222 lines
7.9 KiB
PHP
222 lines
7.9 KiB
PHP
<?php
|
|
|
|
require_once __DIR__ . '/../vendor/autoload.php';
|
|
|
|
use Slim\Factory\AppFactory;
|
|
use DI\Container;
|
|
use Hpz937\Encryption\DataEncryptor;
|
|
use Hpz937\Phpvault\Handler\AuthHandler;
|
|
use Hpz937\Phpvault\Database;
|
|
use Hpz937\Phpvault\Middleware\AuthMiddleware;
|
|
use Hpz937\Phpvault\Vault;
|
|
use Psr\Container\ContainerInterface;
|
|
use Hpz937\Phpvault\Handler\HtmlErrorRenderer;
|
|
use Hpz937\Phpvault\Handler\JsonErrorRenderer;
|
|
|
|
$dotenv = Dotenv\Dotenv::createImmutable(__DIR__ . '/..');
|
|
$dotenv->load();
|
|
|
|
$app = AppFactory::create();
|
|
$container = new Container();
|
|
|
|
$container->set(AuthMiddleware::class, function (ContainerInterface $container) {
|
|
$authHandler = $container->get(AuthHandler::class);
|
|
return new AuthMiddleware($authHandler);
|
|
});
|
|
|
|
$container->set(Database::class, function () {
|
|
return new Database();
|
|
});
|
|
|
|
$container->set(DataEncryptor::class, function () {
|
|
return new DataEncryptor($_ENV['ENCRYPTION_KEY']);
|
|
});
|
|
|
|
// Set up the AuthHandler in the container
|
|
$container->set(AuthHandler::class, function () {
|
|
$secretKey = $_ENV['JWT_SECRET_KEY'];
|
|
$database = new Database(); // Assuming you have a Database class
|
|
return new AuthHandler($secretKey, $database);
|
|
});
|
|
|
|
$authMiddleware = $container->get(AuthMiddleware::class);
|
|
|
|
AppFactory::setContainer($container);
|
|
|
|
$app->post('/login', function ($request, $response) use ($container) {
|
|
// Detect the content type of the request
|
|
$contentType = $request->getHeaderLine('Content-Type');
|
|
|
|
// Initialize $data to store parsed body
|
|
$data = [];
|
|
|
|
// If Content-Type is application/json, decode the JSON body
|
|
if (strstr($contentType, 'application/json')) {
|
|
$data = json_decode($request->getBody()->getContents(), true);
|
|
} else {
|
|
// Otherwise, parse the body as form data
|
|
$data = $request->getParsedBody();
|
|
}
|
|
if (isset($data['username'], $data['password'])) {
|
|
$username = $data['username'];
|
|
$password = $data['password'];
|
|
|
|
$authHandler = $container->get(AuthHandler::class);
|
|
$token = $authHandler->generateToken($username, $password);
|
|
|
|
if ($token) {
|
|
$response->getBody()->write(json_encode(['token' => $token]));
|
|
return $response->withStatus(200);
|
|
} else {
|
|
$response->getBody()->write(json_encode(['error' => 'Invalid credentials']));
|
|
return $response->withStatus(401);
|
|
}
|
|
|
|
} else {
|
|
// Handle missing fields
|
|
$response->getBody()->write(json_encode(['error' => 'Username and password required']));
|
|
return $response->withHeader('Content-Type', 'application/json')->withStatus(400);
|
|
}
|
|
});
|
|
|
|
$app->post('/addUser', function ($request, $response) use ($container) {
|
|
$data = $request->getParsedBody();
|
|
$username = $data['username'];
|
|
$password = $data['password'];
|
|
|
|
$authHandler = $container->get(AuthHandler::class);
|
|
$token = $authHandler->addUser($username, $password);
|
|
|
|
return $response->withStatus(201);
|
|
});
|
|
|
|
$app->post('/manage/{vaultName}', function ($request, $response, array $args) use ($container) {
|
|
try {
|
|
// the sent body will be a json object
|
|
$secret = $request->getBody()->getContents();
|
|
|
|
// if secret is empty or secret is not valid json data return 400
|
|
if (empty($secret) || json_decode($secret) === null) {
|
|
$response->getBody()->write(json_encode(['error' => 'Invalid secret']));
|
|
return $response->withStatus(400);
|
|
}
|
|
|
|
if (!isset(json_decode($secret, true)['key'])) {
|
|
$response->getBody()->write(json_encode(['error' => 'Key is required']));
|
|
return $response->withStatus(400);
|
|
}
|
|
|
|
$key = json_decode($secret, true)['key'];
|
|
|
|
$username = $request->getAttribute('username');
|
|
|
|
if (!isset($args['vaultName'])) {
|
|
$response->getBody()->write(json_encode(['error' => 'Vault name is required']));
|
|
return $response->withStatus(400);
|
|
}
|
|
$vaultName = $args['vaultName'];
|
|
|
|
$vault = $container->get(Vault::class);
|
|
$vault->storeSecret($username, $vaultName, $key, $secret);
|
|
|
|
$response->getBody()->write(json_encode(['message' => 'Secret stored']));
|
|
return $response->withStatus(201);
|
|
} catch (Exception $e) {
|
|
$response->getBody()->write(json_encode(['error' => $e->getMessage()]));
|
|
return $response->withStatus(500);
|
|
}
|
|
})->add($authMiddleware);
|
|
|
|
$app->put('/manage/{vaultName}', function ($request, $response, array $args) use ($container) {
|
|
try {
|
|
// the sent body will be a json object
|
|
$secret = $request->getBody()->getContents();
|
|
|
|
// if secret is empty or secret is not valid json data return 400
|
|
if (empty($secret) || json_decode($secret) === null) {
|
|
$response->getBody()->write(json_encode(['error' => 'Invalid secret']));
|
|
return $response->withStatus(400);
|
|
}
|
|
|
|
if (!isset(json_decode($secret, true)['key'])) {
|
|
$response->getBody()->write(json_encode(['error' => 'Key is required']));
|
|
return $response->withStatus(400);
|
|
}
|
|
|
|
$key = json_decode($secret, true)['key'];
|
|
|
|
$username = $request->getAttribute('username');
|
|
|
|
if (!isset($args['vaultName'])) {
|
|
$response->getBody()->write(json_encode(['error' => 'Vault name is required']));
|
|
return $response->withStatus(400);
|
|
}
|
|
$vaultName = $args['vaultName'];
|
|
|
|
$vault = $container->get(Vault::class);
|
|
$vault->updateSecret($username, $vaultName, $key, $secret);
|
|
|
|
$response->getBody()->write(json_encode(['message' => 'Secret updated']));
|
|
return $response->withStatus(201);
|
|
} catch (Exception $e) {
|
|
$response->getBody()->write(json_encode(['error' => $e->getMessage()]));
|
|
return $response->withStatus(500);
|
|
}
|
|
})->add($authMiddleware);
|
|
|
|
$app->delete('/manage/{vaultName}', function ($request, $response, array $args) use ($container) {
|
|
try {
|
|
$username = $request->getAttribute('username');
|
|
$vaultName = $args['vaultName'];
|
|
$vault = $container->get(Vault::class);
|
|
$vault->deleteSecret($username, $vaultName);
|
|
$response->getBody()->write(json_encode(['message' => 'Secret deleted']));
|
|
return $response->withStatus(200);
|
|
} catch (Exception $e) {
|
|
$response->getBody()->write(json_encode(['error' => $e->getMessage()]));
|
|
return $response->withStatus(500);
|
|
}
|
|
})->add($authMiddleware);
|
|
|
|
$app->post('/vault/{vaultName}', function ($request, $response, array $args) use ($container) {
|
|
// the sent body will be a json object
|
|
$secret = $request->getBody()->getContents();
|
|
|
|
// if secret is empty or secret is not valid json data return 400
|
|
if (empty($secret) || json_decode($secret) === null || json_decode($secret)->key === null) {
|
|
$response->getBody()->write(json_encode(['error' => 'Invalid Key']));
|
|
return $response->withStatus(400);
|
|
}
|
|
|
|
$key = json_decode($secret)->key;
|
|
|
|
$username = $request->getAttribute('username');
|
|
|
|
if (!isset($args['vaultName'])) {
|
|
$response->getBody()->write(json_encode(['error' => 'Vault name is required']));
|
|
return $response->withStatus(400);
|
|
}
|
|
$vaultName = $args['vaultName'];
|
|
|
|
$vault = $container->get(Vault::class);
|
|
$secret = $vault->getSecret($username, $key, $vaultName);
|
|
|
|
if ($secret) {
|
|
$response->getBody()->write($secret);
|
|
return $response->withStatus(200);
|
|
} else {
|
|
$response->getBody()->write(json_encode(['error' => 'Secret not found']));
|
|
return $response->withStatus(404);
|
|
}
|
|
})->add($authMiddleware);
|
|
|
|
// Add Error Middleware
|
|
$errorMiddleware = $app->addErrorMiddleware(true, true, true);
|
|
|
|
// Get the default error handler and register my custom error renderer.
|
|
$errorHandler = $errorMiddleware->getDefaultErrorHandler();
|
|
$errorHandler->registerErrorRenderer('text/html', HtmlErrorRenderer::class);
|
|
$errorHandler->registerErrorRenderer('application/json', JsonErrorRenderer::class);
|
|
|
|
$app->run();
|