-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathgetAppVersion.php
executable file
·86 lines (66 loc) · 2.58 KB
/
getAppVersion.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
<?php
error_reporting(E_ALL);
ini_set('display_errors', 1);
header("Access-Control-Allow-Origin: *");
header("Access-Control-Allow-Headers: *");
header("Access-Control-Allow-Methods: *");
include 'DbConnect.php';
//loading the environment variables
require_once __DIR__. '/vendor/autoload.php';
$dotenv = Dotenv\Dotenv::createImmutable(__DIR__ . '');
$dotenv->load();
class appVersionController {
private $headers;
private $expectedApiKey;
private $encryptedApikey;
// Generate a random encryption key and initialization vector (IV)
private $encryptionKey; // 256 bits key
private $iv ; // 128 bits IV
private $conn;
public function __construct() {
// Use the existing database connection from DbConnect
$objDb = new DbConnect();
$this->conn = $objDb->connect();
$this->expectedApiKey = $_ENV["ATTENDENCE"];
$this->encryptionKey = $_ENV["ENCRYPT_KEY"];
$this->iv = $_ENV["INIT_VEC"];
}
public function handleRequest() {
$headers = getallheaders();
$encryptedApiKey = isset($headers['Authorization']) ? $headers['Authorization'] : '';
$decryptedApiKey = $this->decryptData($encryptedApiKey, $this->encryptionKey, $this->iv);
if ($this->validateApiKey($decryptedApiKey)) {
$method = $_SERVER['REQUEST_METHOD'];
// assigning the function according to request methods
if ($method == 'GET') {
$this->getAppVersion();
} else {
// Handle exceptions here
http_response_code(405); // Method Not Allowed
echo json_encode(['error' => "Method not allowed"]);
}
}else {
// API key is invalid, deny access
http_response_code(403); // Forbidden
echo json_encode(['error' => 'Access denied. Invalid API key.']);
}
}
private function decryptData($data, $encryptionKey, $iv) {
$plainText = openssl_decrypt($data, 'AES-256-CFB', $encryptionKey, 0, $iv);
return $plainText;
}
private function validateApiKey($apiKey)
{
// Compare the extracted API key with the expected API key
return $apiKey === $this->expectedApiKey;
}
public function getAppVersion() {
$response = ['Latest App Version' => "1.3.0"];
header('Content-Type: application/json');
echo json_encode($response);
}
}
// Usage
$controller = new appVersionController();
$controller->handleRequest();
?>