3 * Laconica - a distributed open-source microblogging tool
4 * Copyright (C) 2008, Controlez-Vous, Inc.
6 * This program is free software: you can redistribute it and/or modify
7 * it under the terms of the GNU Affero General Public License as published by
8 * the Free Software Foundation, either version 3 of the License, or
9 * (at your option) any later version.
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU Affero General Public License for more details.
16 * You should have received a copy of the GNU Affero General Public License
17 * along with this program. If not, see <http://www.gnu.org/licenses/>.
20 if (!defined('LACONICA')) { exit(1); }
22 // XXX: Not sure of terminology yet... maybe call things "api_methods" insteads of "commands"
24 class ApiAction extends Action {
26 function handle($args) {
27 parent::handle($args);
29 $command = $this->arg('command');
31 # XXX Maybe check to see if the command actually exists first
33 if($this->requires_auth($command)) {
34 if (!isset($_SERVER['PHP_AUTH_USER'])) {
36 # This header makes basic auth go
37 header('WWW-Authenticate: Basic realm="Laconica API');
39 # if the user hits cancel -- bam!
40 common_show_basic_auth_error();
42 $nickname = $_SERVER['PHP_AUTH_USER'];
43 $password = $_SERVER['PHP_AUTH_PW'];
44 $user = common_check_user($nickname, $password);
47 $this->process_command($command, $nickname, $password);
49 # basic authentication failed
50 common_show_basic_auth_error();
55 $this->process_command($command);
59 # this is where we can dispatch off to api Class files
60 function process_command($command, $nickname=NULL, $password=NULL) {
62 $parts = explode('.', $command);
63 $api_action = "api_$parts[0]";
64 $extension = $parts[1]; # requested content type
66 $api_actionfile = INSTALLDIR."/actions/$api_action.php";
68 if (file_exists($api_actionfile)) {
69 require_once($api_actionfile);
70 $action_class = ucfirst($api_action)."Action";
71 $action_obj = new $action_class();
73 # need to pass off nick and password and stuff ... put in $args? constructor?
74 # pull from $_REQUEST later?
75 call_user_func(array($action_obj, 'handle'), $_REQUEST);
78 # need appropriate API error functs
83 # Whitelist of API methods that don't need authentication
84 function requires_auth($command) {
86 # The only command that doesn't in Twitter's API is public_timeline
87 if (ereg('^public_timeline.*$', $command)) {