Файл: upload/catalog/controller/api/login.php
Строк: 70
<?php
class ControllerApiLogin extends Controller {
public function index() {
$this->load->language('api/login');
$json = array();
$this->load->model('account/api');
// Check if IP is allowed
$ip_data = array();
$results = $this->model_account_api->getApiIps($this->config->get('config_api_id'));
foreach ($results as $result) {
$ip_data[] = $result['ip'];
}
if (!in_array($this->request->server['REMOTE_ADDR'], $ip_data)) {
$json['error']['ip'] = sprintf($this->language->get('error_ip'), $this->request->server['REMOTE_ADDR']);
}
if (!$json) {
// Login with API Key
$api_info = $this->model_account_api->getApiByKey($this->request->post['key']);
if ($api_info) {
$json['success'] = $this->language->get('text_success');
$sesion_name = 'temp_session_' . uniqid();
$session = new Session($this->session->getId(), $sesion_name);
// Set API ID
$session->data['api_id'] = $api_info['api_id'];
// Create Token
$json['token'] = $this->model_account_api->addApiSession($api_info['api_id'], $sesion_name, $session->getId(), $this->request->server['REMOTE_ADDR']);
} else {
$json['error']['key'] = $this->language->get('error_key');
}
}
if (isset($this->request->server['HTTP_ORIGIN'])) {
$this->response->addHeader('Access-Control-Allow-Origin: ' . $this->request->server['HTTP_ORIGIN']);
$this->response->addHeader('Access-Control-Allow-Methods: GET, PUT, POST, DELETE, OPTIONS');
$this->response->addHeader('Access-Control-Max-Age: 1000');
$this->response->addHeader('Access-Control-Allow-Headers: Content-Type, Authorization, X-Requested-With');
}
$this->response->addHeader('Content-Type: application/json');
$this->response->setOutput(json_encode($json));
}
}