initial commit file manager project
This commit is contained in:
186
WebService/index.php
Normal file
186
WebService/index.php
Normal file
@@ -0,0 +1,186 @@
|
||||
<?php
|
||||
|
||||
/**
|
||||
Spec:
|
||||
|
||||
|
||||
/login ... => login user
|
||||
/logout .. => logout user
|
||||
|
||||
/... => URL to files and folders:
|
||||
|
||||
GET /<DIR>
|
||||
= return file/folders in this dir
|
||||
|
||||
POST /<DIR>
|
||||
= create the directory and send message back
|
||||
|
||||
DELETE <DIR>
|
||||
= delete the directory
|
||||
|
||||
GET /<file>
|
||||
= return binary data of file
|
||||
|
||||
POST /<file>
|
||||
= create the file with corresponding content
|
||||
|
||||
DELETE /<file>
|
||||
= delete the file and send message
|
||||
|
||||
|
||||
Authentication workflow:
|
||||
|
||||
POST /login with username password => return token
|
||||
|
||||
All other requests:
|
||||
authorization: Basic base64(username.token)
|
||||
|
||||
*/
|
||||
|
||||
require "lib/Folder.php";
|
||||
require "lib/File.php";
|
||||
require "lib/Authenticator.php";
|
||||
|
||||
$authorized = false;
|
||||
|
||||
//first check if user is valid
|
||||
$headers = getallheaders();
|
||||
$auth = array(2);
|
||||
if(isset($headers["Authorization"])){
|
||||
$temp = explode(" ",$headers["Authorization"]);
|
||||
$raw_auth = base64_decode($temp[1]);
|
||||
$auth = explode(":",$raw_auth);
|
||||
$authenticator = new Authenticator();
|
||||
$authorized = $authenticator->verifyToken($auth[0],$auth[1]);
|
||||
}
|
||||
|
||||
$url = filter_input(INPUT_SERVER,"REQUEST_URI",FILTER_SANITIZE_URL);
|
||||
|
||||
$paramPos = strpos($url,"?");
|
||||
if($paramPos == 0){
|
||||
$path = $url;
|
||||
} else {
|
||||
$path = substr($url,0,$paramPos);
|
||||
}
|
||||
|
||||
|
||||
|
||||
$method = filter_input(INPUT_SERVER,"REQUEST_METHOD",FILTER_SANITIZE_FULL_SPECIAL_CHARS);
|
||||
if($path != "/login" && !$authorized){
|
||||
http_response_code(401);
|
||||
echo '{"error": "authorization failed"}';
|
||||
} else if($path == "/login"){
|
||||
$username = filter_input(INPUT_POST,"username",FILTER_SANITIZE_FULL_SPECIAL_CHARS);
|
||||
$password = filter_input(INPUT_POST,"password",FILTER_SANITIZE_FULL_SPECIAL_CHARS);
|
||||
$authenticator = new Authenticator();
|
||||
$result = $authenticator->authUser($username, $password);
|
||||
if(!$result){
|
||||
http_response_code(401);
|
||||
echo '{"error": "authentication failed"}';
|
||||
} else {
|
||||
http_response_code(200);
|
||||
echo '{"token": "'.$result.'"}';
|
||||
}
|
||||
} else if($path == "/logout"){
|
||||
if(count($auth) > 0){
|
||||
$authenticator = new Authenticator();
|
||||
if(!$authenticator->logoutToken($auth[0], $auth[1])){
|
||||
http_response_code(500);
|
||||
echo '{"error": "logout failed"}';
|
||||
} else {
|
||||
http_response_code(200);
|
||||
echo '{"message": "logout successful"}';
|
||||
}
|
||||
}
|
||||
} else if($authorized){
|
||||
$fullPath = __DIR__."/data".urldecode($path);
|
||||
|
||||
if($method == "GET"){
|
||||
$isDir = Folder::isDirectory($fullPath);
|
||||
if($isDir){
|
||||
$dir = new Folder($fullPath);
|
||||
$entries = $dir->getEntries();
|
||||
if($entries === false){
|
||||
http_response_code(500);
|
||||
echo '{"error": "failed to load directory entries"}';
|
||||
} else {
|
||||
http_response_code(200);
|
||||
echo json_encode($entries);
|
||||
}
|
||||
} else {
|
||||
$file = new File($fullPath);
|
||||
if($file->doExists()){
|
||||
if(isset($_GET["format"]) && filter_input(INPUT_GET,"format",FILTER_SANITIZE_FULL_SPECIAL_CHARS) == "base64"){
|
||||
echo base64_encode($file->getContent());
|
||||
} else {
|
||||
header('Content-Type: '.$file->getMimeType());
|
||||
header('Content-Disposition: attachment; filename="'.$file->getFilename().'"');
|
||||
echo $file->getContent();
|
||||
}
|
||||
} else {
|
||||
http_response_code(500);
|
||||
echo '{"error": "file does not exist"}';
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if($method == "POST"){
|
||||
if(isset($_POST["type"]) && filter_input(INPUT_POST,"type",FILTER_SANITIZE_FULL_SPECIAL_CHARS) == "dir"){
|
||||
$isDir = true;
|
||||
} else {
|
||||
$isDir = false;
|
||||
}
|
||||
if($isDir){
|
||||
$dir = new Folder($fullPath);
|
||||
if($dir->create() === false){
|
||||
http_response_code(500);
|
||||
echo '{"error": "failed to create directory"}';
|
||||
} else {
|
||||
http_response_code(200);
|
||||
echo '{"message": "directory created successfully"}';
|
||||
}
|
||||
} else {
|
||||
if(count($_FILES) == 0){ //no upload
|
||||
$file = new File($fullPath);
|
||||
//no filter, since we need to write the file as is
|
||||
$result = $file->writeContent(base64_decode($_POST["content"]));
|
||||
} else {
|
||||
$file = new File($fullPath);
|
||||
$result = $file->createFromUpload($_FILES["newFile"]);
|
||||
}
|
||||
|
||||
if($result === false){
|
||||
http_response_code(500);
|
||||
echo '{"error": "faild to write file"}';
|
||||
} else {
|
||||
http_response_code(200);
|
||||
echo '{"message": "file written successfully"}';
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if($method == "DELETE"){
|
||||
$isDir = Folder::isDirectory($fullPath);
|
||||
if($isDir){
|
||||
$dir = new Folder($fullPath);
|
||||
if(!$dir->delete()){
|
||||
http_response_code(500);
|
||||
echo '{"error": "failed to delete directory"}';
|
||||
} else {
|
||||
http_response_code(200);
|
||||
echo '{"message": "directory deleted successfully"}';
|
||||
}
|
||||
} else {
|
||||
$file = new File($fullPath);
|
||||
if(!$file->delete()){
|
||||
http_response_code(500);
|
||||
echo '{"error": "failed to delete file"}';
|
||||
} else {
|
||||
http_response_code(200);
|
||||
echo '{"message": "file deleted successfully"}';
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
Reference in New Issue
Block a user