last2014
/
uwuzu_
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

APIトークンの照会エンドポイントを作成・誤ったHTTPレスポンスコードを修正

This commit is contained in:
Last2014 2025-09-14 19:56:03 +09:00
parent 6974857074
commit efa73e027a
3 changed files with 110 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

108
api/token/inquiry.php Normal file
View File

@ -0,0 +1,108 @@
<?php
$domain = $_SERVER['HTTP_HOST'];
require(__DIR__ . '/../../db.php');
require(__DIR__ . "/../../function/function.php");
blockedIP($_SERVER['REMOTE_ADDR']);
header("Content-Type: application/json; charset=utf-8");
header("Access-Control-Allow-Origin: *");
$pdo = null;
try {
$option = array(
PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
PDO::MYSQL_ATTR_MULTI_STATEMENTS => false
);
$pdo = new PDO('mysql:charset=utf8mb4;dbname='.DB_NAME.';host='.DB_HOST , DB_USER, DB_PASS, $option);
} catch(PDOException $e) {
// 接続エラーのときエラー内容を取得する
$error_message[] = $e->getMessage();
}
$Get_Post_Json = file_get_contents("php://input");
if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
// トークン取得
$token = getAPIToken();
if($token == "_ERR:INPUT_NOT_FOUND"){
$err = "input_not_found";
$response = array(
'error_code' => $err,
'success' => false
);
http_response_code(401);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
}
if($token == "_ERR:FORMAT_FIFFERENT"){
$err = "token_invalid";
$response = array(
'error_code' => $err,
'success' => false
);
http_response_code(403);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit;
}
session_start();
if( !empty($pdo) ) {
$tokenQuery = $pdo->prepare("SELECT userid, scope FROM api WHERE token = :token");
$tokenQuery->bindValue(':token', $token);
$tokenQuery->execute();
$tokenData = $tokenQuery->fetch();
if(!(empty($tokenData["userid"]))){
$allow_scope = array_unique(array_map('trim', explode(",", $tokenData["scope"])));
$userdata = getUserData($pdo, $tokenData["userid"]);
$response = array(
'allow_scopes' => $allow_scope,
'username' => decode_yajirushi(htmlspecialchars_decode($userdata["username"])),
'userid' => decode_yajirushi(htmlspecialchars_decode($userdata["userid"])),
'success' => true
);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
}else{
$userQuery = $pdo->prepare("SELECT * FROM account WHERE token = :token");
$userQuery->bindValue(':token', $token);
$userQuery->execute();
$userData = $userQuery->fetch();
if(empty($userData["userid"])){
$response = array(
'error_code' => 'token_invalid',
'success' => false
);
http_response_code(403);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
}elseif($userData["role"] === "ice"){
$response = array(
'error_code' => 'this_account_has_been_frozen',
'success' => false
);
http_response_code(400);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
}else{
$response = array(
'error_code' => 'could_not_complete',
'success' => false
);
http_response_code(500);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
}
}
}
}else{
$err = "input_not_found";
$response = array(
'error_code' => $err,
'success' => false
);
http_response_code(401);
echo json_encode($response, JSON_UNESCAPED_UNICODE);
}
?>

2
api/ueuse/bookmark/index.php
View File

@ -197,7 +197,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
'error_code' => $err, 'error_code' => $err,
'success' => false 'success' => false
); );
http_response_code(400); http_response_code(500);
echo json_encode($response, JSON_UNESCAPED_UNICODE); echo json_encode($response, JSON_UNESCAPED_UNICODE);
} }
}else{ }else{

2
api/ueuse/delete.php
View File

@ -88,7 +88,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
'userid' => decode_yajirushi(htmlspecialchars_decode($userData["userid"])), 'userid' => decode_yajirushi(htmlspecialchars_decode($userData["userid"])),
'success' => false 'success' => false
); );
http_response_code(400); http_response_code(500);
echo json_encode($response, JSON_UNESCAPED_UNICODE); echo json_encode($response, JSON_UNESCAPED_UNICODE);
exit; exit;
} }