APIトークンの照会エンドポイントを作成・誤ったHTTPレスポンスコードを修正
This commit is contained in:
parent
6974857074
commit
efa73e027a
|
|
@ -0,0 +1,108 @@
|
|||
<?php
|
||||
|
||||
$domain = $_SERVER['HTTP_HOST'];
|
||||
require(__DIR__ . '/../../db.php');
|
||||
require(__DIR__ . "/../../function/function.php");
|
||||
blockedIP($_SERVER['REMOTE_ADDR']);
|
||||
|
||||
header("Content-Type: application/json; charset=utf-8");
|
||||
header("Access-Control-Allow-Origin: *");
|
||||
|
||||
|
||||
|
||||
$pdo = null;
|
||||
try {
|
||||
$option = array(
|
||||
PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
|
||||
PDO::MYSQL_ATTR_MULTI_STATEMENTS => false
|
||||
);
|
||||
$pdo = new PDO('mysql:charset=utf8mb4;dbname='.DB_NAME.';host='.DB_HOST , DB_USER, DB_PASS, $option);
|
||||
} catch(PDOException $e) {
|
||||
// 接続エラーのときエラー内容を取得する
|
||||
$error_message[] = $e->getMessage();
|
||||
}
|
||||
|
||||
$Get_Post_Json = file_get_contents("php://input");
|
||||
if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
|
||||
// トークン取得
|
||||
$token = getAPIToken();
|
||||
if($token == "_ERR:INPUT_NOT_FOUND"){
|
||||
$err = "input_not_found";
|
||||
$response = array(
|
||||
'error_code' => $err,
|
||||
'success' => false
|
||||
);
|
||||
http_response_code(401);
|
||||
echo json_encode($response, JSON_UNESCAPED_UNICODE);
|
||||
exit;
|
||||
}
|
||||
if($token == "_ERR:FORMAT_FIFFERENT"){
|
||||
$err = "token_invalid";
|
||||
$response = array(
|
||||
'error_code' => $err,
|
||||
'success' => false
|
||||
);
|
||||
http_response_code(403);
|
||||
echo json_encode($response, JSON_UNESCAPED_UNICODE);
|
||||
exit;
|
||||
}
|
||||
|
||||
session_start();
|
||||
|
||||
if( !empty($pdo) ) {
|
||||
$tokenQuery = $pdo->prepare("SELECT userid, scope FROM api WHERE token = :token");
|
||||
$tokenQuery->bindValue(':token', $token);
|
||||
$tokenQuery->execute();
|
||||
$tokenData = $tokenQuery->fetch();
|
||||
|
||||
if(!(empty($tokenData["userid"]))){
|
||||
$allow_scope = array_unique(array_map('trim', explode(",", $tokenData["scope"])));
|
||||
$userdata = getUserData($pdo, $tokenData["userid"]);
|
||||
|
||||
$response = array(
|
||||
'allow_scopes' => $allow_scope,
|
||||
'username' => decode_yajirushi(htmlspecialchars_decode($userdata["username"])),
|
||||
'userid' => decode_yajirushi(htmlspecialchars_decode($userdata["userid"])),
|
||||
'success' => true
|
||||
);
|
||||
echo json_encode($response, JSON_UNESCAPED_UNICODE);
|
||||
}else{
|
||||
$userQuery = $pdo->prepare("SELECT * FROM account WHERE token = :token");
|
||||
$userQuery->bindValue(':token', $token);
|
||||
$userQuery->execute();
|
||||
$userData = $userQuery->fetch();
|
||||
|
||||
if(empty($userData["userid"])){
|
||||
$response = array(
|
||||
'error_code' => 'token_invalid',
|
||||
'success' => false
|
||||
);
|
||||
http_response_code(403);
|
||||
echo json_encode($response, JSON_UNESCAPED_UNICODE);
|
||||
}elseif($userData["role"] === "ice"){
|
||||
$response = array(
|
||||
'error_code' => 'this_account_has_been_frozen',
|
||||
'success' => false
|
||||
);
|
||||
http_response_code(400);
|
||||
echo json_encode($response, JSON_UNESCAPED_UNICODE);
|
||||
}else{
|
||||
$response = array(
|
||||
'error_code' => 'could_not_complete',
|
||||
'success' => false
|
||||
);
|
||||
http_response_code(500);
|
||||
echo json_encode($response, JSON_UNESCAPED_UNICODE);
|
||||
}
|
||||
}
|
||||
}
|
||||
}else{
|
||||
$err = "input_not_found";
|
||||
$response = array(
|
||||
'error_code' => $err,
|
||||
'success' => false
|
||||
);
|
||||
http_response_code(401);
|
||||
echo json_encode($response, JSON_UNESCAPED_UNICODE);
|
||||
}
|
||||
?>
|
||||
|
|
@ -197,7 +197,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
|
|||
'error_code' => $err,
|
||||
'success' => false
|
||||
);
|
||||
http_response_code(400);
|
||||
http_response_code(500);
|
||||
echo json_encode($response, JSON_UNESCAPED_UNICODE);
|
||||
}
|
||||
}else{
|
||||
|
|
|
|||
|
|
@ -88,7 +88,7 @@ if(isset($_GET['token']) || (!(empty($Get_Post_Json)))) {
|
|||
'userid' => decode_yajirushi(htmlspecialchars_decode($userData["userid"])),
|
||||
'success' => false
|
||||
);
|
||||
http_response_code(400);
|
||||
http_response_code(500);
|
||||
echo json_encode($response, JSON_UNESCAPED_UNICODE);
|
||||
exit;
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in New Issue