mirror of
https://github.com/ellite/Wallos.git
synced 2026-01-01 03:18:15 -05:00
ba6dddf526
fix: accept both api_key and apiKey as parameter on the api feat: allow to disable password login when oidc is enabled feat: add get_oidc_settings endpoint to the api feat: refactor css colors feat: ai recommendations with chatgpt, gemini or ollama feat: display ai recommendations on the dashboard
117 lines
3.0 KiB
PHP
117 lines
3.0 KiB
PHP
<?php
|
|
/*
|
|
This API Endpoint accepts both POST and GET requests.
|
|
It receives the following parameters:
|
|
- api_key: the API key of the user.
|
|
|
|
It returns a JSON object with the following properties:
|
|
- success: whether the request was successful (boolean).
|
|
- title: the title of the response (string).
|
|
- admin_settings: an object containing the admin settings.
|
|
- notes: warning messages or additional information (array).
|
|
|
|
Example response:
|
|
{
|
|
"success": true,
|
|
"title": "admin_settings",
|
|
"admin_settings": {
|
|
"registrations_open": 1,
|
|
"max_users": 100,
|
|
"require_email_verification": 1,
|
|
"server_url": "http://example.com",
|
|
"smtp_address": "smtp.example.com",
|
|
"smtp_port": 587,
|
|
"smtp_username": "admin@example.com",
|
|
"smtp_password": "********",
|
|
"from_email": "no-reply@example.com",
|
|
"encryption": "tls",
|
|
"login_disabled": 0,
|
|
"latest_version": "v1.0.0",
|
|
"update_notification": 1
|
|
},
|
|
"notes": []
|
|
}
|
|
*/
|
|
|
|
require_once '../../includes/connect_endpoint.php';
|
|
|
|
header('Content-Type: application/json; charset=UTF-8');
|
|
|
|
if ($_SERVER["REQUEST_METHOD"] === "POST" || $_SERVER["REQUEST_METHOD"] === "GET") {
|
|
// if the parameters are not set, return an error
|
|
|
|
$apiKey = $_REQUEST['api_key'] ?? $_REQUEST['apiKey'] ?? null;
|
|
|
|
if (!$apiKey) {
|
|
$response = [
|
|
"success" => false,
|
|
"title" => "Missing parameters"
|
|
];
|
|
echo json_encode($response);
|
|
exit;
|
|
}
|
|
|
|
|
|
// Get user from API key
|
|
$sql = "SELECT * FROM user WHERE api_key = :apiKey";
|
|
$stmt = $db->prepare($sql);
|
|
$stmt->bindValue(':apiKey', $apiKey);
|
|
$result = $stmt->execute();
|
|
$user = $result->fetchArray(SQLITE3_ASSOC);
|
|
|
|
// If the user is not found, return an error
|
|
if (!$user) {
|
|
$response = [
|
|
"success" => false,
|
|
"title" => "Invalid API key"
|
|
];
|
|
echo json_encode($response);
|
|
exit;
|
|
}
|
|
|
|
$userId = $user['id'];
|
|
|
|
if ($userId !== 1) {
|
|
$response = [
|
|
"success" => false,
|
|
"title" => "Invalid user"
|
|
];
|
|
echo json_encode($response);
|
|
exit;
|
|
}
|
|
|
|
$sql = "SELECT * FROM 'admin'";
|
|
$stmt = $db->prepare($sql);
|
|
$stmt->bindValue(':userId', $userId);
|
|
$result = $stmt->execute();
|
|
$admin_settings = $result->fetchArray(SQLITE3_ASSOC);
|
|
|
|
if ($admin_settings) {
|
|
unset($admin_settings['id']);
|
|
// if the smtp_password is set, hide it
|
|
if (isset($admin_settings['smtp_password'])) {
|
|
$admin_settings['smtp_password'] = "********";
|
|
}
|
|
}
|
|
|
|
$response = [
|
|
"success" => true,
|
|
"title" => "admin_settings",
|
|
"admin_settings" => $admin_settings,
|
|
"notes" => []
|
|
];
|
|
|
|
echo json_encode($response);
|
|
|
|
$db->close();
|
|
|
|
} else {
|
|
$response = [
|
|
"success" => false,
|
|
"title" => "Invalid request method"
|
|
];
|
|
echo json_encode($response);
|
|
exit;
|
|
}
|
|
|
|
?>
|