post("user"); $password = Input::instance()->post("password"); $user = identity::lookup_user_by_name($username); if (empty($user) || !identity::is_correct_password($user, $password)) { throw new Rest_Exception("Forbidden", 403); } $key = ORM::factory("user_access_token") ->where("user_id", "=", $user->id) ->find(); if (!$key->loaded()) { $key->user_id = $user->id; $key->access_key = md5($user->name . rand()); $key->save(); } rest::reply($key->access_key); } catch (Exception $e) { rest::send_headers($e); } } public function __call($function, $args) { $input = Input::instance(); switch ($method = strtolower($input->server("REQUEST_METHOD"))) { case "get": $request->params = (object) Input::instance()->get(); break; case "post": $request->params = (object) Input::instance()->post(); if (isset($_FILES["file"])) { $request->file = upload::save("file"); } break; } $request->method = strtolower($input->server("HTTP_X_GALLERY_REQUEST_METHOD", $method)); $request->access_token = $input->server("HTTP_X_GALLERY_REQUEST_KEY"); $request->url = url::abs_current(true); try { rest::set_active_user($request->access_token); $handler_class = "{$function}_rest"; $handler_method = $request->method; if (!method_exists($handler_class, $handler_method)) { throw new Rest_Exception("Forbidden", 403); } print call_user_func(array($handler_class, $handler_method), $request); } catch (Rest_Exception $e) { rest::send_headers($e); } } }