From e98bb28faf86c3dca5c420b2a4ee26fde318af8c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?P=C5=91cze=20Bence?= <bence@pocze.ch>
Date: Sun, 16 Apr 2023 20:54:29 +0200
Subject: [PATCH 1/3] adapt to soko-web 0.4

---
 public/index.php                        | 63 -------------------------
 src/Controller/CommunityController.php  |  2 +-
 src/Controller/LoginController.php      | 16 +++----
 src/Controller/OAuthController.php      |  8 ++--
 src/Controller/UserController.php       |  4 +-
 views/account/account.php               |  4 +-
 views/communities/community.php         |  4 +-
 views/communities/community_edit.php    |  2 +-
 views/communities/community_members.php |  8 ++--
 views/error/404.php                     |  2 +-
 views/home.php                          |  4 +-
 views/login/login.php                   |  6 +--
 views/login/password_reset_request.php  |  2 +-
 views/login/reset_password.php          |  4 +-
 views/templates/layout_normal.php       |  6 +--
 web.php                                 | 25 +++++++---
 16 files changed, 54 insertions(+), 106 deletions(-)

diff --git a/public/index.php b/public/index.php
index 81dfb54..14996a8 100644
--- a/public/index.php
+++ b/public/index.php
@@ -1,66 +1,3 @@
 <?php
 
-use SokoWeb\Interfaces\Response\IRedirect;
-use SokoWeb\Interfaces\Response\IContent;
-use SokoWeb\Interfaces\Authentication\IAuthenticationRequired;
-use SokoWeb\Interfaces\Authorization\ISecured;
-use SokoWeb\Response\Redirect;
-use SokoWeb\Response\HtmlContent;
-use SokoWeb\Response\JsonContent;
-
 require '../web.php';
-
-$method = strtolower($_SERVER['REQUEST_METHOD']);
-$url = substr($_SERVER['REQUEST_URI'], strlen('/'));
-if (($pos = strpos($url, '?')) !== false) {
-    $url = substr($url, 0, $pos);
-}
-$url = rawurldecode($url);
-
-$match = Container::$routeCollection->match($method, $url == '' ? [] : explode('/', $url));
-
-if ($match !== null) {
-    list($route, $params) = $match;
-
-    Container::$request->setParsedRouteParams($params);
-
-    $handler = $route->getHandler();
-    $controller = new $handler[0](Container::$request);
-
-    if (
-        $controller instanceof IAuthenticationRequired &&
-        $controller->isAuthenticationRequired() &&
-        Container::$request->user() === null
-    ) {
-        Container::$request->session()->set('redirect_after_login', substr($_SERVER['REQUEST_URI'], strlen('/')));
-        $response = new Redirect(Container::$routeCollection->getRoute('login')->generateLink(), IRedirect::TEMPORARY);
-        header('Location: ' . $response->getUrl(), true, $response->getHttpCode());
-        return;
-    }
-
-    if ($method === 'post' && !in_array($url, $antiCsrfTokenExceptions) && Container::$request->post('anti_csrf_token') !== Container::$request->session()->get('anti_csrf_token')) {
-        $content = new JsonContent(['error' => 'no_valid_anti_csrf_token']);
-        header('Content-Type: text/html; charset=UTF-8', true, 403);
-        $content->render();
-        return;
-    }
-
-    if (
-        !($controller instanceof ISecured) ||
-        $controller->authorize()
-    ) {
-        $response = call_user_func([$controller, $handler[1]]);
-        if ($response instanceof IContent) {
-            header('Content-Type: ' . $response->getContentType() . '; charset=UTF-8');
-            $response->render();
-            return;
-        } elseif ($response instanceof IRedirect) {
-            header('Location: ' . $response->getUrl(), true, $response->getHttpCode());
-            return;
-        }
-    }
-}
-
-$content = new HtmlContent('error/404');
-header('Content-Type: text/html; charset=UTF-8', true, 404);
-$content->render();
diff --git a/src/Controller/CommunityController.php b/src/Controller/CommunityController.php
index 30b6e11..b7a6d0f 100644
--- a/src/Controller/CommunityController.php
+++ b/src/Controller/CommunityController.php
@@ -186,7 +186,7 @@ class CommunityController implements IAuthenticationRequired
         }
 
         return new JsonContent([
-            'redirect' => ['target' => '/' . \Container::$routeCollection->getRoute('community')->generateLink(['communityId' => $community->getId()])]
+            'redirect' => ['target' => \Container::$routeCollection->getRoute('community')->generateLink(['communityId' => $community->getId()])]
         ]);
     }
 
diff --git a/src/Controller/LoginController.php b/src/Controller/LoginController.php
index 346822e..a723817 100644
--- a/src/Controller/LoginController.php
+++ b/src/Controller/LoginController.php
@@ -47,7 +47,7 @@ class LoginController
             return new Redirect($this->redirectUrl, IRedirect::TEMPORARY);
         }
 
-        return new HtmlContent('login/login', ['redirectUrl' => '/' . $this->redirectUrl]);
+        return new HtmlContent('login/login', ['redirectUrl' => $this->redirectUrl]);
     }
 
     public function getGoogleLoginRedirect(): IRedirect
@@ -61,7 +61,7 @@ class LoginController
         $oAuth = new GoogleOAuth(new Request());
         $url = $oAuth->getDialogUrl(
             $state,
-            $this->request->getBase() . '/' . \Container::$routeCollection->getRoute('login-google-action')->generateLink(),
+            $this->request->getBase() . \Container::$routeCollection->getRoute('login-google-action')->generateLink(),
             $nonce
         );
 
@@ -99,7 +99,7 @@ class LoginController
 
         $user = $this->userRepository->getById($resetter->getUserId());
 
-        return new HtmlContent('login/reset_password', ['success' => true, 'token' => $token, 'email' => $user->getEmail(), 'redirectUrl' => '/' . $this->redirectUrl]);
+        return new HtmlContent('login/reset_password', ['success' => true, 'token' => $token, 'email' => $user->getEmail(), 'redirectUrl' => $this->redirectUrl]);
     }
 
     public function login(): IContent
@@ -141,7 +141,7 @@ class LoginController
         $oAuth = new GoogleOAuth(new Request());
         $tokenData = $oAuth->getToken(
             $this->request->query('code'),
-            $this->request->getBase() . '/' . \Container::$routeCollection->getRoute('login-google-action')->generateLink()
+            $this->request->getBase() . \Container::$routeCollection->getRoute('login-google-action')->generateLink()
         );
 
         if (!isset($tokenData['id_token'])) {
@@ -183,7 +183,7 @@ class LoginController
             $this->deleteRedirectUrl();
             return new JsonContent([
                 'redirect' => [
-                    'target' => '/' . $this->redirectUrl
+                    'target' => $this->redirectUrl
                 ]
             ]);
         }
@@ -247,7 +247,7 @@ class LoginController
             $this->deleteRedirectUrl();
             return new JsonContent([
                 'redirect' => [
-                    'target' => '/' . $this->redirectUrl
+                    'target' => $this->redirectUrl
                 ]
             ]);
         }
@@ -258,7 +258,7 @@ class LoginController
         if ($resetter === null || $resetter->getExpiresDate() < new DateTime()) {
             return new JsonContent([
                 'redirect' => [
-                    'target' => '/' . \Container::$routeCollection->getRoute('password-reset')->generateLink(['token' => $token])
+                    'target' => \Container::$routeCollection->getRoute('password-reset')->generateLink(['token' => $token])
                 ]
             ]);
         }
@@ -299,7 +299,7 @@ class LoginController
         $mail->setSubject($_ENV['APP_NAME'] . ' - Password reset');
         $mail->setBodyFromTemplate('password-reset', [
             'EMAIL' => $email,
-            'RESET_LINK' => $this->request->getBase() . '/' .
+            'RESET_LINK' => $this->request->getBase() .
                 \Container::$routeCollection->getRoute('password-reset')->generateLink(['token' => $token]),
             'EXPIRES' => $expires->format('Y-m-d H:i T')
         ]);
diff --git a/src/Controller/OAuthController.php b/src/Controller/OAuthController.php
index 0666fe7..9c26391 100644
--- a/src/Controller/OAuthController.php
+++ b/src/Controller/OAuthController.php
@@ -108,10 +108,10 @@ class OAuthController
     {
         return new JsonContent([
             'issuer' => $_ENV['APP_URL'],
-            'authorization_endpoint' => $this->request->getBase() . '/' . \Container::$routeCollection->getRoute('oauth-auth')->generateLink(),
-            'token_endpoint' => $this->request->getBase() . '/' . \Container::$routeCollection->getRoute('oauth-token')->generateLink(),
-            'userinfo_endpoint' => $this->request->getBase() . '/' . \Container::$routeCollection->getRoute('oauth-userinfo')->generateLink(),
-            'jwks_uri' => $this->request->getBase() . '/' . \Container::$routeCollection->getRoute('oauth-certs')->generateLink(),
+            'authorization_endpoint' => $this->request->getBase() . \Container::$routeCollection->getRoute('oauth-auth')->generateLink(),
+            'token_endpoint' => $this->request->getBase() . \Container::$routeCollection->getRoute('oauth-token')->generateLink(),
+            'userinfo_endpoint' => $this->request->getBase() . \Container::$routeCollection->getRoute('oauth-userinfo')->generateLink(),
+            'jwks_uri' => $this->request->getBase() . \Container::$routeCollection->getRoute('oauth-certs')->generateLink(),
             'response_types_supported' =>
             [
                 'code',
diff --git a/src/Controller/UserController.php b/src/Controller/UserController.php
index 43605b2..89edd12 100644
--- a/src/Controller/UserController.php
+++ b/src/Controller/UserController.php
@@ -62,7 +62,7 @@ class UserController implements IAuthenticationRequired
 
         $url = $oAuth->getDialogUrl(
             $state,
-            $this->request->getBase() . '/' . \Container::$routeCollection->getRoute('account.googleAuthenticate-action')->generateLink(),
+            $this->request->getBase() . \Container::$routeCollection->getRoute('account.googleAuthenticate-action')->generateLink(),
             $nonce,
             $user->getEmail()
         );
@@ -84,7 +84,7 @@ class UserController implements IAuthenticationRequired
         $oAuth = new GoogleOAuth(new Request());
         $tokenData = $oAuth->getToken(
             $this->request->query('code'),
-            $this->request->getBase() . '/' . \Container::$routeCollection->getRoute('account.googleAuthenticate-action')->generateLink()
+            $this->request->getBase() . \Container::$routeCollection->getRoute('account.googleAuthenticate-action')->generateLink()
         );
 
         if (!isset($tokenData['id_token'])) {
diff --git a/views/account/account.php b/views/account/account.php
index 27e6dcc..f414387 100644
--- a/views/account/account.php
+++ b/views/account/account.php
@@ -5,7 +5,7 @@
 @section(main)
     <h2>Account</h2>
     <div class="box">
-        <form id="accountForm" action="/<?= Container::$routeCollection->getRoute('account-action')->generateLink() ?>" method="post" data-reload-on-success="true" data-observe-inputs="email,username,password_new,password_new_confirm,nickname,phone,id_number">
+        <form id="accountForm" action="<?= Container::$routeCollection->getRoute('account-action')->generateLink() ?>" method="post" data-reload-on-success="true" data-observe-inputs="email,username,password_new,password_new_confirm,nickname,phone,id_number">
             <?php if ($user['password'] !== null && $user['google_sub'] !== null): ?>
                 <p class="justify small">Please confirm your identity with your password or with Google to modify your account.</p>
                 <div class="inputWithButton">
@@ -42,6 +42,6 @@
 
 @section(pageScript)
 <script>
-    var googleAuthenticateUrl = '/<?= Container::$routeCollection->getRoute('account.googleAuthenticate')->generateLink() ?>';
+    var googleAuthenticateUrl = '<?= Container::$routeCollection->getRoute('account.googleAuthenticate')->generateLink() ?>';
 </script>
 @endsection
diff --git a/views/communities/community.php b/views/communities/community.php
index 97f9340..6ce29dc 100644
--- a/views/communities/community.php
+++ b/views/communities/community.php
@@ -1,7 +1,7 @@
 @extends(templates/layout_normal)
 
 @section(main)
-    <h2><?= $community->getName() ?> <span class="small">[<a href="/<?= Container::$routeCollection->getRoute('community-edit')->generateLink(['communityId' => $community->getId()]) ?>">edit</a>]</span></h2>
+    <h2><?= $community->getName() ?> <span class="small">[<a href="<?= Container::$routeCollection->getRoute('community-edit')->generateLink(['communityId' => $community->getId()]) ?>">edit</a>]</span></h2>
 
     <div class="gridContainer marginTop">
         <div>
@@ -11,7 +11,7 @@
             <?php endforeach; ?>
             <?php if ($editPermission): ?>
                 <hr>
-                <p><a href="/<?= Container::$routeCollection->getRoute('community-members')->generateLink(['communityId' => $community->getId()]) ?>">Edit members</a></p>
+                <p><a href="<?= Container::$routeCollection->getRoute('community-members')->generateLink(['communityId' => $community->getId()]) ?>">Edit members</a></p>
             <?php endif; ?>
         </div>
         <div>
diff --git a/views/communities/community_edit.php b/views/communities/community_edit.php
index 2d80483..dba2f97 100644
--- a/views/communities/community_edit.php
+++ b/views/communities/community_edit.php
@@ -8,7 +8,7 @@
             Container::$routeCollection->getRoute('community-edit-action')->generateLink(['communityId' => $community->getId()]) :
             Container::$routeCollection->getRoute('community-new-action')->generateLink();
         ?>
-        <form id="communityForm" action="/<?= $formAction ?>" method="post" data-redirect-on-success="true">
+        <form id="communityForm" action="<?= $formAction ?>" method="post" data-redirect-on-success="true">
             <input type="text" class="text big fullWidth" name="name" placeholder="Name" value="<?= isset($community) ? $community->getName() : '' ?>" required>
             <input type="text" class="text big fullWidth marginTop" name="currency" value="<?= isset($community) ? $community->getCurrency() : '' ?>" placeholder="Default currency" maxlength="3" required>
             <p id="accountFormError" class="formError justify marginTop"></p>
diff --git a/views/communities/community_members.php b/views/communities/community_members.php
index 5db0fbb..ddb9d12 100644
--- a/views/communities/community_members.php
+++ b/views/communities/community_members.php
@@ -34,9 +34,9 @@
 
 @section(pageScript)
 <script>
-    var searchUserUrl = '/<?= Container::$routeCollection->getRoute('searchUser')->generateLink(['q' => 'QUERY']) ?>';
-    var newMemberUrl = '/<?= Container::$routeCollection->getRoute('community-members-new')->generateLink(['communityId' => $community->getId()]) ?>';
-    var editMemberUrl = '/<?= Container::$routeCollection->getRoute('community-members-edit')->generateLink(['communityId' => $community->getId()]) ?>';
-    var deleteMemberUrl = '/<?= Container::$routeCollection->getRoute('community-members-delete')->generateLink(['communityId' => $community->getId()]) ?>';
+    var searchUserUrl = '<?= Container::$routeCollection->getRoute('searchUser')->generateLink(['q' => 'QUERY']) ?>';
+    var newMemberUrl = '<?= Container::$routeCollection->getRoute('community-members-new')->generateLink(['communityId' => $community->getId()]) ?>';
+    var editMemberUrl = '<?= Container::$routeCollection->getRoute('community-members-edit')->generateLink(['communityId' => $community->getId()]) ?>';
+    var deleteMemberUrl = '<?= Container::$routeCollection->getRoute('community-members-delete')->generateLink(['communityId' => $community->getId()]) ?>';
 </script>
 @endsection
diff --git a/views/error/404.php b/views/error/404.php
index 0baa91e..c35d138 100644
--- a/views/error/404.php
+++ b/views/error/404.php
@@ -2,5 +2,5 @@
 
 @section(main)
     <h2>404 | Page not found</h2>
-    <p>The requested URL was not found on this server. <a href="/" title="<?= $_ENV['APP_NAME'] ?>">Back to start.</a></p>
+    <p>The requested URL was not found on this server. <a href="<?= Container::$routeCollection->getRoute('home')->generateLink() ?>" title="<?= $_ENV['APP_NAME'] ?>">Back to start.</a></p>
 @endsection
diff --git a/views/home.php b/views/home.php
index 1a44cec..cc3a6a6 100644
--- a/views/home.php
+++ b/views/home.php
@@ -6,13 +6,13 @@
             <h3 class="marginBottom">Communities</h3>
             <?php if (count($communities) > 0): ?>
                 <?php foreach ($communities as $community): ?>
-                    <p><a href="/<?= Container::$routeCollection->getRoute('community')->generateLink(['communityId' => $community->getId()]) ?>"><?= $community->getName() ?></a></p>
+                    <p><a href="<?= Container::$routeCollection->getRoute('community')->generateLink(['communityId' => $community->getId()]) ?>"><?= $community->getName() ?></a></p>
                 <?php endforeach; ?>
             <?php else: ?>
                 <p>You have no community.</p>
             <?php endif; ?>
             <hr>
-            <p><a href="/<?= Container::$routeCollection->getRoute('community-new')->generateLink() ?>">New community</a></p>
+            <p><a href="<?= Container::$routeCollection->getRoute('community-new')->generateLink() ?>">New community</a></p>
         </div>
         <div>
             <h3 class="marginBottom">Upcoming events</h3>
diff --git a/views/login/login.php b/views/login/login.php
index 3573a1d..5b27647 100644
--- a/views/login/login.php
+++ b/views/login/login.php
@@ -3,17 +3,17 @@
 @section(main)
     <h2>Login</h2>
     <div class="box">
-        <form id="loginForm" action="/<?= Container::$routeCollection->getRoute('login-action')->generateLink() ?>" method="post" data-redirect-on-success="<?= $redirectUrl ?>">
+        <form id="loginForm" action="<?= Container::$routeCollection->getRoute('login-action')->generateLink() ?>" method="post" data-redirect-on-success="<?= $redirectUrl ?>">
             <input type="text" class="text big fullWidth" name="email" placeholder="Email address / Username" required autofocus>
             <input type="password"  class="text big fullWidth marginTop" name="password" placeholder="Password" required minlength="6">
             <p id="loginFormError" class="formError justify marginTop"></p>
             <div class="right marginTop">
                 <button type="submit">Login</button>
             </div>
-            <p class="center marginTop"><a href="/<?= Container::$routeCollection->getRoute('password-requestReset')->generateLink() ?>" title="Request password reset">Forgot your password?</a></p>
+            <p class="center marginTop"><a href="<?= Container::$routeCollection->getRoute('password-requestReset')->generateLink() ?>" title="Request password reset">Forgot your password?</a></p>
             <hr>
             <div class="center">
-                <a class="button yellow" href="/<?= Container::$routeCollection->getRoute('login-google')->generateLink() ?>" title="Login with Google">Login with Google</a>
+                <a class="button yellow" href="<?= Container::$routeCollection->getRoute('login-google')->generateLink() ?>" title="Login with Google">Login with Google</a>
             </div>
         </form>
     </div>
diff --git a/views/login/password_reset_request.php b/views/login/password_reset_request.php
index 466606b..7ae9410 100644
--- a/views/login/password_reset_request.php
+++ b/views/login/password_reset_request.php
@@ -5,7 +5,7 @@
 @section(main)
     <h2>Request password reset</h2>
     <div class="box">
-        <form id="passwordResetForm" action="/<?= Container::$routeCollection->getRoute('password-requestReset-action')->generateLink() ?>" method="post" data-redirect-on-success="/<?= Container::$routeCollection->getRoute('password-requestReset.success')->generateLink() ?>">
+        <form id="passwordResetForm" action="<?= Container::$routeCollection->getRoute('password-requestReset-action')->generateLink() ?>" method="post" data-redirect-on-success="<?= Container::$routeCollection->getRoute('password-requestReset.success')->generateLink() ?>">
             <input type="email" class="text big fullWidth" name="email" placeholder="Email address" value="<?= isset($email) ? $email : '' ?>" required autofocus>
             <?php if (!empty($_ENV['RECAPTCHA_SITEKEY'])): ?>
                 <div class="marginTop">
diff --git a/views/login/reset_password.php b/views/login/reset_password.php
index 49714f1..098ae77 100644
--- a/views/login/reset_password.php
+++ b/views/login/reset_password.php
@@ -4,7 +4,7 @@
     <h2>Reset password</h2>
     <div class="box">
         <?php if ($success) : ?>
-            <form id="resetPasswordForm" action="/<?= Container::$routeCollection->getRoute('password-reset.action')->generateLink(['token' => $token]) ?>"" method="post" data-redirect-on-success="<?= $redirectUrl ?>">
+            <form id="resetPasswordForm" action="<?= Container::$routeCollection->getRoute('password-reset.action')->generateLink(['token' => $token]) ?>"" method="post" data-redirect-on-success="<?= $redirectUrl ?>">
                 <input type="email" class="text big fullWidth" name="email" placeholder="Email address" value="<?= $email ?>" disabled>
                 <input type="password" class="text big fullWidth marginTop" name="password" placeholder="Password" required minlength="6" autofocus>
                 <input type="password" class="text big fullWidth marginTop" name="password_confirm" placeholder="Password confirmation" required minlength="6">
@@ -14,7 +14,7 @@
                 </div>
             </form>
         <?php else: ?>
-            <p class="error justify">Confirming your identity failed. Please check the link you entered, or retry <a href="/<?= Container::$routeCollection->getRoute('password-requestReset')->generateLink() ?>" title="Request password reset">requesting password reset</a>!</p>
+            <p class="error justify">Confirming your identity failed. Please check the link you entered, or retry <a href="<?= Container::$routeCollection->getRoute('password-requestReset')->generateLink() ?>" title="Request password reset">requesting password reset</a>!</p>
         <?php endif; ?>
     </div>
 @endsection
diff --git a/views/templates/layout_normal.php b/views/templates/layout_normal.php
index aa33e81..cb3a248 100644
--- a/views/templates/layout_normal.php
+++ b/views/templates/layout_normal.php
@@ -3,21 +3,21 @@
 @section(content)
 <header>
     <h1>
-        <a href="/" title="<?= $_ENV['APP_NAME'] ?>">
+        <a href="<?= Container::$routeCollection->getRoute('home')->generateLink() ?>" title="<?= $_ENV['APP_NAME'] ?>">
             <img class="inline" width="1em" height="1em" src="<?= $_ENV['STATIC_ROOT'] ?>/img/icon.svg?rev=<?= REVISION ?>" alt="<?= $_ENV['APP_NAME'] ?>"><!--
          --><span><?= $_ENV['APP_NAME'] ?></span>
         </a>
     </h1>
     <p>
         <?php if (Container::$request->user()) : ?>
-            <span><a href="/<?= Container::$routeCollection->getRoute('account')->generateLink() ?>" title="Account">
+            <span><a href="<?= Container::$routeCollection->getRoute('account')->generateLink() ?>" title="Account">
                 <?php /* Copyright (c) 2019 The Bootstrap Authors. License can be found in 'USED_SOFTWARE' in section 'Bootstrap Icons'. */ ?>
                 <svg class="inline" width="1em" height="1em" viewBox="0 0 16 16" fill="currentColor" xmlns="http://www.w3.org/2000/svg">
                     <path fill-rule="evenodd" d="M3 14s-1 0-1-1 1-4 6-4 6 3 6 4-1 1-1 1H3zm5-6a3 3 0 1 0 0-6 3 3 0 0 0 0 6z"/>
                 </svg><!--
              --><?= Container::$request->user()->getDisplayName() ?><!--
             --></a></span><!--
-            --><span><a href="/<?= Container::$routeCollection->getRoute('logout')->generateLink() ?>" title="Logout">Logout</a></span>
+            --><span><a href="<?= Container::$routeCollection->getRoute('logout')->generateLink() ?>" title="Logout">Logout</a></span>
         <?php endif; ?>
     </p>
 </header>
diff --git a/web.php b/web.php
index 1d35292..0438ea9 100644
--- a/web.php
+++ b/web.php
@@ -1,5 +1,7 @@
 <?php
 
+use SokoWeb\Response\HttpResponse;
+
 require 'app.php';
 
 if (!empty($_ENV['DEV'])) {
@@ -77,11 +79,6 @@ if (isset($_COOKIE[session_name()])) {
     ]);
 }
 
-// this is needed to handle old type of session IDs
-if (!Container::$sessionHandler->validateId(session_id())) {
-    session_regenerate_id(true);
-}
-
 Container::$request = new SokoWeb\Request\Request(
     $_SERVER['REQUEST_SCHEME'] . '://' . $_SERVER['HTTP_HOST'],
     $_GET,
@@ -95,5 +92,19 @@ if (!Container::$request->session()->has('anti_csrf_token')) {
     Container::$request->session()->set('anti_csrf_token', bin2hex(random_bytes(16)));
 }
 
-//TODO: make a nicer logic
-$antiCsrfTokenExceptions = ['oauth/token'];
+$appConfig = [
+    'antiCsrfTokenName' => 'anti_csrf_token',
+    'antiCsrfTokenErrorResponse' => ['error' => 'no_valid_anti_csrf_token'],
+    'antiCsrfTokenExceptions' => ['oauth/token'],
+    'loginRouteId' => 'login',
+    'error404View' => 'error/404'
+];
+
+$httpReponse = new HttpResponse(
+    Container::$request,
+    Container::$routeCollection,
+    $appConfig,
+    $_SERVER['REQUEST_METHOD'],
+    $_SERVER['REQUEST_URI']
+);
+$httpReponse->render();
-- 
2.45.2


From 41933ec510a081e763a1d3a0798991ceaca31d9f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?P=C5=91cze=20Bence?= <bence@pocze.ch>
Date: Sun, 16 Apr 2023 20:54:49 +0200
Subject: [PATCH 2/3] update soko-web to 0.4

---
 composer.json | 2 +-
 composer.lock | 8 ++++----
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/composer.json b/composer.json
index 9575416..cf8a1b3 100644
--- a/composer.json
+++ b/composer.json
@@ -10,7 +10,7 @@
     }
   ],
   "require": {
-    "esoko/soko-web": "0.3",
+    "esoko/soko-web": "0.4",
     "firebase/php-jwt": "^6.4"
   },
   "require-dev": {
diff --git a/composer.lock b/composer.lock
index 5701037..bd27b77 100644
--- a/composer.lock
+++ b/composer.lock
@@ -4,15 +4,15 @@
         "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies",
         "This file is @generated automatically"
     ],
-    "content-hash": "64c21f0e5181bd39d8977af72e2aeddc",
+    "content-hash": "f7786e07bcb0373560ae67549fa28f0b",
     "packages": [
         {
             "name": "esoko/soko-web",
-            "version": "v0.3",
+            "version": "v0.4",
             "source": {
                 "type": "git",
                 "url": "https://git.esoko.eu/esoko/soko-web.git",
-                "reference": "014a5480967c03c00dda5ee34c7eaf4be224b96e"
+                "reference": "948b36c80d324e07339a543d97b9e629487f3a45"
             },
             "require": {
                 "phpmailer/phpmailer": "^6.8",
@@ -33,7 +33,7 @@
                 "GNU GPL 3.0"
             ],
             "description": "Lightweight web framework",
-            "time": "2023-04-16T14:54:22+00:00"
+            "time": "2023-04-16T18:52:06+00:00"
         },
         {
             "name": "firebase/php-jwt",
-- 
2.45.2


From a7d3942d1f887db205ce613107f99d636239cd41 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?P=C5=91cze=20Bence?= <bence@pocze.ch>
Date: Sun, 16 Apr 2023 21:14:56 +0200
Subject: [PATCH 3/3] use classes at beginning of web.php

---
 web.php | 94 ++++++++++++++++++++++++++++++++-------------------------
 1 file changed, 53 insertions(+), 41 deletions(-)

diff --git a/web.php b/web.php
index 0438ea9..3cd456b 100644
--- a/web.php
+++ b/web.php
@@ -1,6 +1,18 @@
 <?php
 
+use Container;
 use SokoWeb\Response\HttpResponse;
+use SokoWeb\Routing\RouteCollection;
+use SokoWeb\Session\DatabaseSessionHandler;
+use SokoWeb\Request\Request;
+use RVR\Controller\HomeController;
+use RVR\Controller\LoginController;
+use RVR\Controller\OAuthAuthController;
+use RVR\Controller\OAuthController;
+use RVR\Controller\UserController;
+use RVR\Controller\UserSearchController;
+use RVR\Controller\CommunityController;
+use RVR\Repository\UserRepository;
 
 require 'app.php';
 
@@ -12,53 +24,53 @@ if (!empty($_ENV['DEV'])) {
     ini_set('display_errors', '0');
 }
 
-Container::$routeCollection = new SokoWeb\Routing\RouteCollection();
+Container::$routeCollection = new RouteCollection();
 
-Container::$routeCollection->get('home', '', [RVR\Controller\HomeController::class, 'getHome']);
-Container::$routeCollection->get('startSession', 'startSession.json', [RVR\Controller\HomeController::class, 'startSession']);
-Container::$routeCollection->group('login', function (SokoWeb\Routing\RouteCollection $routeCollection) {
-    $routeCollection->get('login', '', [RVR\Controller\LoginController::class, 'getLoginForm']);
-    $routeCollection->post('login-action', '', [RVR\Controller\LoginController::class, 'login']);
-    $routeCollection->get('login-google', 'google', [RVR\Controller\LoginController::class, 'getGoogleLoginRedirect']);
-    $routeCollection->get('login-google-action', 'google/code', [RVR\Controller\LoginController::class, 'loginWithGoogle']);
+Container::$routeCollection->get('home', '', [HomeController::class, 'getHome']);
+Container::$routeCollection->get('startSession', 'startSession.json', [HomeController::class, 'startSession']);
+Container::$routeCollection->group('login', function (RouteCollection $routeCollection) {
+    $routeCollection->get('login', '', [LoginController::class, 'getLoginForm']);
+    $routeCollection->post('login-action', '', [LoginController::class, 'login']);
+    $routeCollection->get('login-google', 'google', [LoginController::class, 'getGoogleLoginRedirect']);
+    $routeCollection->get('login-google-action', 'google/code', [LoginController::class, 'loginWithGoogle']);
 });
-Container::$routeCollection->group('oauth', function (SokoWeb\Routing\RouteCollection $routeCollection) {
-    $routeCollection->get('oauth-auth', 'auth', [RVR\Controller\OAuthAuthController::class, 'auth']);
-    $routeCollection->post('oauth-token', 'token', [RVR\Controller\OAuthController::class, 'getToken']);
-    $routeCollection->get('oauth-userinfo', 'userinfo', [RVR\Controller\OAuthController::class, 'getUserInfo']);
-    $routeCollection->get('oauth-config', '.well-known/openid-configuration', [RVR\Controller\OAuthController::class, 'getConfig']);
-    $routeCollection->get('oauth-certs', 'certs', [RVR\Controller\OAuthController::class, 'getCerts']);
+Container::$routeCollection->group('oauth', function (RouteCollection $routeCollection) {
+    $routeCollection->get('oauth-auth', 'auth', [OAuthAuthController::class, 'auth']);
+    $routeCollection->post('oauth-token', 'token', [OAuthController::class, 'getToken']);
+    $routeCollection->get('oauth-userinfo', 'userinfo', [OAuthController::class, 'getUserInfo']);
+    $routeCollection->get('oauth-config', '.well-known/openid-configuration', [OAuthController::class, 'getConfig']);
+    $routeCollection->get('oauth-certs', 'certs', [OAuthController::class, 'getCerts']);
 });
-Container::$routeCollection->group('password', function (SokoWeb\Routing\RouteCollection $routeCollection) {
-    $routeCollection->get('password-requestReset', 'requestReset', [RVR\Controller\LoginController::class, 'getRequestPasswordResetForm']);
-    $routeCollection->post('password-requestReset-action', 'requestReset', [RVR\Controller\LoginController::class, 'requestPasswordReset']);
-    $routeCollection->get('password-requestReset.success', 'requestReset/success', [RVR\Controller\LoginController::class, 'getRequestPasswordResetSuccess']);
-    $routeCollection->get('password-reset', 'reset/{token}', [RVR\Controller\LoginController::class, 'getResetPasswordForm']);
-    $routeCollection->post('password-reset.action', 'reset/{token}', [RVR\Controller\LoginController::class, 'resetPassword']);
+Container::$routeCollection->group('password', function (RouteCollection $routeCollection) {
+    $routeCollection->get('password-requestReset', 'requestReset', [LoginController::class, 'getRequestPasswordResetForm']);
+    $routeCollection->post('password-requestReset-action', 'requestReset', [LoginController::class, 'requestPasswordReset']);
+    $routeCollection->get('password-requestReset.success', 'requestReset/success', [LoginController::class, 'getRequestPasswordResetSuccess']);
+    $routeCollection->get('password-reset', 'reset/{token}', [LoginController::class, 'getResetPasswordForm']);
+    $routeCollection->post('password-reset.action', 'reset/{token}', [LoginController::class, 'resetPassword']);
 });
-Container::$routeCollection->get('logout', 'logout', [RVR\Controller\LoginController::class, 'logout']);
-Container::$routeCollection->group('account', function (SokoWeb\Routing\RouteCollection $routeCollection) {
-    $routeCollection->get('account', '', [RVR\Controller\UserController::class, 'getAccount']);
-    $routeCollection->post('account-action', '', [RVR\Controller\UserController::class, 'saveAccount']);
-    $routeCollection->get('account.googleAuthenticate', 'googleAuthenticate', [RVR\Controller\UserController::class, 'getGoogleAuthenticateRedirect']);
-    $routeCollection->get('account.googleAuthenticate-action', 'googleAuthenticate/code', [RVR\Controller\UserController::class, 'authenticateWithGoogle']);
+Container::$routeCollection->get('logout', 'logout', [LoginController::class, 'logout']);
+Container::$routeCollection->group('account', function (RouteCollection $routeCollection) {
+    $routeCollection->get('account', '', [UserController::class, 'getAccount']);
+    $routeCollection->post('account-action', '', [UserController::class, 'saveAccount']);
+    $routeCollection->get('account.googleAuthenticate', 'googleAuthenticate', [UserController::class, 'getGoogleAuthenticateRedirect']);
+    $routeCollection->get('account.googleAuthenticate-action', 'googleAuthenticate/code', [UserController::class, 'authenticateWithGoogle']);
 });
-Container::$routeCollection->get('searchUser', 'searchUser', [RVR\Controller\UserSearchController::class, 'searchUser']);
-Container::$routeCollection->group('communities', function (SokoWeb\Routing\RouteCollection $routeCollection) {
-    $routeCollection->get('community-new', 'new', [RVR\Controller\CommunityController::class, 'getCommunityNew']);
-    $routeCollection->post('community-new-action', 'new', [RVR\Controller\CommunityController::class, 'saveCommunity']);
-    $routeCollection->group('{communityId}', function (SokoWeb\Routing\RouteCollection $routeCollection) {
-        $routeCollection->get('community', '', [RVR\Controller\CommunityController::class, 'getCommunityHome']);
-        $routeCollection->get('community-edit', 'edit', [RVR\Controller\CommunityController::class, 'getCommunityEdit']);
-        $routeCollection->post('community-edit-action', 'edit', [RVR\Controller\CommunityController::class, 'saveCommunity']);
-        $routeCollection->get('community-members', 'members', [RVR\Controller\CommunityController::class, 'getMembersEdit']);
-        $routeCollection->post('community-members-new', 'newMember', [RVR\Controller\CommunityController::class, 'newMember']);
-        $routeCollection->post('community-members-edit', 'editMember', [RVR\Controller\CommunityController::class, 'editMember']);
-        $routeCollection->post('community-members-delete', 'deleteMember', [RVR\Controller\CommunityController::class, 'deleteMember']);
+Container::$routeCollection->get('searchUser', 'searchUser', [UserSearchController::class, 'searchUser']);
+Container::$routeCollection->group('communities', function (RouteCollection $routeCollection) {
+    $routeCollection->get('community-new', 'new', [CommunityController::class, 'getCommunityNew']);
+    $routeCollection->post('community-new-action', 'new', [CommunityController::class, 'saveCommunity']);
+    $routeCollection->group('{communityId}', function (RouteCollection $routeCollection) {
+        $routeCollection->get('community', '', [CommunityController::class, 'getCommunityHome']);
+        $routeCollection->get('community-edit', 'edit', [CommunityController::class, 'getCommunityEdit']);
+        $routeCollection->post('community-edit-action', 'edit', [CommunityController::class, 'saveCommunity']);
+        $routeCollection->get('community-members', 'members', [CommunityController::class, 'getMembersEdit']);
+        $routeCollection->post('community-members-new', 'newMember', [CommunityController::class, 'newMember']);
+        $routeCollection->post('community-members-edit', 'editMember', [CommunityController::class, 'editMember']);
+        $routeCollection->post('community-members-delete', 'deleteMember', [CommunityController::class, 'deleteMember']);
     });
 });
 
-Container::$sessionHandler = new SokoWeb\Session\DatabaseSessionHandler();
+Container::$sessionHandler = new DatabaseSessionHandler();
 
 session_set_save_handler(Container::$sessionHandler, true);
 session_start([
@@ -79,13 +91,13 @@ if (isset($_COOKIE[session_name()])) {
     ]);
 }
 
-Container::$request = new SokoWeb\Request\Request(
+Container::$request = new Request(
     $_SERVER['REQUEST_SCHEME'] . '://' . $_SERVER['HTTP_HOST'],
     $_GET,
     $_POST,
     getallheaders(),
     $_SESSION,
-    new RVR\Repository\UserRepository()
+    new UserRepository()
 );
 
 if (!Container::$request->session()->has('anti_csrf_token')) {
-- 
2.45.2