You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

233 lines
6.3 KiB

  1. <?php
  2. function require_login(&$app) {
  3. $params = $app->request()->params();
  4. if(array_key_exists('token', $params)) {
  5. try {
  6. $data = JWT::decode($params['token'], Config::$jwtSecret);
  7. $_SESSION['user_id'] = $data->user_id;
  8. $_SESSION['me'] = $data->me;
  9. } catch(DomainException $e) {
  10. header('X-Error: DomainException');
  11. $app->redirect('/', 301);
  12. } catch(UnexpectedValueException $e) {
  13. header('X-Error: UnexpectedValueException');
  14. $app->redirect('/', 301);
  15. }
  16. }
  17. if(!array_key_exists('user_id', $_SESSION)) {
  18. $app->redirect('/');
  19. return false;
  20. } else {
  21. return ORM::for_table('users')->find_one($_SESSION['user_id']);
  22. }
  23. }
  24. function generate_login_token() {
  25. return JWT::encode(array(
  26. 'user_id' => $_SESSION['user_id'],
  27. 'me' => $_SESSION['me'],
  28. 'created_at' => time()
  29. ), Config::$jwtSecret);
  30. }
  31. $app->get('/new', function() use($app) {
  32. if($user=require_login($app)) {
  33. $entry = false;
  34. $photo_url = false;
  35. $html = render('new-post', array(
  36. 'title' => 'New Post',
  37. 'micropub_endpoint' => $user->micropub_endpoint,
  38. 'token_scope' => $user->token_scope,
  39. 'access_token' => $user->access_token,
  40. 'response_date' => $user->last_micropub_response_date,
  41. 'location_enabled' => $user->location_enabled
  42. ));
  43. $app->response()->body($html);
  44. }
  45. });
  46. $app->post('/prefs', function() use($app) {
  47. if($user=require_login($app)) {
  48. $params = $app->request()->params();
  49. $user->location_enabled = $params['enabled'];
  50. $user->save();
  51. }
  52. $app->response()->body(json_encode(array(
  53. 'result' => 'ok'
  54. )));
  55. });
  56. $app->get('/creating-a-token-endpoint', function() use($app) {
  57. $app->redirect('http://indiewebcamp.com/token-endpoint', 301);
  58. });
  59. $app->get('/creating-a-micropub-endpoint', function() use($app) {
  60. $html = render('creating-a-micropub-endpoint', array('title' => 'Creating a Micropub Endpoint'));
  61. $app->response()->body($html);
  62. });
  63. $app->get('/docs', function() use($app) {
  64. $html = render('docs', array('title' => 'Documentation'));
  65. $app->response()->body($html);
  66. });
  67. $app->get('/add-to-home', function() use($app) {
  68. $params = $app->request()->params();
  69. if(array_key_exists('token', $params) && !session('add-to-home-started')) {
  70. // Verify the token and sign the user in
  71. try {
  72. $data = JWT::decode($params['token'], Config::$jwtSecret);
  73. $_SESSION['user_id'] = $data->user_id;
  74. $_SESSION['me'] = $data->me;
  75. $app->redirect('/new', 301);
  76. } catch(DomainException $e) {
  77. header('X-Error: DomainException');
  78. $app->redirect('/', 301);
  79. } catch(UnexpectedValueException $e) {
  80. header('X-Error: UnexpectedValueException');
  81. $app->redirect('/', 301);
  82. }
  83. } else {
  84. if($user=require_login($app)) {
  85. if(array_key_exists('start', $params)) {
  86. $_SESSION['add-to-home-started'] = true;
  87. $token = JWT::encode(array(
  88. 'user_id' => $_SESSION['user_id'],
  89. 'me' => $_SESSION['me'],
  90. 'created_at' => time()
  91. ), Config::$jwtSecret);
  92. $app->redirect('/add-to-home?token='.$token, 301);
  93. } else {
  94. unset($_SESSION['add-to-home-started']);
  95. $html = render('add-to-home', array('title' => 'Teacup'));
  96. $app->response()->body($html);
  97. }
  98. }
  99. }
  100. });
  101. $app->post('/post', function() use($app) {
  102. if($user=require_login($app)) {
  103. $params = $app->request()->params();
  104. // Remove any blank params
  105. $params = array_filter($params, function($v){
  106. return $v !== '';
  107. });
  108. // Store the post in the database
  109. $entry = ORM::for_table('entries')->create();
  110. $entry->user_id = $user->id;
  111. $entry->published = date('Y-m-d H:i:s');
  112. if(k($params, 'location') && $location=parse_geo_uri($params['location'])) {
  113. $entry->latitude = $location['latitude'];
  114. $entry->longitude = $location['longitude'];
  115. if($timezone=get_timezone($location['latitude'], $location['longitude'])) {
  116. $entry->timezone = $timezone->getName();
  117. $entry->tz_offset = $timezone->getOffset(new DateTime());
  118. }
  119. } else {
  120. $entry->timezone = 'UTC';
  121. $entry->tz_offset = 0;
  122. }
  123. if(k($params, 'drank')) {
  124. $entry->content = $params['drank'];
  125. $type = 'drink';
  126. } elseif(k($params, 'custom_drank')) {
  127. $entry->content = $params['custom_drank'];
  128. $type = 'drink';
  129. } elseif(k($params, 'custom_ate')) {
  130. $entry->content = $params['custom_ate'];
  131. $type = 'eat';
  132. }
  133. $entry->save();
  134. // Send to the micropub endpoint if one is defined, and store the result
  135. if($user->micropub_endpoint) {
  136. $mp_request = array(
  137. 'h' => 'entry',
  138. 'p3k-food' => $entry->content,
  139. 'p3k-type' => $type,
  140. 'location' => k($params, 'location')
  141. );
  142. $r = micropub_post($user->micropub_endpoint, $mp_request, $user->access_token);
  143. $request = $r['request'];
  144. $response = $r['response'];
  145. $entry->micropub_response = $response;
  146. // Check the response and look for a "Location" header containing the URL
  147. if($response && preg_match('/Location: (.+)/', $response, $match)) {
  148. $url = $match[1];
  149. $user->micropub_success = 1;
  150. $entry->micropub_success = 1;
  151. $entry->canonical_url = $url;
  152. } else {
  153. $entry->micropub_success = 0;
  154. }
  155. $entry->save();
  156. } else {
  157. $url = Config::$base_url . $user->url . '/' . $entry->id;
  158. }
  159. $app->redirect($url);
  160. }
  161. });
  162. $app->get('/:domain', function($domain) use($app) {
  163. $user = ORM::for_table('users')->where('url', $domain)->find_one();
  164. if(!$user) {
  165. $app->notFound();
  166. return;
  167. }
  168. $entries = ORM::for_table('entries')->where('user_id', $user->id)->find_many();
  169. $html = render('entries', array(
  170. 'title' => 'Teacup',
  171. 'entries' => $entries,
  172. 'user' => $user
  173. ));
  174. $app->response()->body($html);
  175. });
  176. $app->get('/:domain/:entry', function($domain, $entry_id) use($app) {
  177. $user = ORM::for_table('users')->where('url', $domain)->find_one();
  178. if(!$user) {
  179. $app->notFound();
  180. return;
  181. }
  182. $entry = ORM::for_table('entries')->where('user_id', $user->id)->where('id', $entry_id)->find_one();
  183. if(!$entry) {
  184. $app->notFound();
  185. return;
  186. }
  187. $html = render('entry', array(
  188. 'title' => 'Teacup',
  189. 'entry' => $entry,
  190. 'user' => $user
  191. ));
  192. $app->response()->body($html);
  193. });