mirror of
https://github.com/Dolibarr/dolibarr.git
synced 2026-02-08 00:52:01 +01:00
Clean code for REST API.
This commit is contained in:
Laurent Destailleur
@@ -140,89 +140,3 @@ class DolibarrApi
|
||||
return checkUserAccessToObject(DolibarrApiAccess::$user, $featuresarray,$resource_id,$dbtablename,$feature2,$dbt_keyfield,$dbt_select);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* API init
|
||||
*
|
||||
*/
|
||||
class DolibarrApiInit extends DolibarrApi
|
||||
{
|
||||
|
||||
function __construct() {
|
||||
global $db;
|
||||
$this->db = $db;
|
||||
}
|
||||
|
||||
/**
|
||||
* Login
|
||||
*
|
||||
* Log user with username and password
|
||||
*
|
||||
* @param string $login Username
|
||||
* @param string $password User password
|
||||
* @param int $entity User entity
|
||||
* @return array Response status and user token
|
||||
*
|
||||
* @throws RestException
|
||||
*/
|
||||
public function login($login, $password, $entity = 0) {
|
||||
|
||||
global $conf, $dolibarr_main_authentication, $dolibarr_auto_user;
|
||||
|
||||
// Authentication mode
|
||||
if (empty($dolibarr_main_authentication))
|
||||
$dolibarr_main_authentication = 'http,dolibarr';
|
||||
// Authentication mode: forceuser
|
||||
if ($dolibarr_main_authentication == 'forceuser' && empty($dolibarr_auto_user))
|
||||
$dolibarr_auto_user = 'auto';
|
||||
// Set authmode
|
||||
$authmode = explode(',', $dolibarr_main_authentication);
|
||||
|
||||
include_once DOL_DOCUMENT_ROOT . '/core/lib/security2.lib.php';
|
||||
$login = checkLoginPassEntity($login, $password, $entity, $authmode);
|
||||
if (empty($login))
|
||||
{
|
||||
throw new RestException(403, 'Access denied');
|
||||
}
|
||||
|
||||
// Generate token for user
|
||||
$token = dol_hash($login.uniqid().$conf->global->MAIN_API_KEY,1);
|
||||
|
||||
// We store API token into database
|
||||
$sql = "UPDATE ".MAIN_DB_PREFIX."user";
|
||||
$sql.= " SET api_key = '".$this->db->escape($token)."'";
|
||||
$sql.= " WHERE login = '".$this->db->escape($login)."'";
|
||||
|
||||
dol_syslog(get_class($this)."::login", LOG_DEBUG); // No log
|
||||
$result = $this->db->query($sql);
|
||||
if (!$result)
|
||||
{
|
||||
throw new RestException(500, 'Error when updating user :'.$this->db->error_msg);
|
||||
}
|
||||
|
||||
//return token
|
||||
return array(
|
||||
'success' => array(
|
||||
'code' => 200,
|
||||
'token' => $token,
|
||||
'message' => 'Welcome ' . $login
|
||||
)
|
||||
);
|
||||
}
|
||||
|
||||
/**
|
||||
* Get status (Dolibarr version)
|
||||
*
|
||||
* @access protected
|
||||
* @class DolibarrApiAccess {@requires admin}
|
||||
*/
|
||||
function status() {
|
||||
require_once DOL_DOCUMENT_ROOT . '/core/lib/functions.lib.php';
|
||||
return array(
|
||||
'success' => array(
|
||||
'code' => 200,
|
||||
'dolibarr_version' => DOL_VERSION
|
||||
)
|
||||
);
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user