Got the Oauth stuff working. Moved the client id and secret to db.inc…

….php, which is now ignored by Git. Started working on the administrative screens. #2

repo/api/index.php

@@ -82,6 +82,11 @@ function echoRespnse($status_code, $response) {
  */
 	function authenticate(\Slim\Route $route) {
 
+		// If being called from the same server, short circuit this process
+		if ( $_SERVER["REMOTE_ADDR"] == "127.0.0.1" ) {
+			return;
+		}
+
 		// Getting request headers
 		$headers = apache_request_headers();
 		$response = array();

repo/create.sql

@@ -10,8 +10,9 @@ DROP TABLE IF EXISTS Users;
 CREATE TABLE Users (
   UserID VARCHAR(255) NOT NULL,
   PrettyName VARCHAR(255) NOT NULL,
-  PasswordHash VARCHAR(255) NOT NULL,
   APIKey VARCHAR(255) NOT NULL,
+  Administrator TINYINT(1) NOT NULL,
+  Moderator TINYINT(1) NOT NULL,
   LastLoginAddress VARCHAR(80) DEFAULT NULL,
   LastLogin DATETIME DEFAULT NULL,
   LastAPIAddress VARCHAR(80) DEFAULT NULL,

repo/db.inc.php

@@ -21,4 +21,10 @@
 			printf( "Error!  %s\n", $e->getMessage() );
 			die();
 	}
+
+	// OAuth 2.0 data
+        $ClientID = '493405997271-lsefoa9cbvo0rmb0id18cc67l6upt1ah.apps.googleusercontent.com';
+        $ClientSecret = 'feohssBYVMH6mHDMM97ZpmOG';
+
+	session_start();
 ?>

repo/repo.inc.php

@@ -108,7 +108,7 @@ function viewStatus( $RequestID = null, $UserID = null ) {
 		$mfgList = array();
 		$st->setFetchMode( PDO::FETCH_CLASS, "ManufacturersQueue" );
 		while ( $mfgRow = $st->fetch() ) {
-			$mfgList[] = ManufacturersQueue::RowToObject( $mfgRow );
+			$mfgList[] = $mfgRow;
 		}
 
 		return $mfgList;
@@ -250,12 +250,12 @@ class Users {
 	var $UserID;
 	var $PrettyName;
 	var $APIKey;
+	var $Administrator;
+	var $Moderator;
 	var $LastLoginAddress;
 	var $LastLogin;
 	var $LastAPIAddress;
 	var $LastAPILogin;
-	var $Administrator;
-	var $Moderator;
 	var $Disabled;
 
 	function prepare( $sql ) {
@@ -325,18 +325,22 @@ function verifyAPIKey( $APIKey, $IPAddress ) {
 	function verifyLogin( $IPAddress ) {
 		$st = $this->prepare( "select * from Users where UserID=:UserID and Disabled=false" );
 		$st->execute( array( ":UserID"=>$this->UserID ) );
-		$st->FetchMode( PDO::FETCH_CLASS, "Users" );
+		$st->setFetchMode( PDO::FETCH_CLASS, "Users" );
 		$row = $st->fetch();
 
 		if ( $row->UserID == null ) {
 			return false;
 		}
 
+		foreach( $row as $key=>$value ) {
+			$this->$key = $value;
+		}
+
 		// This counts as a login, so update the LastLogin time and IP Address
 		$st = $this->prepare( "update Users set LastLoginAddress=:IPAddress, LastLogin=now() where UserID=:UserID" );
 		$st->execute( array( ":IPAddress"=>$IPAddress, ":UserID"=>$this->UserID ) );
 
-		return $row;
+		return true;
 	}
 }