rvr-nextgen/web.php

123 lines
5.8 KiB
PHP
Raw Permalink Normal View History

2023-04-08 00:42:55 +02:00
<?php
2023-04-16 21:14:56 +02:00
use Container;
2023-04-16 20:54:29 +02:00
use SokoWeb\Response\HttpResponse;
2023-04-16 21:14:56 +02:00
use SokoWeb\Routing\RouteCollection;
use SokoWeb\Session\DatabaseSessionHandler;
use SokoWeb\Request\Request;
use RVR\Controller\HomeController;
use RVR\Controller\LoginController;
use RVR\Controller\OAuthAuthController;
use RVR\Controller\OAuthController;
use RVR\Controller\UserController;
use RVR\Controller\UserSearchController;
use RVR\Controller\CommunityController;
use RVR\Repository\UserRepository;
2023-04-16 20:54:29 +02:00
2023-04-08 00:42:55 +02:00
require 'app.php';
if (!empty($_ENV['DEV'])) {
error_reporting(E_ALL);
ini_set('display_errors', '1');
} else {
ini_set('display_errors', '0');
}
2023-04-16 21:14:56 +02:00
Container::$routeCollection = new RouteCollection();
2023-04-08 00:42:55 +02:00
2023-04-16 21:14:56 +02:00
Container::$routeCollection->get('home', '', [HomeController::class, 'getHome']);
Container::$routeCollection->get('startSession', 'startSession.json', [HomeController::class, 'startSession']);
Container::$routeCollection->group('login', function (RouteCollection $routeCollection) {
$routeCollection->get('login', '', [LoginController::class, 'getLoginForm']);
$routeCollection->post('login-action', '', [LoginController::class, 'login']);
$routeCollection->get('login-google', 'google', [LoginController::class, 'getGoogleLoginRedirect']);
$routeCollection->get('login-google-action', 'google/code', [LoginController::class, 'loginWithGoogle']);
2023-04-08 00:42:55 +02:00
});
2023-04-16 21:14:56 +02:00
Container::$routeCollection->group('oauth', function (RouteCollection $routeCollection) {
$routeCollection->get('oauth-auth', 'auth', [OAuthAuthController::class, 'auth']);
$routeCollection->post('oauth-token', 'token', [OAuthController::class, 'getToken']);
$routeCollection->get('oauth-userinfo', 'userinfo', [OAuthController::class, 'getUserInfo']);
$routeCollection->get('oauth-config', '.well-known/openid-configuration', [OAuthController::class, 'getConfig']);
$routeCollection->get('oauth-certs', 'certs', [OAuthController::class, 'getCerts']);
2023-04-08 19:06:45 +02:00
});
2023-04-16 21:14:56 +02:00
Container::$routeCollection->group('password', function (RouteCollection $routeCollection) {
$routeCollection->get('password-requestReset', 'requestReset', [LoginController::class, 'getRequestPasswordResetForm']);
$routeCollection->post('password-requestReset-action', 'requestReset', [LoginController::class, 'requestPasswordReset']);
$routeCollection->get('password-requestReset.success', 'requestReset/success', [LoginController::class, 'getRequestPasswordResetSuccess']);
$routeCollection->get('password-reset', 'reset/{token}', [LoginController::class, 'getResetPasswordForm']);
$routeCollection->post('password-reset.action', 'reset/{token}', [LoginController::class, 'resetPassword']);
2023-04-08 00:42:55 +02:00
});
2023-04-16 21:14:56 +02:00
Container::$routeCollection->get('logout', 'logout', [LoginController::class, 'logout']);
Container::$routeCollection->group('account', function (RouteCollection $routeCollection) {
$routeCollection->get('account', '', [UserController::class, 'getAccount']);
$routeCollection->post('account-action', '', [UserController::class, 'saveAccount']);
$routeCollection->get('account.googleAuthenticate', 'googleAuthenticate', [UserController::class, 'getGoogleAuthenticateRedirect']);
$routeCollection->get('account.googleAuthenticate-action', 'googleAuthenticate/code', [UserController::class, 'authenticateWithGoogle']);
2023-04-08 00:42:55 +02:00
});
2023-04-16 21:14:56 +02:00
Container::$routeCollection->get('searchUser', 'searchUser', [UserSearchController::class, 'searchUser']);
Container::$routeCollection->group('communities', function (RouteCollection $routeCollection) {
$routeCollection->get('community-new', 'new', [CommunityController::class, 'getCommunityNew']);
$routeCollection->post('community-new-action', 'new', [CommunityController::class, 'saveCommunity']);
$routeCollection->group('{communityId}', function (RouteCollection $routeCollection) {
$routeCollection->get('community', '', [CommunityController::class, 'getCommunityHome']);
$routeCollection->get('community-edit', 'edit', [CommunityController::class, 'getCommunityEdit']);
$routeCollection->post('community-edit-action', 'edit', [CommunityController::class, 'saveCommunity']);
$routeCollection->get('community-members', 'members', [CommunityController::class, 'getMembersEdit']);
$routeCollection->post('community-members-new', 'newMember', [CommunityController::class, 'newMember']);
$routeCollection->post('community-members-edit', 'editMember', [CommunityController::class, 'editMember']);
$routeCollection->post('community-members-delete', 'deleteMember', [CommunityController::class, 'deleteMember']);
2023-04-16 03:31:40 +02:00
});
});
2023-04-08 00:42:55 +02:00
2023-04-16 21:14:56 +02:00
Container::$sessionHandler = new DatabaseSessionHandler();
2023-04-08 00:42:55 +02:00
session_set_save_handler(Container::$sessionHandler, true);
session_start([
'gc_probability' => 0, // old sessions are deleted by MaintainDatabaseCommand
'cookie_lifetime' => 604800,
'cookie_path' => '/',
'cookie_httponly' => true,
'cookie_samesite' => 'Lax'
]);
if (isset($_COOKIE[session_name()])) {
// extend session cookie lifetime is cookie already exists
setcookie(session_name(), session_id(), [
'expires' => time() + 604800,
'path' => '/',
'httponly' => true,
'samesite' => 'Lax'
]);
}
2023-04-16 21:14:56 +02:00
Container::$request = new Request(
2023-04-08 00:42:55 +02:00
$_SERVER['REQUEST_SCHEME'] . '://' . $_SERVER['HTTP_HOST'],
$_GET,
$_POST,
2023-04-16 16:03:38 +02:00
getallheaders(),
2023-04-08 00:42:55 +02:00
$_SESSION,
2023-04-16 21:14:56 +02:00
new UserRepository()
2023-04-08 00:42:55 +02:00
);
if (!Container::$request->session()->has('anti_csrf_token')) {
Container::$request->session()->set('anti_csrf_token', bin2hex(random_bytes(16)));
}
2023-04-16 20:54:29 +02:00
$appConfig = [
'antiCsrfTokenName' => 'anti_csrf_token',
'antiCsrfTokenErrorResponse' => ['error' => 'no_valid_anti_csrf_token'],
'antiCsrfTokenExceptions' => ['oauth/token'],
'loginRouteId' => 'login',
'error404View' => 'error/404'
];
$httpReponse = new HttpResponse(
Container::$request,
Container::$routeCollection,
$appConfig,
$_SERVER['REQUEST_METHOD'],
$_SERVER['REQUEST_URI']
);
$httpReponse->render();