|
| 1 | +<?php declare(strict_types=1); |
| 2 | + |
| 3 | +namespace VerifierServer\Endpoints; |
| 4 | + |
| 5 | +use React\Http\Message\Response; |
| 6 | +use Psr\Http\Message\ServerRequestInterface; |
| 7 | +use VerifierServer\SS14PersistentState; |
| 8 | + |
| 9 | +/** |
| 10 | + * Class SS14VerifiedEndpoint |
| 11 | + * |
| 12 | + * This class is responsible for handling the verification process for the VerifierServer. |
| 13 | + * It implements the EndpointInterface and provides methods to handle HTTP GET, POST, and DELETE requests. |
| 14 | + * |
| 15 | + * Key Responsibilities: |
| 16 | + * - Handles GET requests to retrieve the list of verified users in JSON format. |
| 17 | + * - Handles POST requests to add a new verification entry or DELETE requests to remove an existing entry. |
| 18 | + * - Validates authorization tokens to ensure secure access to the endpoint. |
| 19 | + * - Manages the persistent state of the verification list by reading from and writing to a JSON file. |
| 20 | + * |
| 21 | + * Methods: |
| 22 | + * - __construct: Initializes the VerifiedEndpoint with a reference to the PersistentState object. |
| 23 | + * - handle: Routes incoming HTTP requests to the appropriate handler based on the HTTP method. |
| 24 | + * - get: Handles GET requests to retrieve the verification list. |
| 25 | + * - post: Handles POST requests to modify the verification list. |
| 26 | + * - __post: Adds a new entry to the verification list if its fields/columns are unique. |
| 27 | + * - delete: Handles DELETE request to remove an existing entry from the verification list. |
| 28 | + * |
| 29 | + * Authorization: |
| 30 | + * - The class checks the provided token against the expected token stored in the PersistentState. |
| 31 | + * - If the token is invalid, the response is set to 401 Unauthorized. |
| 32 | + * - If the token is valid, the requested action is performed. |
| 33 | + * |
| 34 | + * Error Handling: |
| 35 | + * - Returns 401 Unauthorized if the provided token does not match the expected token. |
| 36 | + * - Returns 403 Forbidden if a duplicate entry is detected during a POST request. |
| 37 | + * - Returns 404 Not Found if an entry to be deleted does not exist. |
| 38 | + * - Returns 405 Method Not Allowed for unsupported HTTP methods. |
| 39 | + * |
| 40 | + * Response Structure: |
| 41 | + * - Sets appropriate HTTP status codes. |
| 42 | + * - Sets the Content-Type header based on the response type (e.g., application/json, text/plain). |
| 43 | + * - Encodes the response body as JSON for successful requests or as plain text for error responses. |
| 44 | + * |
| 45 | + * @property SS14PersistentState $state |
| 46 | + * @package VerifierServer\Endpoints |
| 47 | + */ |
| 48 | +class SS14VerifiedEndpoint extends VerifiedEndpoint |
| 49 | +{ |
| 50 | + public function __construct(protected &$state) |
| 51 | + {} |
| 52 | + |
| 53 | + /** |
| 54 | + * Handles POST requests by parsing the request data and performing actions based on the method type. |
| 55 | + * |
| 56 | + * @param ServerRequestInterface|string $request The raw HTTP request string. |
| 57 | + * @param string &$response The response string to be modified based on the request handling. |
| 58 | + * @param array &$headers The variable to store the headers of the response. |
| 59 | + * @param string &$body The variable to store the body of the response. |
| 60 | + * |
| 61 | + * The function performs the following steps: |
| 62 | + * 1. Extracts the raw data from the request. |
| 63 | + * 2. Parses the raw data into an associative array. |
| 64 | + * 3. Retrieves the method type, ss14, discord, and token from the parsed data. |
| 65 | + * 4. Checks if the provided token matches the expected token. If not, sets the response to 401 Unauthorized. |
| 66 | + * 5. Retrieves the verification list from the state. |
| 67 | + * 6. Based on the method type, either deletes an entry from the list or handles the default case. |
| 68 | + */ |
| 69 | + protected function post(ServerRequestInterface|string $request, int|string &$response, array &$headers, string &$body, bool $bypass_token = false): void |
| 70 | + { |
| 71 | + $formData = $request instanceof ServerRequestInterface |
| 72 | + ? $request->getHeaders() |
| 73 | + : (is_string($request) |
| 74 | + ? self::parseHeaders($request) |
| 75 | + : []); |
| 76 | + |
| 77 | + $methodType = isset($formData['method']) |
| 78 | + ? strtolower(trim(is_array($formData['method']) ? $formData['method'][0] : $formData['method'])) |
| 79 | + : null; |
| 80 | + $discord = isset($formData['discord']) |
| 81 | + ? trim(is_array($formData['discord']) ? $formData['discord'][0] : $formData['discord']) |
| 82 | + : ''; |
| 83 | + $ss14 = isset($formData['ss14']) |
| 84 | + ? trim(is_array($formData['ss14']) ? $formData['ss14'][0] : $formData['ss14']) |
| 85 | + : ''; |
| 86 | + $token = isset($formData['token']) |
| 87 | + ? trim(is_array($formData['token']) ? $formData['token'][0] : $formData['token']) |
| 88 | + : ''; |
| 89 | + |
| 90 | + if (!$bypass_token && ($this->state->getToken() === 'changeme' || $token !== $this->state->getToken())) { |
| 91 | + $response = Response::STATUS_UNAUTHORIZED; |
| 92 | + $headers = ['Content-Type' => 'text/plain']; |
| 93 | + $body = 'Unauthorized'; |
| 94 | + return; |
| 95 | + } |
| 96 | + |
| 97 | + $list = $this->state->getVerifyList(); |
| 98 | + |
| 99 | + switch ($methodType) { |
| 100 | + case 'delete': |
| 101 | + $existingIndex = array_search($ss14, array_column($list, 'ss14')); |
| 102 | + if ($existingIndex === false) $existingIndex = array_search($discord, array_column($list, 'discord')); |
| 103 | + $this->delete( |
| 104 | + $existingIndex, |
| 105 | + $list, |
| 106 | + $response, |
| 107 | + $headers, |
| 108 | + $body |
| 109 | + ); |
| 110 | + break; |
| 111 | + default: |
| 112 | + $this->__post( |
| 113 | + $list, |
| 114 | + $ss14, |
| 115 | + $discord, |
| 116 | + $response, |
| 117 | + $headers, |
| 118 | + $body |
| 119 | + ); |
| 120 | + break; |
| 121 | + } |
| 122 | + } |
| 123 | + |
| 124 | + /** |
| 125 | + * Handles the default verification process. |
| 126 | + * |
| 127 | + * This method checks if the provided `ss14` or `discord` already exists in the list. |
| 128 | + * If either exists, it sets the response to a 403 Forbidden status. |
| 129 | + * If neither exists, it adds the new entry to the list, writes the updated list to a JSON file, |
| 130 | + * updates the state, and sets the response to a 200 OK status. |
| 131 | + * |
| 132 | + * @param array $list The list of existing entries. |
| 133 | + * @param string $ss14 The ss14 to be verified. |
| 134 | + * @param string $discord The discord identifier to be verified. |
| 135 | + * @param string &$response The response message to be set based on the verification result. |
| 136 | + * @param array &$headers The variable to store the headers of the response. |
| 137 | + * @param string &$body The variable to store the body of the response. |
| 138 | + */ |
| 139 | + protected function __post(array &$list, string $ss14, string $discord, int|string &$response, array &$headers, string &$body): void |
| 140 | + { |
| 141 | + $existingDiscordIndex = array_search($discord, array_column($list, 'discord')); |
| 142 | + $existingSS14Index = array_search($ss14, array_column($list, 'ss14')); |
| 143 | + if ($existingDiscordIndex !== false || $existingSS14Index !== false) { |
| 144 | + $response = Response::STATUS_FORBIDDEN; |
| 145 | + $headers = ['Content-Type' => 'text/plain']; |
| 146 | + $body = 'Forbidden'; |
| 147 | + return; |
| 148 | + } |
| 149 | + |
| 150 | + $list[] = [ |
| 151 | + 'discord' => $discord, |
| 152 | + 'ss14' => $ss14, |
| 153 | + 'create_time' => date('Y-m-d H:i:s') |
| 154 | + ]; |
| 155 | + $this->state::writeJson($this->state->getJsonPath(), $list); |
| 156 | + $this->state->setVerifyList($list); |
| 157 | + $headers = ['Content-Type' => 'application/json']; |
| 158 | + $headers['Content-Length'] = ($body = $this->__content()) |
| 159 | + ? strlen($body) |
| 160 | + : 0; |
| 161 | + } |
| 162 | +} |
0 commit comments