cgsmith/caloriethingy.com
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Adding API

Browse Source
This commit is contained in:
Chris Smith
2025-02-20 20:09:01 +01:00
parent 0c639ce11e
commit 5f3d1359cf
15 changed files with 292 additions and 133 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
CHANGELOG.md
View File

@@ -11,6 +11,9 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
* SleekPlan javascript for user feedback
* "Today So Far" summary on the success page
* API for registering and login
* API for fetching meals, summary, and posting meal
* JWT tokens for API requests
### Changed
@@ -19,6 +22,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
### Removed
* Form fields not needed
* File name requirement from Meal model. Isn't necessary to have a file to record a meal
## [0.1.0] - 2025-02-10

28
api/components/JwtAuth.php Normal file
View File

@@ -0,0 +1,28 @@
<?php
namespace api\components;
use Firebase\JWT\JWT;
use Firebase\JWT\Key;
use Yii;
use yii\filters\auth\AuthMethod;
use yii\web\UnauthorizedHttpException;
class JwtAuth extends AuthMethod
{
public function authenticate($user, $request, $response)
{
$authHeader = $request->getHeaders()->get('Authorization');
if ($authHeader && preg_match('/^Bearer\s+(.*?)$/', $authHeader, $matches)) {
$jwt = $matches[1];
try {
$decoded = JWT::decode($jwt, new Key(Yii::$app->params['jwtSecret'], 'HS256'));
return $user->loginByAccessToken($decoded->sub);
} catch (\Exception $e) {
throw new UnauthorizedHttpException('Invalid token');
}
}
return null;
}
}

49
api/config/main.php
View File

@@ -1,4 +1,10 @@
<?php
use yii\log\FileTarget;
use yii\rest\UrlRule;
use yii\web\JsonParser;
use yii\web\UrlManager;
$params = array_merge(
require __DIR__ . '/../../common/config/params.php',
require __DIR__ . '/../../common/config/params-local.php',
@@ -10,41 +16,50 @@ return [
'id' => 'calorie-api',
'basePath' => dirname(__DIR__),
'controllerNamespace' => 'api\controllers',
'bootstrap' => ['log'],
'bootstrap' => [
'log' => [
'class' => '\yii\filters\ContentNegotiator',
'formats' => [
// comment next line to use GII
'application/json' => \yii\web\Response::FORMAT_JSON,
],
],
],
'modules' => [],
'components' => [
'request' => [
'csrfParam' => '_csrf-backend',
],
'user' => [
'identityClass' => 'common\models\User',
'enableAutoLogin' => true,
'identityCookie' => ['name' => '_identity-backend', 'httpOnly' => true],
],
'session' => [
// this is the name of the session cookie used for login on the backend
'name' => 'calorie-api',
'enableCookieValidation' => false,
'enableCsrfValidation' => false,
'parsers' => [
'application/json' => JsonParser::class,
]
],
'log' => [
'traceLevel' => YII_DEBUG ? 3 : 0,
'targets' => [
[
'class' => \yii\log\FileTarget::class,
'class' => FileTarget::class,
'levels' => ['error', 'warning'],
],
],
],
'errorHandler' => [
'errorAction' => 'site/error',
],
/*
'urlManager' => [
'class' => UrlManager::class,
'enablePrettyUrl' => true,
//'enableStrictParsing' => true,
'showScriptName' => false,
'rules' => [
['class' => UrlRule::class, 'controller' => ['meal', 'auth']],
'POST /meals/create-meal' => 'meal/create-meal',
'GET /meals/get-daily-summary' => 'meal/get-daily-summary',
],
],
*/
'user' => [
'identityClass' => \common\models\User::class,
'enableSession' => false,
'enableAutoLogin' => false,
'loginUrl' => null,
],
],
'params' => $params,
];

1
api/config/params.php
View File

@@ -1,4 +1,5 @@
<?php
return [
'jwtSecret' => '',
];

75
api/controllers/AuthController.php Normal file
View File

@@ -0,0 +1,75 @@
<?php
namespace api\controllers;
use common\models\User;
use Firebase\JWT\JWT;
use Yii;
use yii\rest\Controller;
use yii\web\Response;
class AuthController extends Controller
{
public function verbs()
{
return [
'register' => ['POST'],
'login' => ['POST'],
];
}
private function generateJwt($user)
{
$key = Yii::$app->params['jwtSecret']; // Set in params.php
$payload = [
'iss' => 'calorie-thingy',
'aud' => 'calorie-thingy',
'iat' => time(),
'exp' => time() + (60 * 60 * 24 * 7), // 7 days expiration
'sub' => $user->auth_key,
];
return JWT::encode($payload, $key, 'HS256');
}
public function actionRegister()
{
Yii::$app->response->format = Response::FORMAT_JSON;
$data = Yii::$app->request->post();
if (empty($data['email']) || empty($data['password'])) {
return ['error' => 'Email and password are required'];
}
if (User::findOne(['email' => $data['email']])) {
return ['error' => 'Email already exists'];
}
$user = new User();
$user->email = $data['email'];
$user->password_hash = Yii::$app->security->generatePasswordHash($data['password']);
$user->generateAuthKey();
$user->generateEmailVerificationToken();
if ($user->save()) {
return ['token' => $this->generateJwt($user)];
}
return ['error' => 'Registration failed'];
}
public function actionLogin()
{
Yii::$app->response->format = Response::FORMAT_JSON;
$data = Yii::$app->request->post();
$user = User::findOne(['email' => $data['email'] ?? null]);
if (!$user || !Yii::$app->security->validatePassword($data['password'], $user->password_hash)) {
return ['error' => 'Invalid credentials'];
}
// @todo not sure if it makes sense to generate an auth key each login via the API?
$user->generateAuthKey();
$user->save();
return ['token' => $this->generateJwt($user)];
}
}

84
api/controllers/MealController.php Normal file
View File

@@ -0,0 +1,84 @@
<?php
namespace api\controllers;
use api\components\JwtAuth;
use common\models\Meal;
use common\models\MealForm;
use Yii;
use yii\data\ActiveDataProvider;
use yii\rest\ActiveController;
use yii\web\Response;
use yii\web\UploadedFile;
class MealController extends ActiveController
{
public $modelClass = Meal::class;
public function behaviors()
{
$behaviors = parent::behaviors();
$behaviors['authenticator'] = [
'class' => JwtAuth::class,
];
return $behaviors;
}
public function actionCreateMeal()
{
Yii::$app->response->format = Response::FORMAT_JSON;
$model = new MealForm();
$model->picture = UploadedFile::getInstance($model, 'picture');
if ($model->upload()) {
$id = \Yii::$app->gemini->mealInquiry(Yii::getAlias('@frontend/web/'.$model->filepath));
return array_merge(['meal' => Meal::findOne($id)], $this->actionGetDailySummary());
}
return ['error' => 'Failed to save meal'];
}
public function actionGetDailySummary()
{
// @TODO make this a common function of the user maybe?
Yii::$app->response->format = Response::FORMAT_JSON;
$startOfDay = strtotime('today midnight');
$endOfDay = strtotime('tomorrow midnight') - 1;
$today = Meal::find()
->select([
'SUM(calories) AS calories',
'SUM(protein) AS protein',
'SUM(fat) AS fat',
'SUM(carbohydrates) AS carbohydrates',
'SUM(fiber) AS fiber'
])
->where(['user_id' => Yii::$app->user->id])
->andWhere(['between', 'created_at', $startOfDay, $endOfDay])
->asArray()
->one();
return ['summary' => $today];
}
public function actions()
{
$actions = parent::actions();
// Modify the index action
$actions['index']['prepareDataProvider'] = function() {
// Get the user_id from the JWT token
$userId = Yii::$app->user->identity->id;
// Create the query to filter meals by the authenticated user
$query = Meal::find()->where(['user_id' => $userId]);
// Return the data provider with the filtered query
return new ActiveDataProvider([
'query' => $query,
]);
};
return $actions;
}
}

106
api/controllers/SiteController.php
View File

@@ -1,106 +0,0 @@
<?php
namespace api\controllers;
use common\models\LoginForm;
use Yii;
use yii\filters\VerbFilter;
use yii\filters\AccessControl;
use yii\web\Controller;
use yii\web\Response;
/**
* Site controller
*/
class SiteController extends Controller
{
/**
* {@inheritdoc}
*/
public function behaviors()
{
return [
'access' => [
'class' => AccessControl::class,
'rules' => [
[
'actions' => ['login', 'error'],
'allow' => true,
],
[
'actions' => ['logout', 'index'],
'allow' => true,
'roles' => ['@'],
],
],
],
'verbs' => [
'class' => VerbFilter::class,
'actions' => [
'logout' => ['post'],
],
],
];
}
/**
* {@inheritdoc}
*/
public function actions()
{
return [
'error' => [
'class' => \yii\web\ErrorAction::class,
],
];
}
/**
* Displays homepage.
*
* @return string
*/
public function actionIndex()
{
return $this->render('index');
}
/**
* Login action.
*
* @return string|Response
*/
public function actionLogin()
{
if (!Yii::$app->user->isGuest) {
return $this->goHome();
}
$this->layout = 'blank';
$model = new LoginForm();
if ($model->load(Yii::$app->request->post()) && $model->login()) {
return $this->goBack();
}
$model->password = '';
return $this->render('login', [
'model' => $model,
]);
}
/**
* Logout action.
*
* @return Response
*/
public function actionLogout()
{
Yii::$app->user->logout();
return $this->goHome();
}
}

7
api/web/.htaccess Normal file
View File

@@ -0,0 +1,7 @@
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>

1
common/components/GeminiApiComponent.php
View File

@@ -120,6 +120,7 @@ class GeminiApiComponent extends \yii\base\Component
$meal->fat = $geminiMeal['fat'];
$meal->fiber = $geminiMeal['fiber'];
$meal->food_name = $geminiMeal['food_name'];
// @TODO if moved a job queue then this must be an object otherwise the queue is NOT aware of the user
$meal->user_id = Yii::$app->user->id;
$meal->file_name = $filePath;
Yii::debug($meal);

4
common/config/__autocomplete.php
View File

@@ -20,9 +20,7 @@ class Yii {
/**
* @property yii\rbac\DbManager $authManager
* @property \Da\User\Model\User $user
* @property \common\components\GeminiApiComponent $sonar
* @property \common\components\HubspotApiComponent $hubspot
* @property \common\components\GeminiApiComponent $gemini
* @property \common\components\PostmarkComponent $postmark
* @property \yii\queue\db\Queue $queue
*

30
common/models/Meal.php
View File

@@ -2,8 +2,10 @@
namespace common\models;
use Yii;
use yii\behaviors\TimestampBehavior;
use yii\db\ActiveRecord;
use yii\web\UnauthorizedHttpException;
/**
* This is the model class for table "meal".
@@ -53,7 +55,7 @@ class Meal extends ActiveRecord
public function rules()
{
return [
[['food_name', 'file_name', 'calories', 'protein', 'fat', 'carbohydrates', 'fiber'], 'required'],
[['food_name', 'calories', 'protein', 'fat', 'carbohydrates', 'fiber'], 'required'],
[['user_id', 'calories', 'protein', 'fat', 'carbohydrates', 'fiber', 'created_at', 'updated_at'], 'integer'],
[['file_name'], 'string', 'max' => 255],
];
@@ -76,4 +78,30 @@ class Meal extends ActiveRecord
'updated_at' => 'Updated At',
];
}
// Automatically set the user_id before saving a new meal
/**
* @throws UnauthorizedHttpException
*/
public function beforeSave($insert)
{
if ($this->isNewRecord) {
// Get the currently authenticated user's ID
if (Yii::$app->user->isGuest) {
throw new \yii\web\UnauthorizedHttpException('User not authenticated.');
}
// Set the user_id to the current authenticated user
$this->user_id = Yii::$app->user->identity->id;
}
return parent::beforeSave($insert);
}
// Define relationships (if any)
public function getUser()
{
return $this->hasOne(User::class, ['id' => 'user_id']);
}
}

4
frontend/models/MealForm.php → common/models/MealForm.php
View File

@@ -1,6 +1,6 @@
<?php
namespace frontend\models;
namespace common\models;
use Ramsey\Uuid\Uuid;
use Yii;
@@ -32,7 +32,7 @@ class MealForm extends Model
{
if ($this->validate()) {
$this->newFileName();
$this->picture->saveAs($this->filepath);
$this->picture->saveAs('@frontend/web/'.$this->filepath);
return true;
} else {
return false;

2
common/models/User.php
View File

@@ -182,7 +182,7 @@ class User extends ActiveRecord implements IdentityInterface
*/
public static function findIdentityByAccessToken($token, $type = null)
{
throw new NotSupportedException('"findIdentityByAccessToken" is not implemented.');
return static::findOne(['auth_key' => $token, 'status' => self::STATUS_ACTIVE]);
}
/**

25
console/migrations/m250220_180319_alter_meal_table_set_file_name_nullable.php Normal file
View File

@@ -0,0 +1,25 @@
<?php
use yii\db\Migration;
class m250220_180319_alter_meal_table_set_file_name_nullable extends Migration
{
/**
* {@inheritdoc}
*/
public function safeUp()
{
$this->alterColumn('{{%meal}}', 'file_name', $this->string()->null());
}
/**
* {@inheritdoc}
*/
public function safeDown()
{
echo "m250220_180319_alter_meal_table_set_file_name_nullable cannot be reverted.\n";
return false;
}
}

5
frontend/controllers/MealController.php
View File

@@ -3,14 +3,13 @@
namespace frontend\controllers;
use common\models\Meal;
use common\models\MealForm;
use common\models\search\MealSearch;
use frontend\models\MealForm;
use Yii;
use yii\data\ActiveDataProvider;
use yii\filters\AccessControl;
use yii\filters\VerbFilter;
use yii\web\Controller;
use yii\web\NotFoundHttpException;
use yii\filters\VerbFilter;
use yii\web\UploadedFile;
/**