XF 2.1 Login Authenticate form PHP may cause BIG ISSUE

DrWicked

Member
Good morning,
currently I'm experiencing issues with my website (almost hitting 96% of Physical Memory Usage) and I'm trying to resolve the issue.
Given that I have a need to do external authentication of users from a PHP form, I suppose there is an incorrect method of calling some XenForo functions.

These are the function I use to authenticate the user given his username and password, and I'm asking if there is something missing, e.g. closing the connection to database or maybe some PHP destructor, which makes the server using a lot of its resources constantly.

Code:
$fileDir = '/home/.../public_html';
require($fileDir . '/src/XF.php');
XF::start($fileDir);
$app = XF::setupAPP('XF\App');

$username = $_POST['uname'];
$password = $_POST['password'];

$ip = $app->request->getIp();
$loginService = $app->service('XF:User\Login', $username, $ip);
$userValidate = $loginService->validate($password, $error);

if(!$userValidate){
//Negative check authentication
else
//Positive check authentication
 
Can you please give me an example on how to use these API? I see these are functions but how to actually use them given that Xenforo Documentation is like non existing and also ticket support
 
.service example for API

PHP:
<?php

namespace BS\XenForoApi\Service\Api;

use XF\Service\AbstractService;

class Request extends AbstractService
{
    protected $siteUrl;

    /** @var \GuzzleHttp\Client */
    protected $httpClient;

    protected $apiKey;
    
    protected $byPassPermissions = false;

    /** @var bool */
    protected $logErrors;

    public function __construct(\XF\App $app, $siteUrl, $apiKey)
    {
        parent::__construct($app);

        $this->siteUrl = $siteUrl;
        $this->httpClient = $app->http()->client();
        $this->apiKey = $apiKey;
    }

    /**
     * @return \GuzzleHttp\Client
     */
    public function getHttpClient(): \GuzzleHttp\Client
    {
        return $this->httpClient;
    }

    /**
     * @return string
     */
    public function getSiteUrl()
    {
        return $this->siteUrl;
    }

    /**
     * @return string
     */
    public function getApiKey()
    {
        return $this->apiKey;
    }

    /**
     * @param string $apiKey
     */
    public function setApiKey($apiKey)
    {
        $this->apiKey = $apiKey;
    }

    /**
     * @param bool $logErrors
     */
    public function setLogErrors(bool $logErrors)
    {
        $this->logErrors = $logErrors;
    }

    /**
     * @return bool
     */
    public function isByPassPermissions(): bool
    {
        return $this->byPassPermissions;
    }

    /**
     * @param bool $byPassPermissions
     */
    public function setByPassPermissions(bool $byPassPermissions)
    {
        $this->byPassPermissions = $byPassPermissions;
    }

    public function call($uri, array $params = [], $method = 'GET')
    {
        $response = null;

        try
        {
            $response = @\GuzzleHttp\json_decode(
                $this->httpClient->request($method, $this->getApiUrl($uri), $this->getRequestOptions($method, $params))->getBody(),
                true
            );
        }
        catch (\GuzzleHttp\Exception\GuzzleException $e)
        {
            if ($this->logErrors)
            {
                \XF::logException($e);
            }
        }

        return $response;
    }

    protected function getApiUrl($uri)
    {
        return $this->siteUrl . '/api/' . trim($uri, '/') . '/';
    }

    protected function getRequestOptions($method, $params)
    {
        $options = [
            'headers' => [
                'XF-Api-Key' => $this->apiKey
            ],
            'query' => [
                'api_bypass_permissions' => $this->byPassPermissions
            ]
        ];

        if (! empty($params))
        {
            switch ($method)
            {
                case 'GET':
                    $options['query'] += $params;
                    break;

                case 'POST':
                    $options['form_params'] = $params;
                    break;
            }
        }

        return $options;
    }
}
 
Top Bottom