moemoe89 · andabral · May 6, 2023 · May 6, 2023 · May 6, 2023 · May 7, 2023
diff --git a/README.md b/README.md
@@ -6,14 +6,18 @@ Simple source code for learning basic backend developer using REST API (login, C
 
 # Setup
 Download or clone [Master File](simple-codeigniter-rest-api)
-and then config & import MySQL database 
+and then config & import database:
+
+-MySQL
+-PostgreSQL
+
 
 You can use [POSTMAN](https://www.getpostman.com/) or anything else for simulate frontend
 
 # Test the API
 You can test the API by including header `Content-Type`,`Client-Service` & `Auth-Key` with value `application/json`,`frontend-client` & `simplerestapi` in every request
 
-And for API except `login` you must include `id` & `token` that you get after successfully login. The header for both look like this `User-ID` & `Authorization`
+And for API except `login` you must include `id` & `token` that you get after successfully login. The header for both look like this `User` & `Authorization`
 
 List of the API :
 

diff --git a/application/config/database.php b/application/config/database.php
@@ -72,12 +72,12 @@
 */
 $active_group = 'default';
 $query_builder = TRUE;
-
+/*
 $db['default'] = array(
 	'dsn'	=> '',
 	'hostname' => 'localhost',
 	'username' => 'root',
-	'password' => 'root',
+	'password' => '',
 	'database' => 'ci_rest_api',
 	'dbdriver' => 'mysqli',
 	'dbprefix' => '',
@@ -94,3 +94,26 @@
 	'failover' => array(),
 	'save_queries' => TRUE
 );
+*/
+
+$db['default'] = array(
+	'dsn'	=> '',
+	'hostname' => 'localhost',
+	'username' => 'andabral',
+	'password' => 'Prueba',
+	'database' => 'ci_rest_api',
+	'dbdriver' => 'postgre',
+	'dbprefix' => '',
+	'pconnect' => FALSE,
+	'db_debug' => (ENVIRONMENT !== 'production'),
+	'cache_on' => FALSE,
+	'cachedir' => '',
+	'char_set' => 'utf8',
+	'dbcollat' => 'utf8_general_ci',
+	'swap_pre' => '',
+	'encrypt' => FALSE,
+	'compress' => FALSE,
+	'stricton' => FALSE,
+	'failover' => array(),
+	'save_queries' => TRUE
+);
diff --git a/application/models/MyModel.php b/application/models/MyModel.php
@@ -1,6 +1,6 @@
 <?php
 defined('BASEPATH') OR exit('No direct script access allowed');
-
+date_default_timezone_set('America/Guayaquil');
 class MyModel extends CI_Model {
 
     var $client_service = "frontend-client";
@@ -25,19 +25,46 @@ public function login($username,$password)
             $hashed_password = $q->password;
             $id              = $q->id;
             if (hash_equals($hashed_password, crypt($password, $hashed_password))) {
-               $last_login = date('Y-m-d H:i:s');
-               $token = crypt(substr( md5(rand()), 0, 7));
-               $expired_at = date("Y-m-d H:i:s", strtotime('+12 hours'));
-               $this->db->trans_start();
-               $this->db->where('id',$id)->update('users',array('last_login' => $last_login));
-               $this->db->insert('users_authentication',array('users_id' => $id,'token' => $token,'expired_at' => $expired_at));
-               if ($this->db->trans_status() === FALSE){
-                  $this->db->trans_rollback();
-                  return array('status' => 500,'message' => 'Internal server error.');
-               } else {
-                  $this->db->trans_commit();
-                  return array('status' => 200,'message' => 'Successfully login.','id' => $id, 'token' => $token);
-               }
+                $obj_ua  = $this->db->from('users_authentication')->where('users_id',$q->id)->where('estado = 1')->get();
+
+                $last_login = date('Y-m-d H:i:s');
+
+                if($obj_ua->num_rows() > 0){
+                    $ua=$obj_ua->row();
+                    //print_r($ua);
+                    //echo "<br/>".$last_login;
+                    //echo "<br/>".$ua->expired_at;
+                    if(strtotime($last_login) <= strtotime($ua->expired_at) ){
+                        return array('status' => 200,'message' => 'Token was generated which expires on '.$ua->expired_at,'user' => $username, 'token' => $ua->token);
+                    }else{
+                        $this->db->where('users_id',$id)->update('users_authentication',array('estado' => 0));
+                        $token = crypt(substr( md5(rand()), 0, 7),'$5$rounds=5000$fragatausesystringforsalt$');
+                        echo $expired_at = date("Y-m-d H:i:s", strtotime('+12 hours'));
+                        $this->db->trans_start();
+                        $this->db->where('id',$id)->update('users',array('last_login' => $last_login));
+                        $this->db->insert('users_authentication',array('users_id' => $id,'token' => $token,'expired_at' => $expired_at));
+                        if ($this->db->trans_status() === FALSE){
+                            $this->db->trans_rollback();
+                            return array('status' => 500,'message' => 'Internal server error.');
+                        } else {
+                            $this->db->trans_commit();
+                            return array('status' => 200,'message' => 'Successfully login.','user' => $username, 'token' => $token);
+                        }
+                    }                    
+                }else{   
+                    $token = crypt(substr( md5(rand()), 0, 7),'$5$rounds=5000$fragatausesystringforsalt$');
+                    $expired_at = date("Y-m-d H:i:s", strtotime('+12 hours'));
+                    $this->db->trans_start();
+                    $this->db->where('id',$id)->update('users',array('last_login' => $last_login));
+                    $this->db->insert('users_authentication',array('users_id' => $id,'token' => $token,'expired_at' => $expired_at));
+                    if ($this->db->trans_status() === FALSE){
+                        $this->db->trans_rollback();
+                        return array('status' => 500,'message' => 'Internal server error.');
+                    } else {
+                        $this->db->trans_commit();
+                        return array('status' => 200,'message' => 'Successfully login.','user' => $username, 'token' => $token);
+                    }
+                }
             } else {
                return array('status' => 204,'message' => 'Wrong password.');
             }
@@ -46,26 +73,27 @@ public function login($username,$password)
 
     public function logout()
     {
-        $users_id  = $this->input->get_request_header('User-ID', TRUE);
+        $users_id  = $this->input->get_request_header('User', TRUE);
         $token     = $this->input->get_request_header('Authorization', TRUE);
         $this->db->where('users_id',$users_id)->where('token',$token)->delete('users_authentication');
         return array('status' => 200,'message' => 'Successfully logout.');
     }
 
     public function auth()
     {
-        $users_id  = $this->input->get_request_header('User-ID', TRUE);
+        $user  = $this->input->get_request_header('User', TRUE);
         $token     = $this->input->get_request_header('Authorization', TRUE);
-        $q  = $this->db->select('expired_at')->from('users_authentication')->where('users_id',$users_id)->where('token',$token)->get()->row();
+        $o  = $this->db->select('id')->from('users')->where('username',$user)->get()->row();
+        $q  = $this->db->select('expired_at')->from('users_authentication')->where('users_id',$o->id)->where('token',$token)->get()->row();
         if($q == ""){
             return json_output(401,array('status' => 401,'message' => 'Unauthorized.'));
         } else {
-            if($q->expired_at < date('Y-m-d H:i:s')){
+            if(strtotime($q->expired_at) < strtotime(date('Y-m-d H:i:s'))){echo $q->expired_at ."<br/>".date('Y-m-d H:i:s');
                 return json_output(401,array('status' => 401,'message' => 'Your session has been expired.'));
             } else {
                 $updated_at = date('Y-m-d H:i:s');
                 $expired_at = date("Y-m-d H:i:s", strtotime('+12 hours'));
-                $this->db->where('users_id',$users_id)->where('token',$token)->update('users_authentication',array('expired_at' => $expired_at,'updated_at' => $updated_at));
+                $this->db->where('users_id',$o->id)->where('token',$token)->update('users_authentication',array('expired_at' => $expired_at,'updated_at' => $updated_at));
                 return array('status' => 200,'message' => 'Authorized.');
             }
         }

diff --git a/ci_rest_api.sql b/ci_rest_api.sql
@@ -1,134 +1,80 @@
--- phpMyAdmin SQL Dump
--- version 4.5.1
--- http://www.phpmyadmin.net
---
--- Host: localhost
--- Generation Time: Dec 27, 2015 at 04:41 AM
--- Server version: 10.1.9-MariaDB
--- PHP Version: 5.5.30
-
-SET SQL_MODE = "NO_AUTO_VALUE_ON_ZERO";
-SET time_zone = "+00:00";
-
-
-/*!40101 SET @OLD_CHARACTER_SET_CLIENT=@@CHARACTER_SET_CLIENT */;
-/*!40101 SET @OLD_CHARACTER_SET_RESULTS=@@CHARACTER_SET_RESULTS */;
-/*!40101 SET @OLD_COLLATION_CONNECTION=@@COLLATION_CONNECTION */;
-/*!40101 SET NAMES utf8mb4 */;
-
---
--- Database: `ci_rest_api`
---
-
--- --------------------------------------------------------
-
---
--- Table structure for table `books`
---
-
-CREATE TABLE `books` (
-  `id` int(11) NOT NULL,
-  `title` varchar(255) NOT NULL,
-  `author` varchar(255) NOT NULL,
+/*
+ Navicat Premium Data Transfer
+
+ Source Server         : localMy
+ Source Server Type    : MySQL
+ Source Server Version : 50736 (5.7.36)
+ Source Host           : localhost:3306
+ Source Schema         : ci_rest_api
+
+ Target Server Type    : MySQL
+ Target Server Version : 50736 (5.7.36)
+ File Encoding         : 65001
+
+ Date: 06/05/2023 15:27:03
+*/
+
+SET NAMES utf8mb4;
+SET FOREIGN_KEY_CHECKS = 0;
+
+-- ----------------------------
+-- Table structure for books
+-- ----------------------------
+DROP TABLE IF EXISTS `books`;
+CREATE TABLE `books`  (
+  `id` int(11) NOT NULL AUTO_INCREMENT,
+  `title` varchar(255) CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL,
+  `author` varchar(255) CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL,
   `created_at` datetime NOT NULL DEFAULT CURRENT_TIMESTAMP,
-  `updated_at` datetime NOT NULL DEFAULT CURRENT_TIMESTAMP
-) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-
---
--- Dumping data for table `books`
---
-
-INSERT INTO `books` (`id`, `title`, `author`, `created_at`, `updated_at`) VALUES
-(1, 'Codeigniter Rest API', 'Momo Baruno', '2015-12-26 09:17:14', '2015-12-26 09:17:14');
-
--- --------------------------------------------------------
-
---
--- Table structure for table `users`
---
-
-CREATE TABLE `users` (
-  `id` int(11) NOT NULL,
-  `username` varchar(255) NOT NULL,
-  `password` varchar(255) NOT NULL,
-  `name` varchar(255) NOT NULL,
+  `updated_at` datetime NOT NULL DEFAULT CURRENT_TIMESTAMP,
+  PRIMARY KEY (`id`) USING BTREE
+) ENGINE = InnoDB AUTO_INCREMENT = 4 CHARACTER SET = utf8 COLLATE = utf8_general_ci ROW_FORMAT = Compact;
+
+-- ----------------------------
+-- Records of books
+-- ----------------------------
+INSERT INTO `books` VALUES (1, 'Codeigniter Rest API', 'Momo Baruno', '2015-12-26 09:17:14', '2015-12-26 09:17:14');
+
+-- ----------------------------
+-- Table structure for users
+-- ----------------------------
+DROP TABLE IF EXISTS `users`;
+CREATE TABLE `users`  (
+  `id` int(11) NOT NULL AUTO_INCREMENT,
+  `username` varchar(255) CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL,
+  `password` varchar(255) CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL,
+  `name` varchar(255) CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL,
   `last_login` datetime NOT NULL DEFAULT CURRENT_TIMESTAMP,
   `created_at` datetime NOT NULL DEFAULT CURRENT_TIMESTAMP,
-  `updated_at` datetime NOT NULL DEFAULT CURRENT_TIMESTAMP
-) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-
---
--- Dumping data for table `users`
---
-
-INSERT INTO `users` (`id`, `username`, `password`, `name`, `last_login`, `created_at`, `updated_at`) VALUES
-(1, 'admin', '$1$Dtqyvz7/$wZSaZbfHgn0UbLlVi1HHp0', 'Admin', '2015-12-27 11:30:55', '2015-12-25 10:35:16', '2015-12-25 10:35:16');
-
--- --------------------------------------------------------
-
---
--- Table structure for table `users_authentication`
---
-
-CREATE TABLE `users_authentication` (
-  `id` int(11) NOT NULL,
+  `updated_at` datetime NOT NULL DEFAULT CURRENT_TIMESTAMP,
+  PRIMARY KEY (`id`) USING BTREE,
+  UNIQUE INDEX `username`(`username`) USING BTREE
+) ENGINE = InnoDB AUTO_INCREMENT = 2 CHARACTER SET = utf8 COLLATE = utf8_general_ci ROW_FORMAT = Compact;
+
+-- ----------------------------
+-- Records of users
+-- ----------------------------
+INSERT INTO `users` VALUES (1, 'admin', '$1$Dtqyvz7/$wZSaZbfHgn0UbLlVi1HHp0', 'Admin', '2023-05-06 13:00:24', '2015-12-25 10:35:16', '2015-12-25 10:35:16');
+
+-- ----------------------------
+-- Table structure for users_authentication
+-- ----------------------------
+DROP TABLE IF EXISTS `users_authentication`;
+CREATE TABLE `users_authentication`  (
+  `id` int(11) NOT NULL AUTO_INCREMENT,
   `users_id` int(11) NOT NULL,
-  `token` varchar(255) NOT NULL,
+  `token` varchar(255) CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL,
+  `estado` smallint(5) UNSIGNED NOT NULL DEFAULT 1,
   `expired_at` datetime NOT NULL DEFAULT CURRENT_TIMESTAMP,
   `created_at` datetime NOT NULL DEFAULT CURRENT_TIMESTAMP,
-  `updated_at` datetime NOT NULL DEFAULT CURRENT_TIMESTAMP
-) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-
---
--- Dumping data for table `users_authentication`
---
-
-INSERT INTO `users_authentication` (`id`, `users_id`, `token`, `expired_at`, `created_at`, `updated_at`) VALUES
-(1, 1, '$1$6fjNSBRR$7lx.mxo/q1LbNO7f5.7w8.', '2015-12-27 23:28:00', '2015-12-27 11:28:00', '2015-12-27 11:28:00'),
-(2, 1, '$1$HY2H7rB0$2U.dlCsoHX21s/gvjCypG/', '2015-12-27 23:28:10', '2015-12-27 11:28:10', '2015-12-27 11:28:10');
-
---
--- Indexes for dumped tables
---
-
---
--- Indexes for table `books`
---
-ALTER TABLE `books`
-  ADD PRIMARY KEY (`id`);
-
---
--- Indexes for table `users`
---
-ALTER TABLE `users`
-  ADD PRIMARY KEY (`id`),
-  ADD KEY `username` (`username`);
-
---
--- Indexes for table `users_authentication`
---
-ALTER TABLE `users_authentication`
-  ADD PRIMARY KEY (`id`);
+  `updated_at` datetime NOT NULL DEFAULT CURRENT_TIMESTAMP,
+  PRIMARY KEY (`id`) USING BTREE
+) ENGINE = InnoDB AUTO_INCREMENT = 3 CHARACTER SET = utf8 COLLATE = utf8_general_ci ROW_FORMAT = Compact;
 
---
--- AUTO_INCREMENT for dumped tables
---
+-- ----------------------------
+-- Records of users_authentication
+-- ----------------------------
+INSERT INTO `users_authentication` VALUES (1, 1, '$5$rounds=5000$fragatausesystri$oVIBWXz7KrcRndHOW/c3nAFakbirPfPsmq32.2YxL58', 0, '2023-05-06 13:00:23', '2023-05-06 12:34:23', '2023-05-06 12:34:23');
+INSERT INTO `users_authentication` VALUES (2, 1, '$5$rounds=5000$fragatausesystri$M1rDx1Do0I..fQQuqPTpFa29Rr4bXTATQwJ.K086R51', 1, '2023-05-07 02:43:25', '2023-05-06 13:00:24', '2023-05-06 14:43:25');
 
---
--- AUTO_INCREMENT for table `books`
---
-ALTER TABLE `books`
-  MODIFY `id` int(11) NOT NULL AUTO_INCREMENT, AUTO_INCREMENT=3;
---
--- AUTO_INCREMENT for table `users`
---
-ALTER TABLE `users`
-  MODIFY `id` int(11) NOT NULL AUTO_INCREMENT, AUTO_INCREMENT=2;
---
--- AUTO_INCREMENT for table `users_authentication`
---
-ALTER TABLE `users_authentication`
-  MODIFY `id` int(11) NOT NULL AUTO_INCREMENT, AUTO_INCREMENT=4;
-/*!40101 SET CHARACTER_SET_CLIENT=@OLD_CHARACTER_SET_CLIENT */;
-/*!40101 SET CHARACTER_SET_RESULTS=@OLD_CHARACTER_SET_RESULTS */;
-/*!40101 SET COLLATION_CONNECTION=@OLD_COLLATION_CONNECTION */;
+SET FOREIGN_KEY_CHECKS = 1;