/
api.php
108 lines (86 loc) · 3.43 KB
/
api.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
<?php
/**
* Created by PhpStorm.
* User: Bojidar
* Date: 10/7/2020
* Time: 5:50 PM
*/
use Illuminate\Support\Facades\App;
use Illuminate\Support\Facades\Route;
Route::get('api/users/export_my_data', function (\Illuminate\Http\Request $request) {
if (!is_logged()) {
return array('error' => 'You must be logged');
}
$userId = (int) $request->all()['user_id'];
$allowToExport = false;
if ($userId == user_id()) {
$allowToExport = true;
} else if (is_admin()) {
$allowToExport = true;
}
if ($allowToExport == false) {
return array('error' => 'You are now allowed to export this information.');
}
$exportFromTables = [];
$prefix = mw()->database_manager->get_prefix();
$tablesList = mw()->database_manager->get_tables_list(true);
foreach ($tablesList as $table) {
$table = str_replace($prefix, false, $table);
$columns = Schema::getColumnListing($table);
if (in_array('created_by', $columns)) {
$exportFromTables[] = $table;
}
}
$exportData = [];
foreach ($exportFromTables as $exportFromTable) {
$getData = \Illuminate\Support\Facades\DB::table($exportFromTable)->where('created_by', $userId)->get();
if (!empty($getData)) {
$exportData[$exportFromTable] = $getData->toArray();
}
}
$json = new \MicroweberPackages\Backup\Exporters\JsonExport($exportData);
$getJson = $json->start();
if (isset($getJson['files'][0]['filepath'])) {
return response()->download($getJson['files'][0]['filepath'])->deleteFileAfterSend(true);
}
})->name('api.users.export_my_data');
// Admin web
Route::prefix(ADMIN_PREFIX)->middleware(['admin'])->namespace('\MicroweberPackages\User\Http\Controllers')->group(function () {
Route::get('login', 'UserLoginController@index')->name('admin.login')->middleware(['allowed_ips']);
});
// OLD API SAVE USER
Route::post('api/save_user', function (Request $request) {
if (!defined('MW_API_CALL')) {
define('MW_API_CALL', true);
}
if(!is_logged()){
App::abort(403, 'Unauthorized action.');
}
$input = Input::all();
return save_user($input);
})->middleware(['api']);
Route::post('api/delete_user', function (Request $request) {
if (!defined('MW_API_CALL')) {
define('MW_API_CALL', true);
}
if(!is_admin()){
App::abort(403, 'Unauthorized action.');
}
$input = Input::all();
return delete_user($input);
})->middleware(['api']);
Route::name('api.user.')->prefix('api/user')->middleware(['public.api'])->namespace('\MicroweberPackages\User\Http\Controllers')->group(function () {
Route::post('login', 'UserLoginController@login')->name('login')->middleware(['allowed_ips','throttle:60,1']);
Route::any('logout', 'UserLoginController@logout')->name('logout');
Route::post('register', 'UserRegisterController@register')->name('register')->middleware(['allowed_ips']);
Route::post('/forgot-password', 'UserForgotPasswordController@send')->name('password.email');
Route::post('/reset-password', 'UserForgotPasswordController@update')->name('password.update');
Route::post('/profile-update', 'UserProfileController@update')->name('profile.update');
});
Route::name('api.')
->prefix('api')
->middleware(['api'])
->namespace('\MicroweberPackages\User\Http\Controllers\Api')
->group(function () {
Route::apiResource('user', 'UserApiController');
});