refactor dealproxy

This commit is contained in:
7181128 2026-05-24 16:41:00 +03:00
parent 29d7b63200
commit fc526909df
2 changed files with 116 additions and 167 deletions

View File

@ -1,169 +1,6 @@
<?php
require_once __DIR__ . '/../engine/classes/DealProxy.php';
// CORS заголовки
header("Access-Control-Allow-Origin: *");
header("Access-Control-Allow-Credentials: true");
header("Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS");
header("Access-Control-Allow-Headers: Accept, Content-Type, X-Requested-With, Authorization");
if ($_SERVER['REQUEST_METHOD'] === 'OPTIONS') {
http_response_code(204);
exit;
}
function logMessage($message)
{
$logFile = __DIR__ . '/proxy.log';
$date = date('Y-m-d H:i:s');
file_put_contents($logFile, "[$date] $message\n", FILE_APPEND);
}
$path = isset($_GET['path']) ? $_GET['path'] : '';
unset($_GET['path']);
$query_params = http_build_query($_GET);
$api_url = "https://llar.joyworkdev.ru/api/" . ltrim($path, '/');
if (!empty($query_params)) {
$api_url .= '?' . $query_params;
}
$contentType = isset($_SERVER['CONTENT_TYPE']) ? $_SERVER['CONTENT_TYPE'] : '';
$isMultipart = strpos($contentType, 'multipart/form-data') !== false;
$headers = [
'Accept: application/json',
];
$sessionIdFromCookie = isset($_COOKIE['PHPSESSID']) ? $_COOKIE['PHPSESSID'] : null;
if ($sessionIdFromCookie) {
$headers[] = "Cookie: PHPSESSID=$sessionIdFromCookie";
}
if (!empty($_SERVER['HTTP_X_SESSION_ID'])) {
$headers[] = 'X-Session-ID: ' . $_SERVER['HTTP_X_SESSION_ID'];
}
// Basic Auth для dev.joywork.ru
//$headers[] = 'Authorization: Basic YWRtaW5sb2dpbjphZG1pbnBhc3N3b3Jk'; // adminlogin:adminpassword
//$headers[] = 'Content-Type: application/json';
$originalContentType = isset($_SERVER['HTTP_CONTENT_TYPE']) ? $_SERVER['HTTP_CONTENT_TYPE'] : isset($_SERVER['CONTENT_TYPE']) ? $_SERVER['CONTENT_TYPE'] : '';
logMessage("Incoming Content-Type: '$originalContentType'");
// Передаём Content-Type, который пришёл от клиента (Vue)
if ($originalContentType) {
$headers[] = 'Content-Type: ' . $originalContentType;
} else {
logMessage("WARNING: Incoming Content-Type was not detected.");
}
logMessage("Forwarding Content-Type: " . ($originalContentType ?: 'NOT SET'));
// Для multipart это бинарные данные, но мы передаём их как есть.
$contentLength = isset($_SERVER['CONTENT_LENGTH']) ? $_SERVER['CONTENT_LENGTH'] : 0;
$input_data = file_get_contents('php://input');
logMessage("Input data length: " . strlen($input_data));
//if ($isMultipart) {
// $name = isset($_POST['name']) ? $_POST['name'] : null;
// $target_id = (int)(isset($_POST['target_id']) ? $_POST['target_id'] : 0);
// $target_type = (int)(isset($_POST['target_type']) ? $_POST['target_type'] : 0);
// $parent = (int)(isset($_POST['parent']) ? $_POST['parent'] : 0);
//
// logMessage("Multipart upload started. name=$name, target_id=$target_id, target_type=$target_type, parent=$parent");
//
// if (isset($_FILES['file']) && $_FILES['file']['error'] === UPLOAD_ERR_OK) {
// $file = $_FILES['file'];
// logMessage("File received: " . $file['name'] . " (size: " . $file['size'] . " bytes)");
//
// $fileName = $file['name'];
// $filePath = 'documents/' . $fileName;
// $fullPath = $_SERVER['DOCUMENT_ROOT'] . '/' . $filePath;
//
// if (move_uploaded_file($file['tmp_name'], $fullPath)) {
// logMessage("File moved successfully to $fullPath");
//
// $mysqli = new mysqli("localhost", "user", "password", "database");
// if (!$mysqli->connect_error) {
// logMessage("DB connected successfully");
//
// $stmt = $mysqli->prepare("INSERT INTO documents (target_id, target_type, parent, name, file) VALUES (?, ?, ?, ?, ?)");
// $user_id = (int)(isset($_SESSION['id']) ? $_SESSION['id'] : 0);
// $stmt->bind_param("iiiis", $target_id, $target_type, $parent, $name, $filePath);
// $stmt->execute();
// $documentId = $stmt->insert_id;
// $stmt->close();
//
// logMessage("Document inserted with ID=$documentId");
//
// $api_url = "http://llar.joyworkdev.ru/api/documents/storeFromLegacy";
// $postData = json_encode([
// 'document_id' => $documentId,
// 'name' => $name,
// 'file' => $filePath,
// 'target_id' => $target_id,
// 'target_type' => $target_type,
// ]);
//
// $ch = curl_init();
// curl_setopt_array($ch, [
// CURLOPT_URL => $api_url,
// CURLOPT_RETURNTRANSFER => true,
// CURLOPT_CUSTOMREQUEST => 'POST',
// CURLOPT_POSTFIELDS => $postData,
// CURLOPT_HTTPHEADER => $headers,
// CURLOPT_HEADER => false,
// ]);
//
// $response = curl_exec($ch);
// $httpCode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
// curl_close($ch);
//
// logMessage("API response code=$httpCode, response=" . substr($response, 0, 200));
//
// http_response_code($httpCode);
// echo $response;
// exit;
// } else {
// logMessage("DB connection failed: " . $mysqli->connect_error);
// http_response_code(500);
// echo json_encode(['error' => 'DB connection failed']);
// exit;
// }
// } else {
// logMessage("Failed to move uploaded file");
// http_response_code(500);
// echo json_encode(['error' => 'Failed to save file']);
// exit;
// }
// } else {
// logMessage("File upload error: " . (isset($_FILES['file']['error']) ? $_FILES['file']['error'] : 'no file'));
// http_response_code(422);
// echo json_encode(['error' => 'File upload error']);
// exit;
// }
//}
$ch = curl_init();
curl_setopt_array($ch, [
CURLOPT_URL => $api_url,
CURLOPT_RETURNTRANSFER => true,
CURLOPT_CUSTOMREQUEST => $_SERVER['REQUEST_METHOD'],
CURLOPT_POSTFIELDS => $input_data,
CURLOPT_HTTPHEADER => $headers,
CURLOPT_HEADER => false,
]);
$response = curl_exec($ch);
$httpCode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
$curlError = curl_error($ch);
if ($curlError) {
logMessage("cURL Error: " . $curlError);
}
curl_close($ch);
http_response_code($httpCode);
echo $response;
$proxy = new DealProxy();
$proxy->handle();
?>

View File

@ -0,0 +1,112 @@
<?php
/**
* Proxy class for forwarding Deal API requests.
*
* Handles CORS, builds request headers (including session cookies),
* forwards the request to the legacy API and returns the response.
*/
class DealProxy
{
/** Path to log file */
private $logFile;
public function __construct()
{
$this->logFile = __DIR__ . '/proxy.log';
}
/** Simple logger */
private function logMessage(string $message): void
{
$date = date('Y-m-d H:i:s');
file_put_contents($this->logFile, "[$date] $message\n", FILE_APPEND);
}
/** Build the target URL based on incoming request */
private function buildTargetUrl(): string
{
$path = $_GET['path'] ?? '';
unset($_GET['path']);
$query = http_build_query($_GET);
$apiUrl = "https://llar.joyworkdev.ru/api/" . ltrim($path, '/');
if ($query) {
$apiUrl .= '?' . $query;
}
return $apiUrl;
}
/** Build headers for the forwarded request */
private function buildHeaders(): array
{
$headers = [
'Accept: application/json',
];
// Preserve original Content-Type if present
$originalContentType = $_SERVER['CONTENT_TYPE'] ?? '';
if ($originalContentType) {
$headers[] = 'Content-Type: ' . $originalContentType;
$this->logMessage("Incoming Content-Type: '$originalContentType'");
} else {
$this->logMessage('WARNING: Incoming Content-Type not detected');
}
// Pass session cookie if exists
if (!empty($_COOKIE['PHPSESSID'])) {
$headers[] = 'Cookie: PHPSESSID=' . $_COOKIE['PHPSESSID'];
}
// Pass custom header from Vue if present
if (!empty($_SERVER['HTTP_X_SESSION_ID'])) {
$headers[] = 'X-Session-ID: ' . $_SERVER['HTTP_X_SESSION_ID'];
}
return $headers;
}
/** Forward the request using cURL and output the response */
private function forwardRequest(string $targetUrl, array $headers, string $method, string $body): void
{
$ch = curl_init();
curl_setopt_array($ch, [
CURLOPT_URL => $targetUrl,
CURLOPT_RETURNTRANSFER => true,
CURLOPT_CUSTOMREQUEST => $method,
CURLOPT_POSTFIELDS => $body,
CURLOPT_HTTPHEADER => $headers,
CURLOPT_HEADER => false,
]);
$response = curl_exec($ch);
$httpCode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
$curlError = curl_error($ch);
if ($curlError) {
$this->logMessage('cURL Error: ' . $curlError);
}
curl_close($ch);
http_response_code($httpCode);
echo $response;
}
/** Main handler called from index.php */
public function handle(): void
{
// CORS headers keep them here to be sent before any output
header('Access-Control-Allow-Origin: *');
header('Access-Control-Allow-Credentials: true');
header('Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS');
header('Access-Control-Allow-Headers: Accept, Content-Type, X-Requested-With, Authorization');
if ($_SERVER['REQUEST_METHOD'] === 'OPTIONS') {
http_response_code(204);
exit;
}
$targetUrl = $this->buildTargetUrl();
$headers = $this->buildHeaders();
$method = $_SERVER['REQUEST_METHOD'];
$body = file_get_contents('php://input');
$this->logMessage('Forwarding request to ' . $targetUrl);
$this->forwardRequest($targetUrl, $headers, $method, $body);
}
}
?>