update 39839999
This commit is contained in:
equippedcoding-master
@@ -28,7 +28,6 @@ $router->post('/get_tax',[AppfactoryStudio\Plugins\StripeModule::class, 'get_tax
|
||||
|
||||
|
||||
|
||||
|
||||
// Setup
|
||||
$router->get('/setup_stripe_register_plans',[AppfactoryStudio\Plugins\StripeModule::class, 'RegisterSubscriptionPlans']);
|
||||
|
||||
|
||||
113
portal/api/v1/modules/subscribers/.htaccess
Normal file
113
portal/api/v1/modules/subscribers/.htaccess
Normal file
@@ -0,0 +1,113 @@
|
||||
########## BEGIN RECOMMENDED RULES (COMMENT OUT OR UNCOMMENT AS NEEDED) ##########
|
||||
|
||||
### htaccess (https://github.com/delight-im/htaccess)
|
||||
### Copyright (c) delight.im (https://www.delight.im/)
|
||||
### Licensed under the MIT License (https://opensource.org/licenses/MIT)
|
||||
|
||||
Header set Access-Control-Allow-Origin "*"
|
||||
Header set Access-Control-Allow-Headers "Origin, X-Requested-With, Content-Type, Accept, Authorization"
|
||||
Header set Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS"
|
||||
|
||||
<IfModule mod_autoindex.c>
|
||||
|
||||
# Turn off directory listings for folders without default documents
|
||||
Options -Indexes
|
||||
|
||||
</IfModule>
|
||||
|
||||
<IfModule mod_negotiation.c>
|
||||
|
||||
# Disable 'MultiViews' implicit filename pattern matches
|
||||
Options -MultiViews
|
||||
|
||||
</IfModule>
|
||||
|
||||
# Serve "text/plain" and "text/html" documents as UTF-8 by default
|
||||
AddDefaultCharset utf-8
|
||||
|
||||
# Disable "ETag" headers so that browsers rely on the "Cache-Control" and "Expires" headers
|
||||
FileETag None
|
||||
|
||||
<ifModule mod_headers.c>
|
||||
|
||||
# Enable HTTP Strict Transport Security (HSTS) with a duration of six months (Uncomment 1 line below)
|
||||
# Header set Strict-Transport-Security max-age=15778800
|
||||
|
||||
</ifModule>
|
||||
|
||||
|
||||
<ifModule mod_rewrite.c>
|
||||
# Force 'www' (i.e. prefix the "bare" domain and all subdomains with 'www' through permanent redirects) (Uncomment 6 lines below)
|
||||
# RewriteCond %{HTTP_HOST} !^$
|
||||
# RewriteCond %{HTTP_HOST} !^www\. [NC]
|
||||
# RewriteCond %{HTTPS}s ^on(s)|
|
||||
# # RewriteCond %{REQUEST_SCHEME} ^http(s)|
|
||||
# # RewriteCond %{SERVER_PORT}s ^443(s)|
|
||||
# RewriteRule ^ http%1://www.%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
|
||||
|
||||
# Force HTTPS (Uncomment 4 lines below)
|
||||
# RewriteCond %{HTTPS} off
|
||||
# # RewriteCond %{REQUEST_SCHEME} http
|
||||
# # RewriteCond %{SERVER_PORT} !443
|
||||
# RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
|
||||
|
||||
</IfModule>
|
||||
|
||||
# Prevent access to non-minified CSS and JS (Uncomment 3 lines below)
|
||||
# <FilesMatch "(?<!.min)\.(css|js)$">
|
||||
# Require all denied
|
||||
# </FilesMatch>
|
||||
|
||||
# Show a custom error document for "404 Not Found" errors (Uncomment 1 line below)
|
||||
# ErrorDocument 404 /notFound.html
|
||||
|
||||
# Announce contact information for security issues (Uncomment 2 lines below)
|
||||
# Header set X-Vulnerability-Disclosure "https://www.example.com/security"
|
||||
# Header set X-Security-Contact "security@example.com"
|
||||
|
||||
########## END RECOMMENDED RULES ##########
|
||||
|
||||
########## BEGIN CUSTOM RULES (YOUR OWN RULES GO HERE) ##########
|
||||
|
||||
# Add your rules here ...
|
||||
|
||||
########## END CUSTOM RULES ##########
|
||||
|
||||
<IfModule mod_rewrite.c>
|
||||
RewriteEngine On
|
||||
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
|
||||
RewriteBase /
|
||||
RewriteRule ^index\.php$ - [L]
|
||||
RewriteCond %{REQUEST_FILENAME} !-f
|
||||
RewriteCond %{REQUEST_FILENAME} !-d
|
||||
RewriteRule . /v1/modules/subscribers/index.php [L]
|
||||
</IfModule>
|
||||
<IfModule mod_headers.c>
|
||||
Header set Access-Control-Allow-Origin "*"
|
||||
|
||||
|
||||
# Prevent clickjacking (forbids framing by third-party sites)
|
||||
Header set X-Frame-Options sameorigin
|
||||
|
||||
# Prevent content sniffing (MIME sniffing)
|
||||
Header set X-Content-Type-Options nosniff
|
||||
|
||||
# Attempt to enable XSS filters in browsers, if available, and block reflected XSS
|
||||
Header set X-XSS-Protection "1; mode=block"
|
||||
|
||||
# Cache media files for a month
|
||||
<FilesMatch "\.(js|css|jpg|jpeg|png|svg|webp|gif|ico|ogg|mp4|webm)$">
|
||||
Header set Cache-Control max-age=2629800
|
||||
</FilesMatch>
|
||||
|
||||
# Remove response headers that provide no value but leak information
|
||||
Header always unset X-Powered-By
|
||||
|
||||
Header unset Server
|
||||
|
||||
# Disable "ETag" headers so that browsers rely on the "Cache-Control" and "Expires" headers
|
||||
Header unset ETag
|
||||
</IfModule>
|
||||
|
||||
|
||||
|
||||
21
portal/api/v1/modules/subscribers/index.php
Normal file
21
portal/api/v1/modules/subscribers/index.php
Normal file
@@ -0,0 +1,21 @@
|
||||
<?php
|
||||
// require __DIR__ . "/vendor/autoload.php";
|
||||
$dir = dirname( __DIR__, 4 );
|
||||
|
||||
$path = $dir . "/admin/core/api/php/includes/init.php";
|
||||
require $path;
|
||||
$router = new AppfactoryStudio\Core\Router();
|
||||
|
||||
|
||||
|
||||
// TODO_1: Rate limit or even ban ips that are not stripe to prevent DDOS attacks
|
||||
|
||||
$router->post('/get_catalogs',[AppfactoryStudio\Plugins\Subscribers::class, 'get_catalogs']);
|
||||
$router->get('/get_catalogs',[AppfactoryStudio\Plugins\Subscribers::class, 'get_catalogs']);
|
||||
$router->post('/create_subscriber',[AppfactoryStudio\Plugins\Subscribers::class, 'create_subscriber']);
|
||||
|
||||
|
||||
|
||||
echo $router->UrlResolve("/v1/modules/subscribers", $_SERVER['REQUEST_URI'], strtolower($_SERVER['REQUEST_METHOD']));
|
||||
|
||||
|
||||
Reference in New Issue
Block a user