global config

project init
12 changed files with 468 additions and 0 deletions
--- a/.dev/users.sql
+++ b/.dev/users.sql
@ -0,0 +1,69 @@
 -- phpMyAdmin SQL Dump
 -- version 4.7.7
 -- https://www.phpmyadmin.net/
 --
 -- Host: localhost
 -- Creato il: Apr 23, 2020 alle 17:25
 -- Versione del server: 10.4.8-MariaDB
 -- Versione PHP: 7.3.11
 SET SQL_MODE = "NO_AUTO_VALUE_ON_ZERO";
 SET AUTOCOMMIT = 0;
 START TRANSACTION;
 SET time_zone = "+00:00";
 /*!40101 SET @OLD_CHARACTER_SET_CLIENT=@@CHARACTER_SET_CLIENT */;
 /*!40101 SET @OLD_CHARACTER_SET_RESULTS=@@CHARACTER_SET_RESULTS */;
 /*!40101 SET @OLD_COLLATION_CONNECTION=@@COLLATION_CONNECTION */;
 /*!40101 SET NAMES utf8mb4 */;
 --
 -- Database: `jwt`
 --
 -- --------------------------------------------------------
 --
 -- Struttura della tabella `users`
 --
 CREATE TABLE `users` (
  `id` int(11) NOT NULL,
  `first_name` varchar(150) NOT NULL,
  `last_name` varchar(150) NOT NULL,
  `email` varchar(255) DEFAULT NULL,
  `password` varchar(255) DEFAULT NULL
 ) ENGINE=InnoDB DEFAULT CHARSET=latin1;
 --
 -- Dump dei dati per la tabella `users`
 --
 INSERT INTO `users` (`id`, `first_name`, `last_name`, `email`, `password`) VALUES
 (1, 'Carmine', 'De Rosa', 'dslaky@gmail.com', '$2y$10$2xHmJMpjQX3aLtNMk/9dQudzVEk5Y4SfmDZfA2imQPyIiTMBfcC8e');
 --
 -- Indici per le tabelle scaricate
 --
 --
 -- Indici per le tabelle `users`
 --
 ALTER TABLE `users`
  ADD PRIMARY KEY (`id`);
 --
 -- AUTO_INCREMENT per le tabelle scaricate
 --
 --
 -- AUTO_INCREMENT per la tabella `users`
 --
 ALTER TABLE `users`
  MODIFY `id` int(11) NOT NULL AUTO_INCREMENT, AUTO_INCREMENT=8;
 COMMIT;
 /*!40101 SET CHARACTER_SET_CLIENT=@OLD_CHARACTER_SET_CLIENT */;
 /*!40101 SET CHARACTER_SET_RESULTS=@OLD_CHARACTER_SET_RESULTS */;
 /*!40101 SET COLLATION_CONNECTION=@OLD_COLLATION_CONNECTION */;
--- a/.gitignore
+++ b/.gitignore
@ -0,0 +1,4 @@
 composer\.lock
 vendor/
--- a/README.md
+++ b/README.md
@ -1 +1,4 @@
 rest_api
 reference: https://www.techiediaries.com/amp/php-jwt-authentication-tutorial
 composer require firebase/php-jwt
--- a/api/config/bootstrap.php
+++ b/api/config/bootstrap.php
@ -0,0 +1,7 @@
 <?php
 include_once './config/config.php';
 include_once './config/codes.php';
 include_once './config/database.php';
 include_once './config/token.php';
 ?>
--- a/api/config/codes.php
+++ b/api/config/codes.php
@ -0,0 +1,61 @@
 <?php
 $codes = array(
    100 => 'Continue',
    101 => 'Switching Protocols',
    102 => 'Processing',
    200 => 'OK',
    201 => 'Created',
    202 => 'Accepted',
    203 => 'Non-Authoritative Information',
    204 => 'No Content',
    205 => 'Reset Content',
    206 => 'Partial Content',
    207 => 'Multi-Status',
    300 => 'Multiple Choices',
    301 => 'Moved Permanently',
    302 => 'Found',
    303 => 'See Other',
    304 => 'Not Modified',
    305 => 'Use Proxy',
    306 => 'Switch Proxy',
    307 => 'Temporary Redirect',
    400 => 'Bad Request',
    401 => 'Unauthorized',
    402 => 'Payment Required',
    403 => 'Forbidden',
    404 => 'Not Found',
    405 => 'Method Not Allowed',
    406 => 'Not Acceptable',
    407 => 'Proxy Authentication Required',
    408 => 'Request Timeout',
    409 => 'Conflict',
    410 => 'Gone',
    411 => 'Length Required',
    412 => 'Precondition Failed',
    413 => 'Request Entity Too Large',
    414 => 'Request-URI Too Long',
    415 => 'Unsupported Media Type',
    416 => 'Requested Range Not Satisfiable',
    417 => 'Expectation Failed',
    418 => 'I\'m a teapot',
    422 => 'Unprocessable Entity',
    423 => 'Locked',
    424 => 'Failed Dependency',
    425 => 'Unordered Collection',
    426 => 'Upgrade Required',
    449 => 'Retry With',
    450 => 'Blocked by Windows Parental Controls',
    500 => 'Internal Server Error',
    501 => 'Not Implemented',
    502 => 'Bad Gateway',
    503 => 'Service Unavailable',
    504 => 'Gateway Timeout',
    505 => 'HTTP Version Not Supported',
    506 => 'Variant Also Negotiates',
    507 => 'Insufficient Storage',
    509 => 'Bandwidth Limit Exceeded',
    510 => 'Not Extended',
 );
 ?>
--- a/api/config/config.php
+++ b/api/config/config.php
@ -0,0 +1,17 @@
 <?php
 $GLOBALS['CONF']['DB']['HOST']      = "localhost";
 $GLOBALS['CONF']['DB']['USER']      = "root";
 $GLOBALS['CONF']['DB']['PASSWORD']  = "root";
 $GLOBALS['CONF']['DB']['DB_NAME']   = "jwt";
 $GLOBALS['CONF']['CLAIM']['SECRET']      = "SECRET_KEY_1234567890";
 $GLOBALS['CONF']['CLAIM']['ISSUER']      = "http://rest.local";
 $GLOBALS['CONF']['CLAIM']['AUDIENCE']    = "http://rest.local";
 $GLOBALS['CONF']['CLAIM']['ISSUE_DATE']  = time();
 $GLOBALS['CONF']['CLAIM']['NOT_BEFORE']  = $GLOBALS['CONF']['CLAIM']['ISSUE_DATE'] + 10;
 $GLOBALS['CONF']['CLAIM']['EXPIRE']      = $GLOBALS['CONF']['CLAIM']['ISSUE_DATE'] + 60000;
 ?>
--- a/api/config/database.php
+++ b/api/config/database.php
@ -0,0 +1,35 @@
 <?php
 class DatabaseService {
  protected $glob;
  private $db_host;
  private $db_name;
  private $db_user;
  private $db_password;
  private $connection;
  public function __construct() {
    global $GLOBALS;
    $this->glob =& $GLOBALS;
  }
  public function getConnection() {
    $this->connection = null;
    $this->db_host      = $this->glob['CONF']['DB']['HOST'];
    $this->db_name      = $this->glob['CONF']['DB']['DB_NAME'];
    $this->db_user      = $this->glob['CONF']['DB']['USER'];
    $this->db_password  = $this->glob['CONF']['DB']['PASSWORD'];
    try {
      $this->connection = new PDO("mysql:host=" . $this->db_host . ";dbname=" . $this->db_name, $this->db_user, $this->db_password);
    } catch(PDOException $exception) {
      echo "Connection failed: " . $exception->getMessage();
    }
    return $this->connection;
  }
 }
 ?>
--- a/api/config/token.php
+++ b/api/config/token.php
@ -0,0 +1,76 @@
 <?php
 use \Firebase\JWT\JWT;
 class AuthenticationToken {
    private $auth;
    private $token;
    private $response;
 /*
    public function getAuthorizationHeader(){
        $headers = null;
        if (isset($_SERVER['Authorization'])) {
            $headers = trim($_SERVER["Authorization"]);
        }
        else if (isset($_SERVER['HTTP_AUTHORIZATION'])) { //Nginx or fast CGI
            $headers = trim($_SERVER["HTTP_AUTHORIZATION"]);
        } elseif (function_exists('apache_request_headers')) {
            $requestHeaders = apache_request_headers();
            // Server-side fix for bug in old Android versions (a nice side-effect of this fix means we don't care about capitalization for Authorization)
            $requestHeaders = array_combine(array_map('ucwords', array_keys($requestHeaders)), array_values($requestHeaders));
            //print_r($requestHeaders);
            if (isset($requestHeaders['Authorization'])) {
                $headers = trim($requestHeaders['Authorization']);
            }
        }
        return $headers;
    }*/
  public function tokenGet() {
    $this->auth = null;
    $requestHeaders = apache_request_headers();
    $requestHeaders = array_combine(array_map('ucwords', array_keys($requestHeaders)), array_values($requestHeaders));
    if(isset($requestHeaders['Authorization'])) {
      $headers = trim($requestHeaders['Authorization']);
    }
    if(!empty($headers)) {
      if(preg_match('/Bearer\s(\S+)/', $headers, $matches)) {
        $this->auth = $matches[1];
      }
    }
    return $this->auth;
  }
  public function tokenCheck($secret) {
    $this->token = $this->tokenGet();
    $this->response = array();
    try {
      $decoded = JWT::decode($this->token, $secret, array('HS256'));
      $this->response = array(
        "status" => 200,
        "access" => "GRANTED",
        "token" => $this->token//$decoded
      );
    } catch(Exception $e) {
      $this->response = array(
        "status" => 401,
        "access" => "DENIED",
        "error" => $e->getMessage()
      );
    }
    return $this->response;
  }
 }
 ?>
--- a/api/login.php
+++ b/api/login.php
@ -0,0 +1,75 @@
 <?php
 include_once './config/bootstrap.php';
 require "../vendor/autoload.php";
 use \Firebase\JWT\JWT;
 header("Access-Control-Allow-Origin: *");
 header("Content-Type: application/json; charset=UTF-8");
 header("Access-Control-Allow-Methods: POST");
 header("Access-Control-Max-Age: 3600");
 header("Access-Control-Allow-Headers: Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With");
 $email = '';
 $password = '';
 $databaseService = new DatabaseService();
 $conn = $databaseService->getConnection();
 $data = json_decode(file_get_contents("php://input"));
 $email = trim($data->email);
 $password = trim($data->password);
 $query = "SELECT id, first_name, last_name, password
            FROM users
            WHERE email = :email
            LIMIT 0,1";
 $stmt = $conn->prepare( $query );
 $stmt->bindParam(':email', $email);
 $stmt->execute();
 $num = $stmt->rowCount();
 if($num > 0) {
  $row = $stmt->fetch(PDO::FETCH_ASSOC);
  $id = $row['id'];
  $firstname = $row['first_name'];
  $lastname = $row['last_name'];
  $password2 = $row['password'];
  if(password_verify($password, $password2)) {
    $token = array(
      "iss" => $GLOBALS['CONF']['CLAIM']['ISSUER'],
      "aud" => $GLOBALS['CONF']['CLAIM']['AUDIENCE'],
      "iat" => $GLOBALS['CONF']['CLAIM']['ISSUE_DATE'],
      "nbf" => $GLOBALS['CONF']['CLAIM']['NOT_BEFORE'],
      "exp" => $GLOBALS['CONF']['CLAIM']['EXPIRE'],
      "data" => array(
        "id" => $id,
        "firstname" => $firstname,
        "lastname" => $lastname,
        "email" => $email
        ));
        http_response_code(200);
        $jwt = JWT::encode($token, $GLOBALS['CONF']['CLAIM']['SECRET']);
        echo json_encode(
          array(
            "message" => "Successful login.",
            "jwt" => $jwt,
            "email" => $email,
            "expireAt" => $GLOBALS['CONF']['CLAIM']['EXPIRE']
            ));
  } else {
    http_response_code(401);
    echo json_encode(array("message" => "Login failed"));
  }
 } else {
  http_response_code(401);
  echo json_encode(array("message" => "Login failed"));
 }
 ?>
--- a/api/register.php
+++ b/api/register.php
@ -0,0 +1,56 @@
 <?php
 include_once './config/bootstrap.php';
 header("Access-Control-Allow-Origin: * ");
 header("Content-Type: application/json; charset=UTF-8");
 header("Access-Control-Allow-Methods: POST");
 header("Access-Control-Max-Age: 3600");
 header("Access-Control-Allow-Headers: Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With");
 $firstName = '';
 $lastName = '';
 $email = '';
 $password = '';
 $conn = null;
 $databaseService = new DatabaseService();
 $conn = $databaseService->getConnection();
 /*
 $data = json_decode(file_get_contents("php://input"));
 $firstName = $data->first_name;
 $lastName = $data->last_name;
 $email = $data->email;
 $password = $data->password;
 */
 $firstName = $_POST['first_name'];
 $lastName = $_POST['last_name'];
 $email = $_POST['email'];
 $password = $_POST['password'];
 $query = "INSERT INTO users
            SET first_name = :firstname,
                last_name = :lastname,
                email = :email,
                password = :password";
 $stmt = $conn->prepare($query);
 $stmt->bindParam(':firstname', $firstName);
 $stmt->bindParam(':lastname', $lastName);
 $stmt->bindParam(':email', $email);
 $password_hash = password_hash($password, PASSWORD_BCRYPT);
 $stmt->bindParam(':password', $password_hash);
 if($stmt->execute()) {
    http_response_code(200);
    echo json_encode(array("message" => "User was successfully registered."));
 } else {
    http_response_code(400);
    echo json_encode(array("message" => "Unable to register the user."));
 }
 ?>
--- a/api/users.php
+++ b/api/users.php
@ -0,0 +1,60 @@
 <?php
 include_once './config/bootstrap.php';
 require "../vendor/autoload.php";
 use \Firebase\JWT\JWT;
 header("Access-Control-Allow-Origin: *");
 header("Content-Type: application/json; charset=UTF-8");
 header("Access-Control-Allow-Methods: GET");
 header("Access-Control-Max-Age: 3600");
 header("Access-Control-Allow-Headers: Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With");
 $authToken = new AuthenticationToken();
 $tokenCheck = $authToken->tokenCheck($GLOBALS['CONF']['CLAIM']['SECRET']);
 if($tokenCheck['access'] == "GRANTED") {
  echo json_encode($tokenCheck);
 } else {
  echo json_encode($tokenCheck);
 }
 //$jwt = getBearerToken();//$arr[1];
 //"eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJodHRwOlwvXC9yZXN0LmxvY2FsIiwiYXVkIjoiaHR0cDpcL1wvcmVzdC5sb2NhbCIsImlhdCI6MTU4NzY1MTA2NCwibmJmIjoxNTg3NjUxMDc0LCJleHAiOjE1ODc3MTEwNjQsImRhdGEiOnsiaWQiOiIxIiwiZmlyc3RuYW1lIjoiQ2FybWluZSIsImxhc3RuYW1lIjoiRGUgUm9zYSIsImVtYWlsIjoiZHNsYWt5QGdtYWlsLmNvbSJ9fQ.l9uPKJuqGlnRD8prKzcEDWTf_fuqEZarje-mFANaBZM";
 /*
 echo $jwt;
 if($jwt){
  try {
      $decoded = JWT::decode($jwt, $secret_key, array('HS256'));
      print_r($decoded);
      // Access is granted. Add code of the operation here
      echo json_encode(array(
          "message" => "Access granted:",
          "error" => "aaa"
      ));
  } catch (Exception $e){
    http_response_code(401);
    echo json_encode(array(
        "message" => "Access denied.",
        "error" => $e->getMessage()
    ));
  }
 } else {
  echo json_encode(array(
    "message" => "Access denied.",
    "error" => "no token"
  ));
 }*/
 ?>
--- a/composer.json
+++ b/composer.json
@ -0,0 +1,5 @@
 {
    "require": {
        "firebase/php-jwt": "^5.2"
    }
 }
Author	SHA1	Message	Date
Carmine De Rosa	f38a08b313	global config	5 years ago
Carmine De Rosa	98f70f6e63	project init	5 years ago