Sarobidy22
/
MasterClass
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1 Commit
1 Branch
0 Tags
117 MiB
 
 
 
 
 
 
Tree: e221c605b0
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'e221c605b0'
${ noResults }
MasterClass/application/controllers/subscriber/User.php

136 lines
4.5 KiB
Raw Blame History

<?php
defined('BASEPATH') OR exit('No direct script access allowed');
class User extends CI_Controller {
private $api_keys = [
'sk_test_51HfABCDEF1234567890qwertyuio98765lkjhgfdsazxcvbnm'
];
public function __construct() {
parent::__construct();
$this->load->model('user_model', '', TRUE);
// Autoriser les requêtes externes (CORS)
header('Access-Control-Allow-Origin: *');
header('Access-Control-Allow-Methods: GET, POST, OPTIONS');
header('Access-Control-Allow-Headers: Content-Type, API-Key, Authorization');
// Définir le Content-Type par défaut pour JSON
header('Content-Type: application/json');
}
/* Vérifie les en-têtes API-Key et Authorization
*/
private function verify_api_key_and_authorization() {
$api_key = $this->input->get_request_header('API-Key', true);
$authorization = $this->input->get_request_header('Authorization', true);
// Vérification de la clé API
if (!in_array($api_key, $this->api_keys)) {
$response = [
'status' => 'error',
'message' => 'Clé API invalide.'
];
echo json_encode($response);
http_response_code(403);
exit;
}
// Vérification de l'Authorization
if (empty($authorization) || strpos($authorization, 'Bearer ') !== 0) {
$response = [
'status' => 'error',
'message' => 'Authorization invalide ou manquante.'
];
echo json_encode($response);
http_response_code(403);
exit;
}
}
public function create_new_admin() {
// Gérer les requêtes OPTIONS (pré-vol)
$this->verify_api_key_and_authorization();
if ($_SERVER['REQUEST_METHOD'] === 'OPTIONS') {
http_response_code(200);
exit;
}
// Vérifiez la méthode HTTP
if ($this->input->method() !== 'post') {
$response = [
'status' => 'error',
'message' => 'Méthode non autorisée. Utilisez POST.'
];
echo json_encode($response);
return;
}
// Vérifiez l'API-Key dans les en-têtes
$api_key = $this->input->get_request_header('API-Key', true);
if (!in_array($api_key, $this->api_keys)) {
$response = [
'status' => 'error',
'message' => 'Clé API invalide.'
];
echo json_encode($response);
return;
}
// Récupérer les données JSON envoyées
$input = json_decode($this->input->raw_input_stream, true);
if (!$input) {
$response = [
'status' => 'error',
'message' => 'Aucune donnée reçue ou format incorrect.'
];
echo json_encode($response);
return;
}
// Validez les données reçues
$required_fields = ['last_name', 'first_name', 'email', 'username', 'telephone', 'iban', 'password'];
foreach ($required_fields as $field) {
if (empty($input[$field])) {
$response = [
'status' => 'error',
'message' => "Le champ $field est manquant ou vide."
];
echo json_encode($response);
return;
}
}
// Enregistrez les données dans la base de données
$user_id = $this->user_model->add_new_user([
'first_name' => $this->security->xss_clean($input['last_name']),
'last_name' => $this->security->xss_clean($input['first_name']),
'email_address' => $this->security->xss_clean($input['email']),
'username' => $this->security->xss_clean($input['username']),
'user_role' => 2,
'telephone' => $this->security->xss_clean($input['telephone']),
'iban' => $this->security->xss_clean($input['iban']),
'password' => $this->security->xss_clean($input['password'])
]);
if ($user_id) {
$response = [
'status' => 'success',
'message' => 'Admin crée avec succès.'
];
} else {
$response = [
'status' => 'error',
'message' => 'Une erreur est survenue lors de l\'enregistrement des données.'
];
}
// Retournez la réponse
echo json_encode($response);
}
}