Moved to use X-Auth-Token header for auth and new url format for later use

html/.htaccess

@@ -8,6 +8,10 @@ RewriteBase /
 RewriteCond %{REQUEST_FILENAME} !-f
 RewriteCond %{REQUEST_FILENAME} !-d
 RewriteCond %{REQUEST_URI} !\.(js|ico|txt|gif|jpg|png|css|php)
+RewriteRule ^api/v1/(.*)$ api_v1.php/$1 [L]
+RewriteCond %{REQUEST_FILENAME} !-f
+RewriteCond %{REQUEST_FILENAME} !-d
+RewriteCond %{REQUEST_URI} !\.(js|ico|txt|gif|jpg|png|css|php)
 RewriteRule ^(.*)$ index.php/$1/
 
 AcceptPathInfo On

html/api.php

@@ -1,52 +0,0 @@
-<?php
-
-/*
- * LibreNMS
- *
- * Copyright (c) 2014 Neil Lathwood <https://github.com/laf/ http://www.lathwood.co.uk/fa>
- *
- * This program is free software: you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation, either version 3 of the License, or (at your
- * option) any later version.  Please see LICENSE.txt at the top level of
- * the source code distribution for details.
- */
-
-include_once("../includes/defaults.inc.php");
-include_once("../config.php");
-include_once("../includes/definitions.inc.php");
-include_once("../includes/common.php");
-include_once("../includes/console_colour.php");
-include_once("../includes/dbFacile.php");
-include_once("../includes/rewrites.php");
-include_once("includes/functions.inc.php");
-include_once("../includes/rrdtool.inc.php");
-require 'includes/Slim/Slim.php';
-\Slim\Slim::registerAutoloader();
-$app = new \Slim\Slim();
-require_once("../includes/api_functions.inc.php");
-$app->setName('api');
-
-$app->group('/get', function() use ($app) {
-  $app->group('/graph', function() use ($app) {
-    $app->group('/port', function() use ($app) {
-      $app->get('/id/:id(/:type)(/:width)(/:height)(/:from)(/:to)/:key(/)', 'authToken', 'get_graph_by_id');//api.php/get/graph/port/id/$port_id/$key
-      $app->get('/device/:id/:port(/:type)(/:width)(/:height)(/:from)(/:to)/:key(/)', 'authToken', 'get_graph_by_port');//api.php/get/graph/port/device/$device_id/$ifName/$key
-      $app->get('/hostname/:hostname/:port(/:type)(/:width)(/:height)(/:from)(/:to)/:key(/)', 'authToken', 'get_graph_by_port_hostname');//api.php/get/graph/port/device/$hostname/$ifName/$key
-    });
-    $app->group('/general', function() use ($app) {
-      $app->get('/device/:id/:type(/:width)(/:height)(/:from)(/:to)/:key(/)', 'authToken', 'get_graph_generic_by_deviceid');//api.php/get/graph/general/device/$device_id/$graph_type/$key
-      $app->get('/hostname/:hostname/:type(/:width)(/:height)(/:from)(/:to)/:key(/)', 'authToken', 'get_graph_generic_by_hostname');//api.php/get/graph/general/hostname/$hostname/$graph_type/$key
-    });
-  });
-  $app->group('/stats', function() use ($app) {
-    $app->group('/port', function() use ($app) {
-      $app->get('/id/:id/:key(/)', 'authToken', 'get_port_stats_by_id');//api.php/get/stats/port/id/$port_id/$key
-      $app->get('/device/:id/:port/:key(/)', 'authToken', 'get_port_stats_by_port');//api.php/get/stats/port/device/$device_id/$ifName/$key
-    });
-  });
-});
-
-$app->run();
-
-?>

html/api_v1.php

@@ -0,0 +1,56 @@
+<?php
+
+/*
+ * LibreNMS
+ *
+ * Copyright (c) 2014 Neil Lathwood <https://github.com/laf/ http://www.lathwood.co.uk/fa>
+ *
+ * This program is free software: you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation, either version 3 of the License, or (at your
+ * option) any later version.  Please see LICENSE.txt at the top level of
+ * the source code distribution for details.
+ */
+
+include_once("../includes/defaults.inc.php");
+include_once("../config.php");
+include_once("../includes/definitions.inc.php");
+include_once("../includes/common.php");
+include_once("../includes/console_colour.php");
+include_once("../includes/dbFacile.php");
+include_once("../includes/rewrites.php");
+include_once("includes/functions.inc.php");
+include_once("../includes/rrdtool.inc.php");
+require 'includes/Slim/Slim.php';
+\Slim\Slim::registerAutoloader();
+$app = new \Slim\Slim();
+require_once("../includes/api_functions.inc.php");
+$app->setName('api');
+
+$app->group('/api', function() use ($app) {
+  $app->group('/v1', function() use ($app) {
+    $app->group('/get', function() use ($app) {
+      $app->group('/graph', function() use ($app) {
+        $app->group('/port', function() use ($app) {
+          $app->get('/id/:id(/:type)(/:width)(/:height)(/:from)(/:to)(/)', 'authToken', 'get_graph_by_id');//api.php/get/graph/port/id/$port_id/$key
+          $app->get('/device/:id/:port(/:type)(/:width)(/:height)(/:from)(/:to)(/)', 'authToken', 'get_graph_by_port');//api.php/get/graph/port/device/$device_id/$ifName/$key
+          $app->get('/hostname/:hostname/:port(/:type)(/:width)(/:height)(/:from)(/:to)(/)', 'authToken', 'get_graph_by_port_hostname');//api.php/get/graph/port/device/$hostname/$ifName/$key
+        });
+        $app->group('/general', function() use ($app) {
+          $app->get('/device/:id/:type(/:width)(/:height)(/:from)(/:to)(/)', 'authToken', 'get_graph_generic_by_deviceid');//api.php/get/graph/general/device/$device_id/$graph_type/$key
+          $app->get('/hostname/:hostname/:type(/:width)(/:height)(/:from)(/:to)(/)', 'authToken', 'get_graph_generic_by_hostname');//api.php/get/graph/general/hostname/$hostname/$graph_type/$key
+        });
+      });
+      $app->group('/stats', function() use ($app) {
+        $app->group('/port', function() use ($app) {
+          $app->get('/id/:id(/)', 'authToken', 'get_port_stats_by_id');//api.php/get/stats/port/id/$port_id/$key
+          $app->get('/device/:id/:port(/)', 'authToken', 'get_port_stats_by_port');//api.php/get/stats/port/device/$device_id/$ifName/$key
+        });
+      });
+    });
+  });
+});
+
+$app->run();
+
+?>

includes/api_functions.inc.php

@@ -15,7 +15,7 @@
 function authToken(\Slim\Route $route)
 {
   $app = \Slim\Slim::getInstance();
-  $token = $route->getParam('key');
+  $token = $app->request->headers->get('X-Auth-Token');
   if(isset($token) && !empty($token))
   {
     $username = dbFetchCell("SELECT `U`.`username` FROM `api_tokens` AS AT JOIN `users` AS U ON `AT`.`user_id`=`U`.`user_id` WHERE `AT`.`token_hash`=?", array($token));