Merge branch 'release/v1.2.8'

Sebiworld · Feb 19, 2023 · e6f07ea · e6f07ea
2 parents 5ff093a + 5b466ba
commit e6f07ea
Show file tree

Hide file tree

Showing 5 changed files with 21 additions and 44 deletions.
diff --git a/AppApi.module.php b/AppApi.module.php
@@ -24,7 +24,7 @@ public static function getModuleInfo() {
 		return [
 			'title' => 'AppApi',
 			'summary' => 'Module to create a REST API with ProcessWire',
-			'version' => '1.2.7',
+			'version' => '1.2.8',
 			'author' => 'Sebastian Schendel',
 			'icon' => 'terminal',
 			'href' => 'https://modules.processwire.com/modules/app-api/',
@@ -82,7 +82,7 @@ private function createDBTables() {
     `title` varchar(100) NOT NULL,
     `description` TEXT,
     `authtype` int(11) NOT NULL,
-    `logintype` JSON NOT NULL,
+    `logintype` LONGTEXT NOT NULL,
     `token_secret` varchar(100) NOT NULL,
     `expires_in` int(11) NOT NULL,
     `accesstoken_secret` varchar(100) NOT NULL,
@@ -188,22 +188,21 @@ public function ___upgrade($fromVersion, $toVersion) {
 				$datenbank->exec($alterStatement);
 
 				$this->notices->add(new NoticeMessage('Successfully Altered Database-Scheme.'));
-			}  catch (\Exception $e) {
+			} catch (\Exception $e) {
 				$this->error('Error altering db-tables: ' . $e->getMessage());
 			}
 		} elseif (version_compare($fromVersion, '1.2.7', '<') && version_compare($toVersion, '1.2.6', '>')) {
 			// Add default_application column to application
 			try {
-
-        $alterStatement = '
-        ALTER TABLE `' . self::tableApplications . '` ADD COLUMN `logintype` JSON NOT NULL;
+				$alterStatement = '
+        ALTER TABLE `' . self::tableApplications . '` ADD COLUMN `logintype` LONGTEXT NOT NULL;
         ';
 
 				$datenbank = wire('database');
 				$datenbank->exec($alterStatement);
 
 				$this->notices->add(new NoticeMessage('Successfully Altered Database-Scheme.'));
-			}  catch (\Exception $e) {
+			} catch (\Exception $e) {
 				$this->error('Error altering db-tables: ' . $e->getMessage());
 			}
 		}

diff --git a/classes/Application.php b/classes/Application.php
@@ -55,9 +55,9 @@ public static function getAuthtypeLabel($authtype) {
 
 	public static function getLogintypeLabel($logintype) {
 		if ($logintype === self::logintypeOptions[0]) {
-			return __('Username sign-in');
+			return __('Username Sign-In');
 		} elseif ($logintype === self::logintypeOptions[1]) {
-			return __('Email sign-in');
+			return __('Email Sign-In');
 		}
 		return 'Unknown: ' . $loginype;
 	}

diff --git a/classes/Auth.php b/classes/Auth.php
@@ -129,15 +129,8 @@ public function ___doLogin($data) {
 			$username = isset($params->username) ? $params->username : null;
 			$password = isset($params->password) ? $params->password : null;
 
-			if (empty($username) || empty($password)) {
-				throw new AuthException('Login not successful', 401);
-			}
-
-			$user = $this->wire('users')->get('name=' . $username);
-
-			// prevent username sniffing by just throwing a general exception:
-			if ($user->id) {
-				$loggedIn = $this->wire('session')->login($user->name, $password);
+			if (!empty($username) && !empty($password)) {
+				$user = $this->wire('users')->get('name=' . $username);
 			}
 		}
 
@@ -150,15 +143,8 @@ public function ___doLogin($data) {
 			$email = isset($params->email) ? $params->email : (isset($params->username) ? $params->username : null);
 			$password = isset($params->password) ? $params->password : null;
 
-			if (empty($email) || empty($password)) {
-				throw new AuthException('Login not successful', 401);
-			}
-
-			$user = $this->wire('users')->get('email=' . $email);
-
-
-			if ($user->id) {
-				$loggedIn = $this->wire('session')->login($user->name, $password);
+			if (!empty($email) && !empty($password)) {
+				$user = $this->wire('users')->get('email=' . $email);
 			}
 		}
 
@@ -167,6 +153,9 @@ public function ___doLogin($data) {
 			throw new AuthException('Login not successful', 401);
 		}
 
+		$loggedIn = $this->wire('session')->login($user->name, $password);
+
+
 		if ($loggedIn) {
 			if ($this->application->getAuthtype() === Application::authtypeSession) {
 				return [
@@ -425,22 +414,10 @@ public function getLogintype($data) {
 
 		if (
 			isset($headersParams->username) &&
-			!empty($this->wire('sanitizer')->pageName($headersParams->username)) &&
-			isset($headersParams->password) &&
-			!empty('' . $headersParams->password)
-		) {
-			return [
-				'method' => 'any-password',
-				'params' => [
-					'username' => $headersParams->username,
-					'password' => $headersParams->password
-				],
-			];
-		}
-
-		if (
-			isset($headersParams->username) &&
-			!empty($this->wire('sanitizer')->email($headersParams->username)) &&
+			(
+				!empty($this->wire('sanitizer')->email($headersParams->username)) ||
+				!empty($this->wire('sanitizer')->pageName($headersParams->username))
+			) &&
 			isset($headersParams->password) &&
 			!empty('' . $headersParams->password)
 		) {

diff --git a/classes/Router.php b/classes/Router.php
@@ -61,6 +61,7 @@ public function ___go($registeredRoutes) {
 			}
 			$routesWithoutDuplicates = array_values($routesWithoutDuplicates);
 
+
 			// create FastRoute Dispatcher:
 			$router = function (\FastRoute\RouteCollector $r) use ($routesWithoutDuplicates) {
 				foreach ($routesWithoutDuplicates as $key => $route) {

diff --git a/views/execute-application.php b/views/execute-application.php
@@ -371,4 +371,4 @@
 		<i
 			class="fa fa-arrow-left"></i>&nbsp;<?= $this->_('Go Back'); ?>
 	</a>
-</p>
+</p>