commit b58a9ef2f0e8dc230ef3b7cf0391694a2153b130
Author: Bandie <bandie@chaospott.de>
Date:   Mon Jan 18 20:41:58 2021 +0100

    The init API-API

diff --git a/README.md b/README.md
new file mode 100644
index 0000000..2e9be66
--- /dev/null
+++ b/README.md
@@ -0,0 +1,7 @@
+# SpaceAPI-API
+
+Since we've got two doors we need to do a simple OR into our Open-Status.
+This API manipulates our fine status.json.
+
+Here's the live endpoint: https://status.chaospott.de/api/update.php
+Here's where to put all this stuff: /data/docker/status.chaospott.de/webroot/api/
diff --git a/config.php b/config.php
new file mode 100644
index 0000000..b6fdc9f
--- /dev/null
+++ b/config.php
@@ -0,0 +1,4 @@
+<?php
+$active = false;
+$consumer_key = 'asdf';
+$consumer_secret = 'qwer';
diff --git a/statusTemplate.json b/statusTemplate.json
new file mode 100644
index 0000000..2775779
--- /dev/null
+++ b/statusTemplate.json
@@ -0,0 +1 @@
+{"api":"0.13","contact":{"email":"info@chaospott.de","facebook":"https:\/\/www.facebook.com\/pages\/foobar-eV\/127246337351928","foursquare":"4f41445ce4b0c868de54bb9f","google":[],"irc":"irc:\/\/irc.hackint.org\/#chaospott","issue_mail":"support@chaospott.de","mastodon":"https:\/\/chaos.social\/@chaospott","matrix":"#chaospott:matrix.chaospott.de","ml":"discuss@lists.chaospott.de","phone":"+49 201 75915275","twitter":"@chaospott"},"feeds":{"blog":{"type":"application\/rss+xml","url":"https:\/\/chaospott.de\/feed.xml"},"calendar":{"type":"ical","url":"https:\/\/cloud.chaospott.ru\/remote.php\/dav\/public-calendars\/5HM7B0ZOLEYC3QD0?export"}},"issue_report_channels":["issue_mail","ml"],"location":{"address":"Sibyllastr. 9, 45136 Essen, Germany","lat":51.438476,"lon":7.024991},"logo":"http:\/\/chaospott.de\/images\/logo.png","projects":["https:\/\/wiki.chaospott.de\/projekte:start","https:\/\/git.chaospott.de\/","https:\/\/github.com\/c3e"],"sensors":{"door_locked":[{"location":"aerie","value":true},{"location":"cellar","value":true}]},"space":"chaospott","state":{"lastchange":1610991840,"open":false},"url":"https:\/\/chaospott.de"}
diff --git a/update.php b/update.php
new file mode 100644
index 0000000..926dcd8
--- /dev/null
+++ b/update.php
@@ -0,0 +1,115 @@
+<?php
+/*
+ * Author: Bandie <bandie@chaospott.de>
+ */
+
+
+include('config.php');
+
+
+/** Set the status array for publishing the new™ status
+ * @param array &$status - Status array which will be written into the status.json
+ * @param array $decoded - Decoded json coming from client
+ * @param string $loc - 'aerie' or 'cellar'
+ * @return bool - Value has been updated or not?
+ */
+function setStatus(&$status, $decoded, $loc){
+  $locno = null;
+
+  switch($loc) {
+    case 'aerie':
+      $locno = 0;
+      break;
+    case 'cellar':
+      $locno = 1;
+      break;
+  }
+
+  if(isset($decoded[$loc]) && is_bool($decoded[$loc])){
+    if($status["sensors"]["door_locked"][$locno]["value"] != $decoded[$loc]){
+      $status["sensors"]["door_locked"][$locno]["value"] = $decoded[$loc];
+      return true;
+    }
+  }
+
+  return false;
+}	
+
+// Is this a POST?
+if ($_SERVER['REQUEST_METHOD'] != 'POST') {
+  header("HTTP/1.1 405 Method Not Allowed");
+  echo('FAILED - not POST - '. $_SERVER['REQUEST_METHOD']);
+  exit();
+}
+
+
+// Is it application/json?
+$content_type = isset($_SERVER['CONTENT_TYPE']) ? strtolower(trim($_SERVER['CONTENT_TYPE'])) : '';
+if ($content_type != 'application/json') {
+  header("HTTP/1.1 403 Forbidden");
+  echo('FAILED - not application/json - '. $content_type);
+  exit();
+}
+
+
+// Do we even have a payload?
+$payload = trim(file_get_contents("php://input"));
+if (empty($payload)) {
+  header("HTTP/1.1 403 Forbidden");
+  echo('FAILED - no payload');
+  exit();
+}
+
+// Is the payload even JSON?
+$decoded = json_decode($payload, true);
+if (json_last_error() !== JSON_ERROR_NONE) {
+  header("HTTP/1.1 403 Forbidden");
+  header("Content-Type: application/json");
+  echo('"FAILED - json decode - '. json_last_error());
+  exit();
+}
+
+
+// Is the authorisation aight m8?
+if($decoded['consumer_key'] != $consumer_key || $decoded['consumer_secret'] != $consumer_secret) {
+  header("HTTP/1.1 403 Forbidden");
+  echo("WRONG SECRET");
+  error_log('FAILED - wrong secret key');
+  exit();
+}
+
+
+// Is this API even active?
+if(!$active){
+  header("HTTP/1.1 403 Forbidden");
+  echo(json_encode(["status" => "API deactivated."]));
+  error_log('API deactivated');
+  exit();
+}
+
+
+// Get me the previous status
+$status = json_decode(file_get_contents("../status.json"), true);
+
+// Manipulate the $status variable. If we have an update, update the timestamp.
+if(setStatus($status, $decoded, 'aerie') | setStatus($status, $decoded, 'cellar')){
+  $status["state"]["lastchange"] = time();
+}
+
+// Are we open or not?
+if(!$status["sensors"]["door_locked"][0]["value"] || !$status["sensors"]["door_locked"][1]["value"]){
+  $status["state"]["open"] = true;
+} else {
+  $status["state"]["open"] = false;
+}
+
+// Encode this shit
+$json = json_encode($status);
+
+// Write this shit
+file_put_contents("../status.json", $json);
+
+// Show what we've done!
+echo($json);
+
+?>