| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132 |
- <?php
- /**
- * Base REST API Controller for the plugin.
- *
- * This class handles base REST API functionality, including authentication
- * and permissions.
- *
- * @package QDR_Temporary_Shared_Storage
- * @since 1.0.0
- */
- class QDR_TSS_REST_Controller {
- /**
- * The plugin name.
- *
- * @since 1.0.0
- * @access private
- * @var string $plugin_name The name of this plugin.
- */
- private $plugin_name;
- /**
- * The plugin version.
- *
- * @since 1.0.0
- * @access private
- * @var string $version The version of this plugin.
- */
- private $version;
- /**
- * The settings instance.
- *
- * @since 1.0.0
- * @access private
- * @var QDR_TSS_Settings $settings The settings instance.
- */
- private $settings;
- /**
- * Initialize the class and set its properties.
- *
- * @since 1.0.0
- * @param string $plugin_name The name of this plugin.
- * @param string $version The version of this plugin.
- */
- public function __construct($plugin_name, $version) {
- $this->plugin_name = $plugin_name;
- $this->version = $version;
- $this->settings = QDR_TSS_Settings::instance();
- }
- /**
- * Register the REST API routes.
- *
- * @since 1.0.0
- */
- public function register_routes() {
- // Media Controller
- $media_controller = new QDR_TSS_Media_Controller($this->plugin_name, $this->version);
- $media_controller->register_routes();
-
- // Upload Controller
- $upload_controller = new QDR_TSS_Upload_Controller($this->plugin_name, $this->version);
- $upload_controller->register_routes();
- }
- /**
- * Check API key for REST API requests.
- *
- * @since 1.0.0
- * @param WP_Error|null $result The authentication result so far.
- * @return WP_Error|null The authentication result.
- */
- public function check_api_key($result) {
- // Only check for our namespace
- if (empty($result) && strpos($_SERVER['REQUEST_URI'], '/wp-json/qdr-tss/') !== false) {
- $headers = $this->get_all_headers();
- $api_key = isset($headers['X-Api-Key']) ? $headers['X-Api-Key'] : '';
-
- if (!$this->settings->validate_api_key($api_key)) {
- return new WP_Error(
- 'rest_forbidden',
- __('Invalid API key.', 'qdr-temporary-shared-storage'),
- array('status' => 403)
- );
- }
- }
-
- return $result;
- }
- /**
- * Check REST API permissions.
- *
- * @since 1.0.0
- * @return bool True if authorized, false otherwise.
- */
- public function check_rest_permission() {
- $headers = $this->get_all_headers();
- $api_key = isset($headers['X-Api-Key']) ? $headers['X-Api-Key'] : '';
-
- return $this->settings->validate_api_key($api_key);
- }
- /**
- * Get all headers.
- *
- * @since 1.0.0
- * @return array All headers.
- */
- private function get_all_headers() {
- if (function_exists('getallheaders')) {
- return getallheaders();
- }
-
- // Manually get headers if getallheaders() is not available
- $headers = array();
- foreach ($_SERVER as $name => $value) {
- if (substr($name, 0, 5) === 'HTTP_') {
- $name = str_replace(' ', '-', ucwords(strtolower(str_replace('_', ' ', substr($name, 5)))));
- $headers[$name] = $value;
- } elseif ($name === 'CONTENT_TYPE') {
- $headers['Content-Type'] = $value;
- } elseif ($name === 'CONTENT_LENGTH') {
- $headers['Content-Length'] = $value;
- }
- }
-
- return $headers;
- }
- }
|