Browse Source

Make better API system, use new AccountHub API

master
Skylar Ittner 5 months ago
parent
commit
5b7ab65946
12 changed files with 314 additions and 262 deletions
  1. 1
    32
      api.php
  2. 5
    0
      api/.htaccess
  3. 9
    0
      api/actions/ping.php
  4. 15
    0
      api/apisettings.php
  5. 123
    0
      api/functions.php
  6. 77
    0
      api/index.php
  7. 54
    0
      lib/AccountHubApi.lib.php
  8. 2
    28
      lib/Login.lib.php
  9. 9
    21
      lib/Notifications.lib.php
  10. 9
    146
      lib/User.lib.php
  11. 9
    34
      mobile/index.php
  12. 1
    1
      settings.template.php

+ 1
- 32
api.php View File

@@ -4,35 +4,4 @@
4 4
  * License, v. 2.0. If a copy of the MPL was not distributed with this
5 5
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
6 6
 
7
-/**
8
- * Simple JSON API to allow other apps to access data from this app.
9
- *
10
- * Requests can be sent via either GET or POST requests.  POST is recommended
11
- * as it has a lower chance of being logged on the server, exposing unencrypted
12
- * user passwords.
13
- */
14
-require __DIR__ . '/required.php';
15
-header("Content-Type: application/json");
16
-
17
-$username = $VARS['username'];
18
-$password = $VARS['password'];
19
-$user = User::byUsername($username);
20
-if ($user->exists() !== true || Login::auth($username, $password) !== Login::LOGIN_OK) {
21
-    header("HTTP/1.1 403 Unauthorized");
22
-    die("\"403 Unauthorized\"");
23
-}
24
-
25
-// query max results
26
-$max = 20;
27
-if (preg_match("/^[0-9]+$/", $VARS['max']) === 1 && $VARS['max'] <= 1000) {
28
-    $max = (int) $VARS['max'];
29
-}
30
-
31
-switch ($VARS['action']) {
32
-    case "ping":
33
-        $out = ["status" => "OK", "maxresults" => $max, "pong" => true];
34
-        exit(json_encode($out));
35
-    default:
36
-        header("HTTP/1.1 400 Bad Request");
37
-        die("\"400 Bad Request\"");
38
-}
7
+require __DIR__ . "/api/index.php";

+ 5
- 0
api/.htaccess View File

@@ -0,0 +1,5 @@
1
+# Rewrite for Nextcloud Notes API
2
+<IfModule mod_rewrite.c>
3
+    RewriteEngine on
4
+    RewriteRule ([a-zA-Z0-9]+) index.php?action=$1 [PT]
5
+</IfModule>

+ 9
- 0
api/actions/ping.php View File

@@ -0,0 +1,9 @@
1
+<?php
2
+
3
+/*
4
+ * This Source Code Form is subject to the terms of the Mozilla Public
5
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
6
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
7
+ */
8
+
9
+sendJsonResp();

+ 15
- 0
api/apisettings.php View File

@@ -0,0 +1,15 @@
1
+<?php
2
+
3
+/*
4
+ * This Source Code Form is subject to the terms of the Mozilla Public
5
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
6
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
7
+ */
8
+
9
+$APIS = [
10
+    "ping" => [
11
+        "load" => "ping.php",
12
+        "vars" => [
13
+        ]
14
+    ]
15
+];

+ 123
- 0
api/functions.php View File

@@ -0,0 +1,123 @@
1
+<?php
2
+
3
+/*
4
+ * This Source Code Form is subject to the terms of the Mozilla Public
5
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
6
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
7
+ */
8
+
9
+/**
10
+ * Build and send a simple JSON response.
11
+ * @param string $msg A message
12
+ * @param string $status "OK" or "ERROR"
13
+ * @param array $data More JSON data
14
+ */
15
+function sendJsonResp(string $msg = null, string $status = "OK", array $data = null) {
16
+    $resp = [];
17
+    if (!is_null($data)) {
18
+        $resp = $data;
19
+    }
20
+    if (!is_null($msg)) {
21
+        $resp["msg"] = $msg;
22
+    }
23
+    $resp["status"] = $status;
24
+    header("Content-Type: application/json");
25
+    exit(json_encode($resp));
26
+}
27
+
28
+function exitWithJson(array $json) {
29
+    header("Content-Type: application/json");
30
+    exit(json_encode($json));
31
+}
32
+
33
+/**
34
+ * Get the API key with most of the characters replaced with *s.
35
+ * @global string $key
36
+ * @return string
37
+ */
38
+function getCensoredKey() {
39
+    global $key;
40
+    $resp = $key;
41
+    if (strlen($key) > 5) {
42
+        for ($i = 2; $i < strlen($key) - 2; $i++) {
43
+            $resp[$i] = "*";
44
+        }
45
+    }
46
+    return $resp;
47
+}
48
+
49
+/**
50
+ * Check if the request is allowed
51
+ * @global type $VARS
52
+ * @global type $database
53
+ * @return bool true if the request should continue, false if the request is bad
54
+ */
55
+function authenticate(): bool {
56
+    global $VARS, $database;
57
+    if (empty($VARS['key'])) {
58
+        return false;
59
+    } else {
60
+        $key = $VARS['key'];
61
+        if ($database->has('apikeys', ['key' => $key]) !== TRUE) {
62
+            engageRateLimit();
63
+            http_response_code(403);
64
+            Log::insert(LogType::API_BAD_KEY, null, "Key: " . $key);
65
+            return false;
66
+        }
67
+    }
68
+    return true;
69
+}
70
+
71
+function checkVars($vars, $or = false) {
72
+    global $VARS;
73
+    $ok = [];
74
+    foreach ($vars as $key => $val) {
75
+        if (strpos($key, "OR") === 0) {
76
+            checkVars($vars[$key], true);
77
+            continue;
78
+        }
79
+
80
+        // Only check type of optional variables if they're set, and don't
81
+        // mark them as bad if they're not set
82
+        if (strpos($key, " (optional)") !== false) {
83
+            $key = str_replace(" (optional)", "", $key);
84
+            if (empty($VARS[$key])) {
85
+                continue;
86
+            }
87
+        } else {
88
+            if (empty($VARS[$key])) {
89
+                $ok[$key] = false;
90
+                continue;
91
+            }
92
+        }
93
+        $checkmethod = "is_$val";
94
+        if ($checkmethod($VARS[$key]) !== true) {
95
+            $ok[$key] = false;
96
+        } else {
97
+            $ok[$key] = true;
98
+        }
99
+    }
100
+    if ($or) {
101
+        $success = false;
102
+        $bad = "";
103
+        foreach ($ok as $k => $v) {
104
+            if ($v) {
105
+                $success = true;
106
+                break;
107
+            } else {
108
+                $bad = $k;
109
+            }
110
+        }
111
+        if (!$success) {
112
+            http_response_code(400);
113
+            die("400 Bad request: variable $bad is missing or invalid");
114
+        }
115
+    } else {
116
+        foreach ($ok as $key => $bool) {
117
+            if (!$bool) {
118
+                http_response_code(400);
119
+                die("400 Bad request: variable $key is missing or invalid");
120
+            }
121
+        }
122
+    }
123
+}

+ 77
- 0
api/index.php View File

@@ -0,0 +1,77 @@
1
+<?php
2
+
3
+/*
4
+ * This Source Code Form is subject to the terms of the Mozilla Public
5
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
6
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
7
+ */
8
+
9
+require __DIR__ . '/../required.php';
10
+require __DIR__ . '/functions.php';
11
+require __DIR__ . '/apisettings.php';
12
+
13
+$VARS = $_GET;
14
+if ($_SERVER['REQUEST_METHOD'] != "GET") {
15
+    $VARS = array_merge($VARS, $_POST);
16
+}
17
+
18
+$requestbody = file_get_contents('php://input');
19
+$requestjson = json_decode($requestbody, TRUE);
20
+if (json_last_error() == JSON_ERROR_NONE) {
21
+    $requestdata = array_merge($requestdata, $requestjson);
22
+}
23
+
24
+// If we're not using the old api.php file, allow more flexible requests
25
+if (strpos($_SERVER['REQUEST_URI'], "/api.php") === FALSE) {
26
+    $route = explode("/", substr($_SERVER['REQUEST_URI'], strpos($_SERVER['REQUEST_URI'], "api/") + 4));
27
+
28
+    if (count($route) > 1) {
29
+        $VARS["action"] = $route[0];
30
+    }
31
+    if (count($route) >= 2 && strpos($route[1], "?") !== 0) {
32
+        $VARS["key"] = $route[1];
33
+
34
+        for ($i = 2; $i < count($route); $i++) {
35
+            $key = explode("=", $route[$i], 2)[0];
36
+            $val = explode("=", $route[$i], 2)[1];
37
+            $VARS[$key] = $val;
38
+        }
39
+    }
40
+
41
+    if (strpos($route[count($route) - 1], "?") === 0) {
42
+        $morevars = explode("&", substr($route[count($route) - 1], 1));
43
+        foreach ($morevars as $var) {
44
+            $key = explode("=", $var, 2)[0];
45
+            $val = explode("=", $var, 2)[1];
46
+            $VARS[$key] = $val;
47
+        }
48
+    }
49
+}
50
+
51
+if (!authenticate()) {
52
+    http_response_code(403);
53
+    die("403 Unauthorized");
54
+}
55
+
56
+if (empty($VARS['action'])) {
57
+    http_response_code(404);
58
+    die("404 No action specified");
59
+}
60
+
61
+if (!isset($APIS[$VARS['action']])) {
62
+    http_response_code(404);
63
+    die("404 Action not defined");
64
+}
65
+
66
+$APIACTION = $APIS[$VARS["action"]];
67
+
68
+if (!file_exists(__DIR__ . "/actions/" . $APIACTION["load"])) {
69
+    http_response_code(404);
70
+    die("404 Action not found");
71
+}
72
+
73
+if (!empty($APIACTION["vars"])) {
74
+    checkVars($APIACTION["vars"]);
75
+}
76
+
77
+require_once __DIR__ . "/actions/" . $APIACTION["load"];

+ 54
- 0
lib/AccountHubApi.lib.php View File

@@ -0,0 +1,54 @@
1
+<?php
2
+
3
+/*
4
+ * This Source Code Form is subject to the terms of the Mozilla Public
5
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
6
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
7
+ */
8
+
9
+class AccountHubApi {
10
+
11
+    public static function get(string $action, array $data = null, bool $throwex = false) {
12
+        $content = [
13
+            "action" => $action,
14
+            "key" => PORTAL_KEY
15
+        ];
16
+        if (!is_null($data)) {
17
+            $content = array_merge($content, $data);
18
+        }
19
+        $options = [
20
+            'http' => [
21
+                'method' => 'POST',
22
+                'content' => json_encode($content),
23
+                'header' => "Content-Type: application/json\r\n" .
24
+                "Accept: application/json\r\n",
25
+                "ignore_errors" => true
26
+            ]
27
+        ];
28
+
29
+        $context = stream_context_create($options);
30
+        $result = file_get_contents(PORTAL_API, false, $context);
31
+        $response = json_decode($result, true);
32
+        if ($result === false || !AccountHubApi::checkHttpRespCode($http_response_header) || json_last_error() != JSON_ERROR_NONE) {
33
+            if ($throwex) {
34
+                throw new Exception($result);
35
+            } else {
36
+                sendError($result);
37
+            }
38
+        }
39
+        return $response;
40
+    }
41
+
42
+    private static function checkHttpRespCode(array $headers): bool {
43
+        foreach ($headers as $header) {
44
+            if (preg_match("/HTTP\/[0-9]\.[0-9] [0-9]{3}.*/", $header)) {
45
+                $respcode = explode(" ", $header)[1] * 1;
46
+                if ($respcode >= 200 && $respcode < 300) {
47
+                    return true;
48
+                }
49
+            }
50
+        }
51
+        return false;
52
+    }
53
+
54
+}

+ 2
- 28
lib/Login.lib.php View File

@@ -74,21 +74,7 @@ class Login {
74 74
      */
75 75
     public static function checkLoginServer() {
76 76
         try {
77
-            $client = new GuzzleHttp\Client();
78
-
79
-            $response = $client
80
-                    ->request('POST', PORTAL_API, [
81
-                'form_params' => [
82
-                    'key' => PORTAL_KEY,
83
-                    'action' => "ping"
84
-                ]
85
-            ]);
86
-
87
-            if ($response->getStatusCode() != 200) {
88
-                return false;
89
-            }
90
-
91
-            $resp = json_decode($response->getBody(), TRUE);
77
+            $resp = AccountHubApi::get("ping");
92 78
             if ($resp['status'] == "OK") {
93 79
                 return true;
94 80
             } else {
@@ -107,19 +93,7 @@ class Login {
107 93
      */
108 94
     function checkAPIKey($key) {
109 95
         try {
110
-            $client = new GuzzleHttp\Client();
111
-
112
-            $response = $client
113
-                    ->request('POST', PORTAL_API, [
114
-                'form_params' => [
115
-                    'key' => $key,
116
-                    'action' => "ping"
117
-                ]
118
-            ]);
119
-
120
-            if ($response->getStatusCode() === 200) {
121
-                return true;
122
-            }
96
+            $resp = AccountHubApi::get("ping", null, true);
123 97
             return false;
124 98
         } catch (Exception $e) {
125 99
             return false;

+ 9
- 21
lib/Notifications.lib.php View File

@@ -32,27 +32,15 @@ class Notifications {
32 32
                 $timestamp = date("Y-m-d H:i:s", strtotime($timestamp));
33 33
             }
34 34
 
35
-            $client = new GuzzleHttp\Client();
36
-
37
-            $response = $client
38
-                    ->request('POST', PORTAL_API, [
39
-                'form_params' => [
40
-                    'key' => PORTAL_KEY,
41
-                    'action' => "addnotification",
42
-                    'uid' => $user->getUID(),
43
-                    'title' => $title,
44
-                    'content' => $content,
45
-                    'timestamp' => $timestamp,
46
-                    'url' => $url,
47
-                    'sensitive' => $sensitive
48
-                ]
49
-            ]);
50
-
51
-            if ($response->getStatusCode() > 299) {
52
-                sendError("Login server error: " . $response->getBody());
53
-            }
54
-
55
-            $resp = json_decode($response->getBody(), TRUE);
35
+            $resp = AccountHubApi::get("addnotification", [
36
+                        'uid' => $user->getUID(),
37
+                        'title' => $title,
38
+                        'content' => $content,
39
+                        'timestamp' => $timestamp,
40
+                        'url' => $url,
41
+                        'sensitive' => $sensitive
42
+                            ]
43
+            );
56 44
             if ($resp['status'] == "OK") {
57 45
                 return $resp['id'] * 1;
58 46
             } else {

+ 9
- 146
lib/User.lib.php View File

@@ -17,22 +17,7 @@ class User {
17 17
 
18 18
     public function __construct(int $uid, string $username = "") {
19 19
         // Check if user exists
20
-        $client = new GuzzleHttp\Client();
21
-
22
-        $response = $client
23
-                ->request('POST', PORTAL_API, [
24
-            'form_params' => [
25
-                'key' => PORTAL_KEY,
26
-                'action' => "userexists",
27
-                'uid' => $uid
28
-            ]
29
-        ]);
30
-
31
-        if ($response->getStatusCode() > 299) {
32
-            sendError("Login server error: " . $response->getBody());
33
-        }
34
-
35
-        $resp = json_decode($response->getBody(), TRUE);
20
+        $resp = AccountHubApi::get("userexists", ["uid" => $uid]);
36 21
         if ($resp['status'] == "OK" && $resp['exists'] === true) {
37 22
             $this->exists = true;
38 23
         } else {
@@ -43,22 +28,7 @@ class User {
43 28
 
44 29
         if ($this->exists) {
45 30
             // Get user info
46
-            $client = new GuzzleHttp\Client();
47
-
48
-            $response = $client
49
-                    ->request('POST', PORTAL_API, [
50
-                'form_params' => [
51
-                    'key' => PORTAL_KEY,
52
-                    'action' => "userinfo",
53
-                    'uid' => $uid
54
-                ]
55
-            ]);
56
-
57
-            if ($response->getStatusCode() > 299) {
58
-                sendError("Login server error: " . $response->getBody());
59
-            }
60
-
61
-            $resp = json_decode($response->getBody(), TRUE);
31
+            $resp = AccountHubApi::get("userinfo", ["uid" => $uid]);
62 32
             if ($resp['status'] == "OK") {
63 33
                 $this->uid = $resp['data']['uid'] * 1;
64 34
                 $this->username = $resp['data']['username'];
@@ -71,22 +41,7 @@ class User {
71 41
     }
72 42
 
73 43
     public static function byUsername(string $username): User {
74
-        $client = new GuzzleHttp\Client();
75
-
76
-        $response = $client
77
-                ->request('POST', PORTAL_API, [
78
-            'form_params' => [
79
-                'key' => PORTAL_KEY,
80
-                'username' => $username,
81
-                'action' => "userinfo"
82
-            ]
83
-        ]);
84
-
85
-        if ($response->getStatusCode() > 299) {
86
-            sendError("Login server error: " . $response->getBody());
87
-        }
88
-
89
-        $resp = json_decode($response->getBody(), TRUE);
44
+        $resp = AccountHubApi::get("userinfo", ["username" => $username]);
90 45
         if (!isset($resp['status'])) {
91 46
             sendError("Login server error: " . $resp);
92 47
         }
@@ -105,22 +60,8 @@ class User {
105 60
         if (!$this->exists) {
106 61
             return false;
107 62
         }
108
-        $client = new GuzzleHttp\Client();
109
-
110
-        $response = $client
111
-                ->request('POST', PORTAL_API, [
112
-            'form_params' => [
113
-                'key' => PORTAL_KEY,
114
-                'action' => "hastotp",
115
-                'username' => $this->username
116
-            ]
117
-        ]);
118
-
119
-        if ($response->getStatusCode() > 299) {
120
-            sendError("Login server error: " . $response->getBody());
121
-        }
122 63
 
123
-        $resp = json_decode($response->getBody(), TRUE);
64
+        $resp = AccountHubApi::get("hastotp", ['username' => $this->username]);
124 65
         if ($resp['status'] == "OK") {
125 66
             return $resp['otp'] == true;
126 67
         } else {
@@ -150,23 +91,7 @@ class User {
150 91
      * @return bool
151 92
      */
152 93
     function checkPassword(string $password): bool {
153
-        $client = new GuzzleHttp\Client();
154
-
155
-        $response = $client
156
-                ->request('POST', PORTAL_API, [
157
-            'form_params' => [
158
-                'key' => PORTAL_KEY,
159
-                'action' => "auth",
160
-                'username' => $this->username,
161
-                'password' => $password
162
-            ]
163
-        ]);
164
-
165
-        if ($response->getStatusCode() > 299) {
166
-            sendError("Login server error: " . $response->getBody());
167
-        }
168
-
169
-        $resp = json_decode($response->getBody(), TRUE);
94
+        $resp = AccountHubApi::get("auth", ['username' => $this->username, 'password' => $password]);
170 95
         if ($resp['status'] == "OK") {
171 96
             return true;
172 97
         } else {
@@ -178,23 +103,8 @@ class User {
178 103
         if (!$this->has2fa) {
179 104
             return true;
180 105
         }
181
-        $client = new GuzzleHttp\Client();
182
-
183
-        $response = $client
184
-                ->request('POST', PORTAL_API, [
185
-            'form_params' => [
186
-                'key' => PORTAL_KEY,
187
-                'action' => "verifytotp",
188
-                'username' => $this->username,
189
-                'code' => $code
190
-            ]
191
-        ]);
192
-
193
-        if ($response->getStatusCode() > 299) {
194
-            sendError("Login server error: " . $response->getBody());
195
-        }
196 106
 
197
-        $resp = json_decode($response->getBody(), TRUE);
107
+        $resp = AccountHubApi::get("verifytotp", ['username' => $this->username, 'code' => $code]);
198 108
         if ($resp['status'] == "OK") {
199 109
             return $resp['valid'];
200 110
         } else {
@@ -209,23 +119,7 @@ class User {
209 119
      * @return boolean TRUE if the user has the permission (or admin access), else FALSE
210 120
      */
211 121
     function hasPermission(string $code): bool {
212
-        $client = new GuzzleHttp\Client();
213
-
214
-        $response = $client
215
-                ->request('POST', PORTAL_API, [
216
-            'form_params' => [
217
-                'key' => PORTAL_KEY,
218
-                'action' => "permission",
219
-                'username' => $this->username,
220
-                'code' => $code
221
-            ]
222
-        ]);
223
-
224
-        if ($response->getStatusCode() > 299) {
225
-            sendError("Login server error: " . $response->getBody());
226
-        }
227
-
228
-        $resp = json_decode($response->getBody(), TRUE);
122
+        $resp = AccountHubApi::get("permission", ['username' => $this->username, 'code' => $code]);
229 123
         if ($resp['status'] == "OK") {
230 124
             return $resp['has_permission'];
231 125
         } else {
@@ -238,23 +132,7 @@ class User {
238 132
      * @return \AccountStatus
239 133
      */
240 134
     function getStatus(): AccountStatus {
241
-
242
-        $client = new GuzzleHttp\Client();
243
-
244
-        $response = $client
245
-                ->request('POST', PORTAL_API, [
246
-            'form_params' => [
247
-                'key' => PORTAL_KEY,
248
-                'action' => "acctstatus",
249
-                'username' => $this->username
250
-            ]
251
-        ]);
252
-
253
-        if ($response->getStatusCode() > 299) {
254
-            sendError("Login server error: " . $response->getBody());
255
-        }
256
-
257
-        $resp = json_decode($response->getBody(), TRUE);
135
+        $resp = AccountHubApi::get("acctstatus", ['username' => $this->username]);
258 136
         if ($resp['status'] == "OK") {
259 137
             return AccountStatus::fromString($resp['account']);
260 138
         } else {
@@ -263,23 +141,8 @@ class User {
263 141
     }
264 142
 
265 143
     function sendAlertEmail(string $appname = SITE_TITLE) {
266
-        $client = new GuzzleHttp\Client();
267
-
268
-        $response = $client
269
-                ->request('POST', PORTAL_API, [
270
-            'form_params' => [
271
-                'key' => PORTAL_KEY,
272
-                'action' => "alertemail",
273
-                'username' => $this->username,
274
-                'appname' => SITE_TITLE
275
-            ]
276
-        ]);
277
-
278
-        if ($response->getStatusCode() > 299) {
279
-            return "An unknown error occurred.";
280
-        }
144
+        $resp = AccountHubApi::get("alertemail", ['username' => $this->username, 'appname' => SITE_TITLE]);
281 145
 
282
-        $resp = json_decode($response->getBody(), TRUE);
283 146
         if ($resp['status'] == "OK") {
284 147
             return true;
285 148
         } else {

+ 9
- 34
mobile/index.php View File

@@ -23,21 +23,7 @@ if ($VARS['action'] == "ping") {
23 23
 }
24 24
 
25 25
 function mobile_enabled() {
26
-    $client = new GuzzleHttp\Client();
27
-
28
-    $response = $client
29
-            ->request('POST', PORTAL_API, [
30
-        'form_params' => [
31
-            'key' => PORTAL_KEY,
32
-            'action' => "mobileenabled"
33
-        ]
34
-    ]);
35
-
36
-    if ($response->getStatusCode() > 299) {
37
-        return false;
38
-    }
39
-
40
-    $resp = json_decode($response->getBody(), TRUE);
26
+    $resp = AccountHubApi::get("mobileenabled");
41 27
     if ($resp['status'] == "OK" && $resp['mobile'] === TRUE) {
42 28
         return true;
43 29
     } else {
@@ -46,26 +32,15 @@ function mobile_enabled() {
46 32
 }
47 33
 
48 34
 function mobile_valid($username, $code) {
49
-    $client = new GuzzleHttp\Client();
50
-
51
-    $response = $client
52
-            ->request('POST', PORTAL_API, [
53
-        'form_params' => [
54
-            'key' => PORTAL_KEY,
55
-            "code" => $code,
56
-            "username" => $username,
57
-            'action' => "mobilevalid"
58
-        ]
59
-    ]);
35
+    try {
36
+        $resp = AccountHubApi::get("mobilevalid", ["code" => $code, "username" => $username], true);
60 37
 
61
-    if ($response->getStatusCode() > 299) {
62
-        return false;
63
-    }
64
-
65
-    $resp = json_decode($response->getBody(), TRUE);
66
-    if ($resp['status'] == "OK" && $resp['valid'] === TRUE) {
67
-        return true;
68
-    } else {
38
+        if ($resp['status'] == "OK" && $resp['valid'] === TRUE) {
39
+            return true;
40
+        } else {
41
+            return false;
42
+        }
43
+    } catch (Exception $ex) {
69 44
         return false;
70 45
     }
71 46
 }

+ 1
- 1
settings.template.php View File

@@ -22,7 +22,7 @@ define("SITE_TITLE", "Web App Template");
22 22
 
23 23
 
24 24
 // URL of the AccountHub API endpoint
25
-define("PORTAL_API", "http://localhost/accounthub/api.php");
25
+define("PORTAL_API", "http://localhost/accounthub/api/");
26 26
 // URL of the AccountHub home page
27 27
 define("PORTAL_URL", "http://localhost/accounthub/home.php");
28 28
 // AccountHub API Key

Loading…
Cancel
Save