aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorCamil Staps2015-05-10 19:11:07 +0300
committerCamil Staps2015-05-10 19:11:07 +0300
commitbdf893e87b3fa6b34b08c78b060553e3e88f2c82 (patch)
treefad3716da90ef4cd503cffd7ffb081b506979a7d
parentUserTokens (diff)
Cleanup; show user_token-token field on store request (POST)
-rw-r--r--src/CamilStaps/BotleaguesApi/BotleaguesApiServiceProvider.php52
-rw-r--r--src/CamilStaps/BotleaguesApi/UserToken.php3
-rw-r--r--src/controllers/UserTokenController.php16
3 files changed, 49 insertions, 22 deletions
diff --git a/src/CamilStaps/BotleaguesApi/BotleaguesApiServiceProvider.php b/src/CamilStaps/BotleaguesApi/BotleaguesApiServiceProvider.php
index 65fd737..ef88f47 100644
--- a/src/CamilStaps/BotleaguesApi/BotleaguesApiServiceProvider.php
+++ b/src/CamilStaps/BotleaguesApi/BotleaguesApiServiceProvider.php
@@ -29,8 +29,36 @@ class BotleaguesApiServiceProvider extends ServiceProvider {
include __DIR__ . '/../../filters.php';
include __DIR__ . '/../../routes.php';
+ // To allow loading API requests from the specified domain
header('Access-Control-Allow-Origin: ' . Config::get('config.allowed_origin'));
+ $this->setupErrorHandlers();
+ }
+
+ /**
+ * Register the service provider.
+ *
+ * @return void
+ */
+ public function register()
+ {
+ $this->app->register('Dingo\Api\Provider\ApiServiceProvider');
+ }
+
+ /**
+ * Get the services provided by the provider.
+ *
+ * @return array
+ */
+ public function provides()
+ {
+ return array();
+ }
+
+ /**
+ * Setup nice error handlers for exceptions and fatal errors
+ */
+ private function setupErrorHandlers() {
App::fatal(function($e) {
return Response::make(
['error' => Config::get('app.debug') ? $e->getMessage() : "Internal error"],
@@ -55,6 +83,7 @@ class BotleaguesApiServiceProvider extends ServiceProvider {
],
500);
});
+
API::error(function(Exception\LoginException $e) {
$response = Response::make("Please login", 401);
$response->header('WWW-Authenticate', 'Basic realm="Please login"');
@@ -63,6 +92,7 @@ class BotleaguesApiServiceProvider extends ServiceProvider {
API::error(function(Exception\RedirectException $e) {
return Redirect::to($e->getMessage());
});
+
API::error(function(\Exception $e) {
return Response::make(
['error' => Config::get('app.debug') ? $e->getMessage() : "Internal error"],
@@ -70,26 +100,4 @@ class BotleaguesApiServiceProvider extends ServiceProvider {
});
}
- /**
- * Register the service provider.
- *
- * @return void
- */
- public function register()
- {
-
- $this->app->register('Dingo\Api\Provider\ApiServiceProvider');
-
- }
-
- /**
- * Get the services provided by the provider.
- *
- * @return array
- */
- public function provides()
- {
- return array();
- }
-
}
diff --git a/src/CamilStaps/BotleaguesApi/UserToken.php b/src/CamilStaps/BotleaguesApi/UserToken.php
index 02a8891..9909f6a 100644
--- a/src/CamilStaps/BotleaguesApi/UserToken.php
+++ b/src/CamilStaps/BotleaguesApi/UserToken.php
@@ -9,6 +9,9 @@ class UserToken extends Model {
protected $hidden = ['token'];
protected $fillable = ['userId', 'token', 'valid_till'];
+ /**
+ * Override the parent's save() function to automatically update the valid_till timestamp
+ */
public function save(array $options = array()) {
$this->valid_till = date("Y-m-d H:i:s", time() + 3600);
diff --git a/src/controllers/UserTokenController.php b/src/controllers/UserTokenController.php
index d894b52..2c2fe1e 100644
--- a/src/controllers/UserTokenController.php
+++ b/src/controllers/UserTokenController.php
@@ -12,19 +12,35 @@ class UserTokenController extends BaseController {
$this->userToken = $userToken;
}
+ /**
+ * Only the tokens of the authenticated user are shown
+ */
public function index() {
return $this->userToken->where('userId', '=', Auth::user()->id)->get();
}
+ /**
+ * Only the tokens of the authenticated user are available
+ */
public function show($id) {
return $this->userToken->where('userId', '=', Auth::user()->id)->findOrFail($id);
}
+ /**
+ * Set the userId and create a random token
+ */
public function store() {
$this->userToken->userId = Auth::user()->id;
$this->userToken->token = sha1(mt_rand());
if ($this->userToken->save()) {
+ // Remove the token field from the hidden fields
+ $hidden = $this->userToken->getHidden();
+ foreach ($hidden as $k => $v)
+ if ($v == 'token')
+ unset($hidden[$k]);
+ $this->userToken->setHidden($hidden);
+
return $this->userToken;
} else {
throw new Dingo\Api\Exception\StoreResourceFailedException;