $this->process_auth($auth); |
|
170 | + } |
|
161 | 171 | } |
162 | 172 | /** |
163 | 173 | * [process_auth description] |
@@ -202,8 +212,14 @@ discard block |
||
202 | 212 | private function basic_auth():void { |
203 | 213 | $username = $_SERVER['PHP_AUTH_USER'] ?? null; |
204 | 214 | $password = $_SERVER['PHP_AUTH_PW'] ?? null; |
205 | - if (!$username || !$password) $this->handle_response(RESTResponse::BAD_REQUEST, RESTAuth::BASIC); // Exits. |
|
206 | - if (!$this->rest_model->basicAuth($this, $username, $password)) $this->handle_response(RESTResponse::UN_AUTHORIZED, RESTAuth::BASIC); // Exits. |
|
215 | + if (!$username || !$password) { |
|
216 | + $this->handle_response(RESTResponse::BAD_REQUEST, RESTAuth::BASIC); |
|
217 | + } |
|
218 | + // Exits. |
|
219 | + if (!$this->rest_model->basicAuth($this, $username, $password)) { |
|
220 | + $this->handle_response(RESTResponse::UN_AUTHORIZED, RESTAuth::BASIC); |
|
221 | + } |
|
222 | + // Exits. |
|
207 | 223 | } |
208 | 224 | /** |
209 | 225 | * [api_key_auth description] |
@@ -263,7 +279,9 @@ discard block |
||
263 | 279 | // Trunctate Rate Limit Data. |
264 | 280 | $this->rest_model->truncateRatelimitData(); |
265 | 281 | // Check Whitelist. |
266 | - if (in_array($this->ci->input->ip_address(), $this->whitelist)) return; |
|
282 | + if (in_array($this->ci->input->ip_address(), $this->whitelist)) { |
|
283 | + return; |
|
284 | + } |
|
267 | 285 | // Should we acyually Limit? |
268 | 286 | if ($this->ip_per_hour > 0) { |
269 | 287 | $client = hash('md5', $this->ci->input->ip_address()); |
@@ -6,7 +6,7 @@ discard block |
||
6 | 6 | * [BasicAuth description] |
7 | 7 | * @var string |
8 | 8 | */ |
9 | - const BASIC = "Basic"; |
|
9 | + const BASIC = "Basic"; |
|
10 | 10 | /** |
11 | 11 | * [API_KEY description] |
12 | 12 | * @var string |
@@ -16,12 +16,12 @@ discard block |
||
16 | 16 | * [BEARER description] |
17 | 17 | * @var string |
18 | 18 | */ |
19 | - const BEARER = "Bearer"; |
|
19 | + const BEARER = "Bearer"; |
|
20 | 20 | /** |
21 | 21 | * [OAUTH2 description] |
22 | 22 | * @var string |
23 | 23 | */ |
24 | - const OAUTH2 = "OAUTH2"; |
|
24 | + const OAUTH2 = "OAUTH2"; |
|
25 | 25 | /** |
26 | 26 | * [CUSTOM description] |
27 | 27 | * @param string $header [description] |