- Update now reads the live editor text from NSTextStorage instead of relying on any stale editor state, sends it as markdown plus compatibility aliases, and refuses to overwrite the editor with stale Markdown if the server response doesn’t echo the new content.
I also updated [api.php](/Users/tyemeclifford/Documents/GH/blog/api.php) so content.save accepts markdown, content, or body for post/page content.
This commit is contained in:
@@ -29,7 +29,6 @@ try {
|
||||
'authenticated' => tcms_is_authenticated($config),
|
||||
'auth_required' => true,
|
||||
'credentials_configured' => tcms_credentials_configured(),
|
||||
'token_configured' => tcms_configured_token() !== '',
|
||||
'capabilities' => [
|
||||
'content' => ['list', 'get', 'save', 'delete'],
|
||||
'media' => ['list', 'upload'],
|
||||
@@ -121,10 +120,10 @@ function tcms_error(string $message, int $status = 400, array $extra = []): neve
|
||||
function tcms_require_auth($config): void
|
||||
{
|
||||
if (!tcms_credentials_configured()) {
|
||||
tcms_error('API credentials are not configured. Create a site .env file with TCMS_API_USERNAME and TCMS_API_PASSWORD, TCMS_API_PASSWORD_HASH, or TCMS_API_TOKEN.', 503);
|
||||
tcms_error('API credentials are not configured. Create a site .env file with TCMS_API_USERNAME and TCMS_API_PASSWORD or TCMS_API_PASSWORD_HASH.', 503);
|
||||
}
|
||||
if (!tcms_is_authenticated($config)) {
|
||||
tcms_error('API authentication failed. Use HTTP Basic credentials from .env or send TCMS_API_TOKEN as a Bearer token or X-TCMS-Token header.', 401);
|
||||
tcms_error('API authentication failed. Use the username and password from the site .env file.', 401);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -134,12 +133,6 @@ function tcms_is_authenticated($config): bool
|
||||
return false;
|
||||
}
|
||||
|
||||
$configuredToken = tcms_configured_token();
|
||||
$providedToken = tcms_request_token();
|
||||
if ($configuredToken !== '' && $providedToken !== '' && hash_equals($configuredToken, $providedToken)) {
|
||||
return true;
|
||||
}
|
||||
|
||||
$basic = tcms_request_basic_credentials();
|
||||
if ($basic === null) {
|
||||
return false;
|
||||
@@ -161,13 +154,8 @@ function tcms_api_enabled($config): bool
|
||||
|
||||
function tcms_credentials_configured(): bool
|
||||
{
|
||||
return tcms_configured_token() !== ''
|
||||
|| (tcms_configured_username() !== '' && (tcms_configured_password() !== '' || tcms_configured_password_hash() !== ''));
|
||||
}
|
||||
|
||||
function tcms_configured_token(): string
|
||||
{
|
||||
return tcms_env('TCMS_API_TOKEN');
|
||||
return tcms_configured_username() !== ''
|
||||
&& (tcms_configured_password() !== '' || tcms_configured_password_hash() !== '');
|
||||
}
|
||||
|
||||
function tcms_configured_username(): string
|
||||
@@ -195,17 +183,6 @@ function tcms_env(string $key): string
|
||||
return trim((string) $value);
|
||||
}
|
||||
|
||||
function tcms_request_token(): string
|
||||
{
|
||||
$headers = function_exists('getallheaders') ? getallheaders() : [];
|
||||
$auth = (string) ($_SERVER['HTTP_AUTHORIZATION'] ?? $headers['Authorization'] ?? $headers['authorization'] ?? '');
|
||||
if (preg_match('/^Bearer\s+(.+)$/i', $auth, $matches)) {
|
||||
return trim($matches[1]);
|
||||
}
|
||||
|
||||
return trim((string) ($_SERVER['HTTP_X_TCMS_TOKEN'] ?? $headers['X-TCMS-Token'] ?? $headers['x-tcms-token'] ?? ''));
|
||||
}
|
||||
|
||||
/** @return array{0: string, 1: string}|null */
|
||||
function tcms_request_basic_credentials(): ?array
|
||||
{
|
||||
@@ -283,7 +260,15 @@ function tcms_content_save(ContentRepository $repo, array $payload): never
|
||||
$slug = (string) ($payload['slug'] ?? $metadata['slug'] ?? '');
|
||||
$originalSlug = (string) ($payload['original_slug'] ?? $payload['originalSlug'] ?? '');
|
||||
$existing = $originalSlug !== '' ? $repo->find($originalSlug, true) : ($slug !== '' ? $repo->find($slug, true) : null);
|
||||
$markdown = array_key_exists('markdown', $payload) ? (string) $payload['markdown'] : (string) ($existing['markdown'] ?? '');
|
||||
if (array_key_exists('markdown', $payload)) {
|
||||
$markdown = (string) $payload['markdown'];
|
||||
} elseif (array_key_exists('content', $payload)) {
|
||||
$markdown = (string) $payload['content'];
|
||||
} elseif (array_key_exists('body', $payload)) {
|
||||
$markdown = (string) $payload['body'];
|
||||
} else {
|
||||
$markdown = (string) ($existing['markdown'] ?? '');
|
||||
}
|
||||
|
||||
$allowed = [
|
||||
'title', 'slug', 'type', 'status', 'date', 'category', 'tags', 'summary',
|
||||
|
||||
Reference in New Issue
Block a user