193 lines
6.7 KiB
PHP
193 lines
6.7 KiB
PHP
<?php
|
|
|
|
require_once __DIR__ . '/../vendor/autoload.php';
|
|
|
|
use Slim\Factory\AppFactory;
|
|
use DI\Container;
|
|
use Hpz937\Encryption\DataEncryptor;
|
|
use Hpz937\Phpvault\Handler\AuthHandler;
|
|
use Hpz937\Phpvault\Database;
|
|
use Hpz937\Phpvault\Middleware\AuthMiddleware;
|
|
use Hpz937\Phpvault\Vault;
|
|
use Psr\Container\ContainerInterface;
|
|
|
|
$dotenv = Dotenv\Dotenv::createImmutable(__DIR__ . '/..');
|
|
$dotenv->load();
|
|
|
|
$app = AppFactory::create();
|
|
$container = new Container();
|
|
|
|
$container->set(AuthMiddleware::class, function (ContainerInterface $container) {
|
|
$authHandler = $container->get(AuthHandler::class);
|
|
return new AuthMiddleware($authHandler);
|
|
});
|
|
|
|
$container->set(Database::class, function () {
|
|
return new Database();
|
|
});
|
|
|
|
$container->set(DataEncryptor::class, function () {
|
|
return new DataEncryptor($_ENV['ENCRYPTION_KEY']);
|
|
});
|
|
|
|
// Set up the AuthHandler in the container
|
|
$container->set(AuthHandler::class, function () {
|
|
$secretKey = $_ENV['JWT_SECRET_KEY'];
|
|
$database = new Database(); // Assuming you have a Database class
|
|
return new AuthHandler($secretKey, $database);
|
|
});
|
|
|
|
$authMiddleware = $container->get(AuthMiddleware::class);
|
|
|
|
AppFactory::setContainer($container);
|
|
|
|
$app->post('/login', function ($request, $response) use ($container) {
|
|
$data = $request->getParsedBody();
|
|
$username = $data['username'];
|
|
$password = $data['password'];
|
|
|
|
$authHandler = $container->get(AuthHandler::class);
|
|
$token = $authHandler->generateToken($username, $password);
|
|
|
|
if ($token) {
|
|
$response->getBody()->write(json_encode(['token' => $token]));
|
|
return $response->withStatus(200);
|
|
} else {
|
|
$response->getBody()->write(json_encode(['error' => 'Invalid credentials']));
|
|
return $response->withStatus(401);
|
|
}
|
|
});
|
|
|
|
$app->post('/addUser', function ($request, $response) use ($container) {
|
|
$data = $request->getParsedBody();
|
|
$username = $data['username'];
|
|
$password = $data['password'];
|
|
|
|
$authHandler = $container->get(AuthHandler::class);
|
|
$token = $authHandler->addUser($username, $password);
|
|
|
|
return $response->withStatus(201);
|
|
});
|
|
|
|
$app->post('/manage/{vaultName}', function ($request, $response, array $args) use ($container) {
|
|
try {
|
|
// the sent body will be a json object
|
|
$secret = $request->getBody()->getContents();
|
|
|
|
// if secret is empty or secret is not valid json data return 400
|
|
if (empty($secret) || json_decode($secret) === null) {
|
|
$response->getBody()->write(json_encode(['error' => 'Invalid secret']));
|
|
return $response->withStatus(400);
|
|
}
|
|
|
|
if (!isset(json_decode($secret, true)['key'])) {
|
|
$response->getBody()->write(json_encode(['error' => 'Key is required']));
|
|
return $response->withStatus(400);
|
|
}
|
|
|
|
$key = json_decode($secret, true)['key'];
|
|
|
|
$username = $request->getAttribute('username');
|
|
|
|
if (!isset($args['vaultName'])) {
|
|
$response->getBody()->write(json_encode(['error' => 'Vault name is required']));
|
|
return $response->withStatus(400);
|
|
}
|
|
$vaultName = $args['vaultName'];
|
|
|
|
$vault = $container->get(Vault::class);
|
|
$vault->storeSecret($username, $vaultName, $key, $secret);
|
|
|
|
$response->getBody()->write(json_encode(['message' => 'Secret stored']));
|
|
return $response->withStatus(201);
|
|
} catch (Exception $e) {
|
|
$response->getBody()->write(json_encode(['error' => $e->getMessage()]));
|
|
return $response->withStatus(500);
|
|
}
|
|
})->add($authMiddleware);
|
|
|
|
$app->put('/manage/{vaultName}', function ($request, $response, array $args) use ($container) {
|
|
try {
|
|
// the sent body will be a json object
|
|
$secret = $request->getBody()->getContents();
|
|
|
|
// if secret is empty or secret is not valid json data return 400
|
|
if (empty($secret) || json_decode($secret) === null) {
|
|
$response->getBody()->write(json_encode(['error' => 'Invalid secret']));
|
|
return $response->withStatus(400);
|
|
}
|
|
|
|
if (!isset(json_decode($secret, true)['key'])) {
|
|
$response->getBody()->write(json_encode(['error' => 'Key is required']));
|
|
return $response->withStatus(400);
|
|
}
|
|
|
|
$key = json_decode($secret, true)['key'];
|
|
|
|
$username = $request->getAttribute('username');
|
|
|
|
if (!isset($args['vaultName'])) {
|
|
$response->getBody()->write(json_encode(['error' => 'Vault name is required']));
|
|
return $response->withStatus(400);
|
|
}
|
|
$vaultName = $args['vaultName'];
|
|
|
|
$vault = $container->get(Vault::class);
|
|
$vault->updateSecret($username, $vaultName, $key, $secret);
|
|
|
|
$response->getBody()->write(json_encode(['message' => 'Secret updated']));
|
|
return $response->withStatus(201);
|
|
} catch (Exception $e) {
|
|
$response->getBody()->write(json_encode(['error' => $e->getMessage()]));
|
|
return $response->withStatus(500);
|
|
}
|
|
})->add($authMiddleware);
|
|
|
|
$app->delete('/manage/{vaultName}', function ($request, $response, array $args) use ($container) {
|
|
try {
|
|
$username = $request->getAttribute('username');
|
|
$vaultName = $args['vaultName'];
|
|
$vault = $container->get(Vault::class);
|
|
$vault->deleteSecret($username, $vaultName);
|
|
$response->getBody()->write(json_encode(['message' => 'Secret deleted']));
|
|
return $response->withStatus(200);
|
|
} catch (Exception $e) {
|
|
$response->getBody()->write(json_encode(['error' => $e->getMessage()]));
|
|
return $response->withStatus(500);
|
|
}
|
|
})->add($authMiddleware);
|
|
|
|
$app->post('/vault/{vaultName}', function ($request, $response, array $args) use ($container) {
|
|
// the sent body will be a json object
|
|
$secret = $request->getBody()->getContents();
|
|
|
|
// if secret is empty or secret is not valid json data return 400
|
|
if (empty($secret) || json_decode($secret) === null || json_decode($secret)->key === null) {
|
|
$response->getBody()->write(json_encode(['error' => 'Invalid Key']));
|
|
return $response->withStatus(400);
|
|
}
|
|
|
|
$key = json_decode($secret)->key;
|
|
|
|
$username = $request->getAttribute('username');
|
|
|
|
if (!isset($args['vaultName'])) {
|
|
$response->getBody()->write(json_encode(['error' => 'Vault name is required']));
|
|
return $response->withStatus(400);
|
|
}
|
|
$vaultName = $args['vaultName'];
|
|
|
|
$vault = $container->get(Vault::class);
|
|
$secret = $vault->getSecret($username, $key, $vaultName);
|
|
|
|
if ($secret) {
|
|
$response->getBody()->write($secret);
|
|
return $response->withStatus(200);
|
|
} else {
|
|
$response->getBody()->write(json_encode(['error' => 'Secret not found']));
|
|
return $response->withStatus(404);
|
|
}
|
|
})->add($authMiddleware);
|
|
|
|
$app->run();
|