<?php
// Create an account and apply SSH key
$config = json_decode(file_get_contents("/var/www/usergen/config.json", true));

function checkParameters($parameterArray){
    $error = false;
    foreach($parameterArray as $parameter){
        if(!isset($_POST[$parameter])){
            $error = true;
        }
    }
    return $error;
}

function apiResult($result){
    header('Content-type: application/json');
    echo json_encode($result);
    exit();
}

function success(){
    apiResult(array("status" => true));
}

function error($error){
    apiResult(array("status" => false, "error" => $error));
}

function validateUsername($username){
    return (preg_match("/^([a-zA-Z0-9_.]+)$/", $username) == 1);
}

if (checkParameters(array("pubkey", "userId", "authToken"))){
    error("Missing parameters");
}

$userToken = $_POST["authToken"];
$userId = $_POST["userId"];
$pubkey = $_POST["pubkey"];

$request = curl_init();
curl_setopt($request, CURLOPT_URL, "https://hackers.town/api/v1/accounts/verify_credentials");
curl_setopt($request, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($request, CURLOPT_HTTPHEADER, array(
    "Authorization: Bearer ".$userToken
));
$response = curl_exec($request);
curl_close($request);
$User = json_decode($response);
// Check User
if($User->id != $userId){
    error("User Mismatch");
}
if(!validateUsername($User->username)){
    error("Invalid Username");
}
// Create temporary pubkey holding file
$TempFileName = "/tmp/mkuser/".uniqid("ssh-", true).".pub";
if(!file_put_contents($TempFileName, $pubkey."\n")){
    error("Key Addition Failed: Temp");
}
// Run User Generation Tool
// TODO: Replace with custom Rust PHP Extension
$UserGenCode = shell_exec("/etc/ttyserver/bin/mkuser.tmp \"".$User->username."\" \"".$TempFileName."\" 2>&1; echo $?");
if($UserGenCode != "0"){
    error("Key Addition Failed: MK-".$UserGenCode);
}
success();

?>