Upload

2024-10-28 18:30:03 -04:00 · 2024-10-28 18:30:03 -04:00 · 576b1634a6
commit 576b1634a6
parent e55dc42068
5 changed files with 45 additions and 3 deletions
--- a/api/auth.php
+++ b/api/auth.php
@ -29,7 +29,7 @@ if (!is_null($token)) {
    $stmt->close();
    $mysqli->close();
    header('Content-Type: application/json');
-    echo '{"success":"' . $response['success'] . '", "isAuthenticated":' . $response['success'] . ', "token":"'. $response['token'] .'", "expires":' . $response['expires'] . ', "message":"' . $response['message'] . '"' . '}';
+    echo '{"success":"' . $response['success'] . '", "isAuthenticated":' . $response['success'] . ', "token":"'. $response['token'] .'", "expires":' . $response['expires'] . ', "message":"' . $response['message'] . '"}';
    return;
 }
@ -83,7 +83,8 @@ if ($result->num_rows > 0) {
 $stmt->close();
 $mysqli->close();
 // Return JSON response
 header('Content-Type: application/json');
-echo '{"success":"' . $response['success'] . '", "isAuthenticated":' . $response['success'] . ', "token":"'. $response['token'] .'", "expires":' . $response['expires'] . ', "message":"' . $response['message'] . '"' . '}';
+echo '{"success":"' . $response['success'] . '", "isAuthenticated":' . $response['success'] . ', "token":"'. $response['token'] .'", "expires":' . $response['expires'] . ', "message":"' . $response['message'] . '"}';
--- a/api/tunnel.php
+++ b/api/tunnel.php
@ -0,0 +1,34 @@
 <?php
 include_once($_SERVER['DOCUMENT_ROOT'] . '/db_config.php');
 $token = get_bearer_token();
 if (is_null($token)) {
    header('Content-Type: application/json');
    http_response_code(412);
    echo '{"error":true,"message":"No token provided"}';
    return;
 }
 $token = $mysqli->real_escape_string($token);
 $stmt = $mysqli->prepare("SELECT id FROM users WHERE token = ?");
 $stmt->bind_param('s', $token);
 $stmt->execute();
 $result = $stmt->get_result();
 $row = $result->fetch_assoc();
 if (!is_null($row)) {
    $user_id = $row['id'];
    $stmt->close();
    $stmt = $mysqli->prepare("SELECT * FROM tunnels WHERE user = ?");
    $stmt->bind_param('i', $user_id);
 } else {
    // return No user found
    header('Content-Type: application/json');
    http_response_code(403);
    echo '{"error":true,"message":"Unauthorized"}';
    $stmt->close();
    $mysqli->close();
    return;
 }
--- a/includes/utils.php
+++ b/includes/utils.php
@ -33,4 +33,5 @@ function get_bearer_token(): ?string {
        }
    }
    return null;
-}
+}
--- a/testing/api/auth.php
+++ b/testing/api/auth.php
@ -0,0 +1,3 @@
 <?php
 header('Content-Type: application/json');
 echo '{"success":true,"isAuthenticated":true,"token":"1a2b3c4d5e6f7g8h9i0j","expires":2524608000000,"message":"success"}';
--- a/testing/api/user-info.php
+++ b/testing/api/user-info.php
@ -0,0 +1,3 @@
 <?php
 header('Content-Type: application/json');
 echo '{"success":true, "message":"success", "username":"test account", "email":"test@test.com"}';