v1.2 initial commit
This commit is contained in:
89
pub/api/v1/users/index.php
Normal file
89
pub/api/v1/users/index.php
Normal file
@@ -0,0 +1,89 @@
|
||||
<?php
|
||||
|
||||
use api\classes\API_users;
|
||||
|
||||
session_start();
|
||||
require_once $_SERVER['DOCUMENT_ROOT'] . '/api/classes/API_users.php';
|
||||
|
||||
$API_users = new API_users();
|
||||
|
||||
if ($API_users->request_method === 'GET') {
|
||||
#echo json_encode($api->getAllUsers());
|
||||
|
||||
|
||||
} elseif ($API_users->request_method === 'POST') {
|
||||
# create a new user
|
||||
$API_users->checkPermissions('admin-access-admins', 'RW');
|
||||
|
||||
$requiredFields = [
|
||||
'user_group_uuid' => ['type' => 'uuid'],
|
||||
'user_email' => ['type' => 'email'],
|
||||
'user_first_name' => ['type' => 'string'],
|
||||
'user_last_name' => ['type' => 'string'],
|
||||
'user_full_name' => ['type' => 'string'],
|
||||
'user_phone_number' => ['type' => 'string'],
|
||||
'user_status' => ['type' => 'enum', 'values' => ['active', 'inactive', 'banned', 'pending']],
|
||||
'user_password' => ['type' => 'string'],
|
||||
'user_pref_language' => ['type' => 'string'],
|
||||
'user_password_reset_token' => ['type' => 'string'],
|
||||
'user_password_reset_expires' => ['type' => 'int'],
|
||||
];
|
||||
|
||||
# The user will need to verify their email, the password field cannot be NULL so set an random password for now till the user resets it on when verifing there email
|
||||
$random_string = substr(str_shuffle(str_repeat('abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01', 64)), 0, rand(50, 64));
|
||||
$user_password = password_hash($random_string, PASSWORD_BCRYPT, ["cost" => 12]);
|
||||
$API_users->postedData['user_password'] = $user_password;
|
||||
|
||||
$API_users->postedData['user_full_name'] = trim($_POST['user_first_name'] . ' ' . $_POST['user_last_name']);
|
||||
$API_users->postedData['user_pref_language'] = $_POST['user_pref_language'] ?? 'en';
|
||||
|
||||
# Password reset token that will be send to the newly created user
|
||||
$API_users->postedData['user_password_reset_token'] = bin2hex(random_bytes(32));
|
||||
$API_users->postedData['user_password_reset_expires'] = time() + 86400;
|
||||
|
||||
$API_users->validateData($requiredFields);
|
||||
$API_users->createUser();
|
||||
|
||||
} elseif ($API_users->request_method === 'PUT') {
|
||||
|
||||
# Edit a user
|
||||
$API_users->checkPermissions('admin-access-admins', 'RW');
|
||||
|
||||
$requiredFields = [
|
||||
'user_uuid' => ['type' => 'uuid'],
|
||||
'user_group_uuid' => ['type' => 'uuid'],
|
||||
'user_email' => ['type' => 'email'],
|
||||
'user_first_name' => ['type' => 'string'],
|
||||
'user_last_name' => ['type' => 'string'],
|
||||
'user_full_name' => ['type' => 'string'],
|
||||
'user_phone_number' => ['type' => 'string'],
|
||||
'user_status' => ['type' => 'enum', 'values' => ['active', 'inactive', 'banned', 'pending']],
|
||||
'user_pref_language' => ['type' => 'string'],
|
||||
'user_stompable' => ['type' => 'boolean']
|
||||
];
|
||||
|
||||
$API_users->postedData['user_full_name'] = trim($_POST['user_first_name'] . ' ' . $_POST['user_last_name']);
|
||||
$API_users->postedData['user_pref_language'] = $_POST['user_pref_language'] ?? 'en';
|
||||
$API_users->postedData['user_stompable'] = (bool)$_POST['user_stompable'];
|
||||
|
||||
|
||||
$API_users->validateData($requiredFields);
|
||||
|
||||
|
||||
$API_users->updateUser();
|
||||
|
||||
} elseif ($API_users->request_method === 'DELETE') {
|
||||
|
||||
|
||||
$API_users->return_url = false;
|
||||
|
||||
$API_users->checkPermissions('admin-access-admins', 'RW');
|
||||
$requiredFields = [
|
||||
'user_uuid' => ['type' => 'uuid'],
|
||||
];
|
||||
|
||||
|
||||
$API_users->validateData($requiredFields);
|
||||
|
||||
$API_users->deleteUser();
|
||||
}
|
||||
Reference in New Issue
Block a user