kopia lustrzana https://github.com/magicbug/Cloudlog
API - Generation of Keys and basic auth class
Peter Goodhall
rodzic
42c0219ab3
commit
de9267c421
|
|
@ -20,6 +20,13 @@ class API extends CI_Controller {
|
|||
|
||||
function help()
|
||||
{
|
||||
$this->load->model('user_model');
|
||||
if(!$this->user_model->authorize(99)) { $this->session->set_flashdata('notice', 'You\'re not allowed to do that!'); redirect('dashboard'); }
|
||||
|
||||
|
||||
$this->load->model('api_model');
|
||||
|
||||
$data['api_keys'] = $this->api_model->keys();
|
||||
|
||||
$data['page_title'] = "API Help";
|
||||
|
||||
|
|
@ -28,6 +35,33 @@ class API extends CI_Controller {
|
|||
$this->load->view('layout/footer');
|
||||
}
|
||||
|
||||
function generate($rights) {
|
||||
$this->load->model('user_model');
|
||||
if(!$this->user_model->authorize(99)) { $this->session->set_flashdata('notice', 'You\'re not allowed to do that!'); redirect('dashboard'); }
|
||||
|
||||
|
||||
$this->load->model('api_model');
|
||||
|
||||
$data['api_keys'] = $this->api_model->generate_key($rights);
|
||||
|
||||
redirect('api/help');
|
||||
}
|
||||
|
||||
// Example of authing
|
||||
function auth($key) {
|
||||
$this->load->model('api_model');
|
||||
header("Content-type: text/xml");
|
||||
if($this->api_model->access($key) == "No Key Found" || $this->api_model->access($key) == "Key Disabled") {
|
||||
echo "<auth>";
|
||||
echo "<message>Key Invalid - either not found or disabled</message>";
|
||||
echo "</auth>";
|
||||
} else {
|
||||
echo "<auth>";
|
||||
echo "<status>Valid</status>";
|
||||
echo "<rights>".$this->api_model->access($key)."</rights>";
|
||||
echo "</auth>";
|
||||
}
|
||||
|
||||
// FUNCTION: search()
|
||||
// Handle search requests
|
||||
/*
|
||||
|
|
@ -82,7 +116,7 @@ class API extends CI_Controller {
|
|||
$this->load->model('api_model');
|
||||
$this->load->model('logbook_model');
|
||||
$this->load->model('user_model');
|
||||
if(!$this->user_model->authorize(3)) { $this->session->set_flashdata('notice', 'You\'re not allowed to do that!'); redirect('dashboard'); }
|
||||
//if(!$this->user_model->authorize(3)) { $this->session->set_flashdata('notice', 'You\'re not allowed to do that!'); redirect('dashboard'); }
|
||||
|
||||
// Retrieve the arguments from the query string
|
||||
$arguments = $this->_retrieve();
|
||||
|
|
|
|||
|
|
@ -14,6 +14,50 @@ class API_Model extends CI_Model {
|
|||
parent::__construct();
|
||||
}
|
||||
|
||||
// GET API Keys
|
||||
function keys() {
|
||||
return $this->db->get('api');
|
||||
}
|
||||
|
||||
// Generate API Key
|
||||
function generate_key($rights) {
|
||||
|
||||
// Expects either rw (Read, Write) or r (read only)
|
||||
|
||||
// Generate Unique Key
|
||||
$data['key'] = uniqid("cl");
|
||||
|
||||
$data['rights'] = $rights;
|
||||
|
||||
// Set API key to active
|
||||
$data['status'] = "active";
|
||||
|
||||
$this->db->insert('api', $data);
|
||||
|
||||
}
|
||||
|
||||
function access($key) {
|
||||
|
||||
// Check that the key is valid
|
||||
$this->db->where('key', $key);
|
||||
$query = $this->db->get('api');
|
||||
|
||||
if ($query->num_rows() > 0)
|
||||
{
|
||||
foreach ($query->result() as $row)
|
||||
{
|
||||
if($row->status == "active") {
|
||||
return $status = $row->rights;
|
||||
} else {
|
||||
return $status = "Key Disabled";
|
||||
}
|
||||
|
||||
}
|
||||
} else {
|
||||
return $status = "No Key Found";
|
||||
}
|
||||
}
|
||||
|
||||
// FUNCTION: string name(string $column)
|
||||
// Converts a MySQL column name to a more friendly name
|
||||
function name($col)
|
||||
|
|
|
|||
|
|
@ -33,14 +33,65 @@
|
|||
</div>
|
||||
<?php } ?>
|
||||
|
||||
<h3>API Keys</h3>
|
||||
|
||||
<?php if ($api_keys->num_rows() > 0) { ?>
|
||||
|
||||
<table>
|
||||
|
||||
<tr>
|
||||
<td>API Key</td>
|
||||
<td>Rights</td>
|
||||
<td>Status</td>
|
||||
</tr>
|
||||
|
||||
<?php foreach ($api_keys->result() as $row) { ?>
|
||||
|
||||
<tr>
|
||||
<td><?php echo $row->key; ?></td>
|
||||
<td>
|
||||
|
||||
<?php
|
||||
|
||||
if($row->rights == "rw") {
|
||||
echo "Read & Write";
|
||||
} elseif($row->rights == "r") {
|
||||
echo "Read Only";
|
||||
} else {
|
||||
echo "Unknown";
|
||||
}
|
||||
|
||||
?>
|
||||
|
||||
</td>
|
||||
<td><?php echo ucfirst($row->status); ?></td>
|
||||
</tr>
|
||||
|
||||
<?php } ?>
|
||||
|
||||
</table>
|
||||
|
||||
<?php } else { ?>
|
||||
<p>You have no API Keys.</p>
|
||||
<?php } ?>
|
||||
|
||||
<h4>Generate API Key</h4>
|
||||
|
||||
<ul>
|
||||
<li><a href="<?php echo site_url('api/generate/rw'); ?>">Key with Read & Write Access</a></li>
|
||||
<li><a href="<?php echo site_url('api/generate/r'); ?>">Key with Read Only Access</a></li>
|
||||
</ul>
|
||||
|
||||
<hr>
|
||||
|
||||
There are a number of API calls you can make from other applications.
|
||||
|
||||
<h2>search</h2>
|
||||
<h3>Description</h3>
|
||||
<h3>search</h3>
|
||||
<h4>Description</h4>
|
||||
Query the logbook
|
||||
<h3>Syntax</h3>
|
||||
<h4>Syntax</h4>
|
||||
<li><pre>/search/query[<field><=|~><value>{(and|or)...]}/limit[<num>]/fields[<field1>,{<field2>}]/order[<field>]</pre>
|
||||
<h3>Example</h3>
|
||||
<h4>Example</h4>
|
||||
Search for entries with a call beginning with <b>M0</b> and a locator beginning with <b>I</b> or <b>J</b>, show the callsign and locator fields, order it by callsign and limit the results to <b>10</b>.
|
||||
<li><pre>/search/query[Call~M0*(and)(Locator~I*(or)Locator~J*)]/limit[10]/fields[distinct(Call),Locator]/order[Call(asc)]</pre>
|
||||
<li><a href="/index.php/api/search/query[Call~M0*(and)(Locator~I*(or)Locator~J*)]/limit[10]/fields[distinct(Call),Locator]/order[Call(asc)]">Run it!</a>
|
||||
|
|
|
|||
Ładowanie…
Reference in New Issue