set(array( 'result' => $result, '_serialize' => array('result') )); } function getLoad() { $load = sys_getloadavg(); $this->set(array( 'load' => $load, '_serialize' => array('load') )); } function login() { $mUser = $this->request->query('user') ? $this->request->query('user') : $this->request->data('user'); $mPassword = $this->request->query('pass') ? $this->request->query('pass') : $this->request->data('pass'); $mToken = $this->request->query('token') ? $this->request->query('token') : $this->request->data('token'); if ( !($mUser && $mPassword) && !$mToken ) { throw new UnauthorizedException(__('No identity provided')); } $ver = $this->_getVersion(); $cred = []; $cred_depr = []; if ($mUser && $mPassword) { $cred = $this->_getCredentials(true); // generate refresh } else { $cred = $this->_getCredentials(false, $mToken); // don't generate refresh } $login_array = array ( 'access_token'=>$cred[0], 'access_token_expires'=>$cred[1] ); $login_serialize_list = array ( 'access_token', 'access_token_expires' ); if ($mUser && $mPassword) { $login_array['refresh_token'] = $cred[2]; $login_array['refresh_token_expires'] = $cred[3]; array_push ($login_serialize_list, 'refresh_token', 'refresh_token_expires'); } if (ZM_OPT_USE_LEGACY_API_AUTH) { $cred_depr = $this->_getCredentialsDeprecated(); $login_array ['credentials']=$cred_depr[0]; $login_array ['append_password']=$cred_depr[1]; array_push ($login_serialize_list, 'credentials', 'append_password'); } $login_array['version'] = $ver[0]; $login_array['apiversion'] = $ver[1]; array_push ($login_serialize_list, 'version', 'apiversion'); $login_array["_serialize"] = $login_serialize_list; $this->set($login_array); } // end function login() // clears out session function logout() { userLogout(); $this->set(array( 'result' => 'ok', '_serialize' => array('result') )); } // end function logout() private function _getCredentialsDeprecated() { $credentials = ''; $appendPassword = 0; if (ZM_OPT_USE_AUTH) { require_once __DIR__ .'/../../../includes/auth.php'; if (ZM_AUTH_RELAY=='hashed') { $credentials = 'auth='.generateAuthHash(ZM_AUTH_HASH_IPS,true); } else { $credentials = 'user='.$this->Session->read('Username').'&pass='; $appendPassword = 1; } return array($credentials, $appendPassword); } } private function _getCredentials($generate_refresh_token=false, $mToken='') { $credentials = ''; $this->loadModel('Config'); if ( ZM_OPT_USE_AUTH ) { require_once __DIR__ .'/../../../includes/auth.php'; require_once __DIR__.'/../../../vendor/autoload.php'; $key = ZM_AUTH_HASH_SECRET; if (!$key) { throw new ForbiddenException(__('Please create a valid AUTH_HASH_SECRET in ZoneMinder')); } if ($mToken) { // If we have a token, we need to derive username from there $ret = validateToken($mToken, 'refresh', true); $mUser = $ret[0]['Username']; } else { $mUser = $_SESSION['username']; } ZM\Info("Creating token for \"$mUser\""); /* we won't support AUTH_HASH_IPS in token mode reasons: a) counter-intuitive for mobile consumers b) zmu will never be able to to validate via a token if we sign it after appending REMOTE_ADDR if (ZM_AUTH_HASH_IPS) { $key = $key . $_SERVER['REMOTE_ADDR']; }*/ $access_issued_at = time(); $access_ttl = (ZM_AUTH_HASH_TTL || 2) * 3600; // by default access token will expire in 2 hrs // you can change it by changing the value of ZM_AUTH_HASH_TLL $access_expire_at = $access_issued_at + $access_ttl; //$access_expire_at = $access_issued_at + 60; // TEST, REMOVE $access_token = array( "iss" => "ZoneMinder", "iat" => $access_issued_at, "exp" => $access_expire_at, "user" => $mUser, "type" => "access" ); $jwt_access_token = \Firebase\JWT\JWT::encode($access_token, $key, 'HS256'); $jwt_refresh_token = ""; $refresh_ttl = 0; if ($generate_refresh_token) { $refresh_issued_at = time(); $refresh_ttl = 24 * 3600; // 1 day $refresh_expire_at = $refresh_issued_at + $refresh_ttl; $refresh_token = array( "iss" => "ZoneMinder", "iat" => $refresh_issued_at, "exp" => $refresh_expire_at, "user" => $mUser, "type" => "refresh" ); $jwt_refresh_token = \Firebase\JWT\JWT::encode($refresh_token, $key, 'HS256'); } } return array($jwt_access_token, $access_ttl, $jwt_refresh_token, $refresh_ttl); } // If $mid is set, only return disk usage for that monitor // Else, return an array of total disk usage, and per-monitor // usage. // This function is deprecated. Use the Storage object or monitor object instead function getDiskPercent($mid = null) { $this->loadModel('Config'); $this->loadModel('Monitor'); // If $mid is passed, see if it is valid if ( $mid ) { if ( !$this->Monitor->exists($mid) ) { throw new NotFoundException(__('Invalid monitor')); } } $zm_dir_events = ZM_DIR_EVENTS; // Test to see if $zm_dir_events is relative or absolute #if ('/' === "" || strrpos($zm_dir_events, '/', -strlen($zm_dir_events)) !== TRUE) { if ( substr($zm_dir_events, 0, 1) != '/' ) { // relative - so add the full path $zm_dir_events = ZM_PATH_WEB . '/' . $zm_dir_events; } if ( $mid ) { // Get disk usage for $mid ZM\Logger::Debug("Executing du -s0 $zm_dir_events/$mid | awk '{print $1}'"); $usage = shell_exec("du -s0 $zm_dir_events/$mid | awk '{print $1}'"); } else { $monitors = $this->Monitor->find('all', array( 'fields' => array('Id', 'Name', 'WebColour') )); $usage = array(); // Add each monitor's usage to array foreach ($monitors as $key => $value) { $id = $value['Monitor']['Id']; $name = $value['Monitor']['Name']; $color = $value['Monitor']['WebColour']; $space = shell_exec ("du -s0 $zm_dir_events/$id | awk '{print $1}'"); if ($space == null) { $space = 0; } $space = $space/1024/1024; $usage[$name] = array( 'space' => rtrim($space), 'color' => $color ); } // Add total usage to array $space = shell_exec( "df $zm_dir_events |tail -n1 | awk '{print $3 }'"); $space = $space/1024/1024; $usage['Total'] = array( 'space' => rtrim($space), 'color' => '#F7464A' ); } $this->set(array( 'usage' => $usage, '_serialize' => array('usage') )); } function getTimeZone() { //http://php.net/manual/en/function.date-default-timezone-get.php $tz = date_default_timezone_get(); $this->set(array( 'tz' => $tz, '_serialize' => array('tz') )); } private function _getVersion() { $version = Configure::read('ZM_VERSION'); $apiversion = '2.0'; return array($version, $apiversion); } function getVersion() { $val = $this->_getVersion(); $this->set(array( 'version' => $val[0], 'apiversion' => $val[1], '_serialize' => array('version', 'apiversion') )); } }