wire user texts routes and update seed

open POST /api/texts and node create endpoints to any
authenticated user; expose new /texts and /texts/{id} pages
plus admin-only GET /api/texts/all. ViewController gains
userTexts and userText methods. seed gives Tanach to the
regular user and adds a second non-admin user.

app/View/ViewController.php

@@ -30,6 +30,26 @@ class ViewController
         return $response;
     }
 
+    public function userTexts(Response $response): Response
+    {
+        $html = file_get_contents(
+            __DIR__ . '/../../views/templates/userTexts.php'
+        );
+        $response->getBody()->write($html);
+
+        return $response;
+    }
+
+    public function userText(Response $response): Response
+    {
+        $html = file_get_contents(
+            __DIR__ . '/../../views/templates/userText.php'
+        );
+        $response->getBody()->write($html);
+
+        return $response;
+    }
+
     public function home(Response $response): Response
     {
         $html = file_get_contents(__DIR__ . '/../../views/templates/home.php', true);

bootstrap/app.php

@@ -29,20 +29,28 @@ $app->post('/api/auth/register', [AuthController::class, 'register']);
 $app->group('', function (RouteCollectorProxy $group) {
     $group->get('/home', [ViewController::class, 'home']);
     $group->get('/today', [ViewController::class, 'today']);
+    $group->get('/texts', [ViewController::class, 'userTexts']);
+    $group->get('/texts/{textId}', [ViewController::class, 'userText']);
 
     $group->post('/api/auth/logout', [AuthController::class, 'logout']);
     $group->get('/api/auth/me', [AuthController::class, 'me']);
 
-    $group->get('/api/texts', [TextController::class, 'getTexts']);
+    $group->get('/api/texts', [TextController::class, 'getMyTexts']);
     $group->get(
         '/api/texts/{textId}',
         [TextController::class, 'getText']
     );
+    $group->post('/api/texts', [TextController::class, 'createText']);
 
     $group->get(
         '/api/nodes/{textId}',
         [NodeController::class, 'getNodesOfText']
     );
+    $group->post('/api/nodes', [NodeController::class, 'createNode']);
+    $group->post(
+        '/api/nodes/bulk',
+        [NodeController::class, 'bulkCreateNodes']
+    );
 
     $group->post('/api/plans', [PlanController::class, 'createPlan']);
 
@@ -61,12 +69,7 @@ $app->group('', function (RouteCollectorProxy $group) {
         [ViewController::class, 'text']
     );
 
-    $group->post('/api/texts', [TextController::class, 'createText']);
+    $group->get('/api/texts/all', [TextController::class, 'getAllTexts']);
-    $group->post(
-        '/api/nodes/bulk',
-        [NodeController::class, 'bulkCreateNodes']
-    );
-    $group->post('/api/nodes', [NodeController::class, 'createNode']);
 })->add(AdminMiddleware::class)->add(AuthMiddleware::class);
 
 return $app;

data/seedDb.php

@@ -4,6 +4,7 @@ $texts = [
     [
         'id' => 0,
         'name' => 'Tanach',
+        'userId' => 1,
     ],
 ];
 
@@ -31,6 +32,7 @@ $nodes = [
 // Default credentials:
 //   admin@example.com / admin1234 (admin)
 //   user@example.com  / password1 (regular user)
+//   user2@example.com / password2 (second regular user, no texts seeded)
 $users = [
     [
         'id' => 0,
@@ -44,6 +46,12 @@ $users = [
         'passwordHash' => password_hash('password1', PASSWORD_DEFAULT),
         'isAdmin' => false,
     ],
+    [
+        'id' => 2,
+        'email' => 'user2@example.com',
+        'passwordHash' => password_hash('password2', PASSWORD_DEFAULT),
+        'isAdmin' => false,
+    ],
 ];
 
 $plans = [];