yisroelbaum/Goal-Calibration
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

add auth controller

Browse source
This commit is contained in:
Yisroel Baum 2026-04-24 13:28:22 +03:00
parent edfe7259a3
commit c9d5ad37b8
Signed by: yisroelbaum
GPG key ID: 0FA60884F75520A9
1 changed files with 166 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

166
app/Auth/AuthController.php Normal file
View file

@ -0,0 +1,166 @@
<?php
namespace App\Auth;
use App\Auth\UseCases\CreateSession;
use App\Exceptions\BadRequestException;
use App\Exceptions\UnauthorizedException;
use App\User\UseCases\AuthenticateUser;
use App\User\UseCases\AuthenticateUserRequest;
use App\User\UseCases\CreateUser;
use App\User\UseCases\CreateUserRequest;
use App\User\User;
use Psr\Http\Message\ResponseInterface as Response;
use Psr\Http\Message\ServerRequestInterface as Request;
class AuthController
{
private const COOKIE_MAX_AGE = 7 * 24 * 60 * 60;
public function login(
Request $request,
Response $response,
AuthenticateUser $authenticateUser,
CreateSession $createSession,
): Response {
$data = $this->parseBody($request);
try {
$user = $authenticateUser->execute(
new AuthenticateUserRequest(
email: $data['email'] ?? null,
password: $data['password'] ?? null,
)
);
} catch (BadRequestException $exception) {
return $this->errorResponse(
$response,
400,
$exception->getMessage()
);
} catch (UnauthorizedException $exception) {
return $this->errorResponse(
$response,
401,
$exception->getMessage()
);
}
$session = $createSession->execute($user);
return $this->userResponse($response, $user)
->withHeader(
'Set-Cookie',
$this->buildSetCookie($session->getToken())
);
}
public function register(
Request $request,
Response $response,
CreateUser $createUser,
CreateSession $createSession,
): Response {
$data = $this->parseBody($request);
try {
$user = $createUser->execute(new CreateUserRequest(
email: $data['email'] ?? null,
password: $data['password'] ?? null,
isAdmin: false,
));
} catch (BadRequestException $exception) {
return $this->errorResponse(
$response,
400,
$exception->getMessage()
);
}
$session = $createSession->execute($user);
return $this->userResponse($response, $user)
->withHeader(
'Set-Cookie',
$this->buildSetCookie($session->getToken())
);
}
public function logout(
Request $request,
Response $response,
SessionRepository $sessionRepo,
): Response {
$cookies = $request->getCookieParams();
$token = $cookies[AuthMiddleware::COOKIE_NAME] ?? null;
if ($token !== null) {
$sessionRepo->deleteByToken($token);
}
return $response->withStatus(204)
->withHeader('Set-Cookie', $this->buildClearCookie());
}
public function me(Request $request, Response $response): Response
{
$user = $request->getAttribute('user');
if (!$user instanceof User) {
return $this->errorResponse(
$response,
401,
'unauthenticated'
);
}
return $this->userResponse($response, $user);
}
private function parseBody(Request $request): array
{
return json_decode((string) $request->getBody(), true) ?? [];
}
private function userResponse(Response $response, User $user): Response
{
$response->getBody()->write(json_encode([
'user' => [
'id' => $user->getId(),
'email' => (string) $user->getEmail(),
'isAdmin' => $user->isAdmin(),
],
]));
return $response->withHeader(
'Content-Type',
'application/json'
);
}
private function errorResponse(
Response $response,
int $status,
string $message,
): Response {
$response->getBody()->write(
json_encode(['error' => $message])
);
return $response->withStatus($status)
->withHeader('Content-Type', 'application/json');
}
private function buildSetCookie(string $token): string
{
$maxAge = self::COOKIE_MAX_AGE;
return AuthMiddleware::COOKIE_NAME . '=' . $token
. '; Path=/; HttpOnly; SameSite=Lax; Max-Age=' . $maxAge;
}
private function buildClearCookie(): string
{
return AuthMiddleware::COOKIE_NAME . '=;'
. ' Path=/; HttpOnly; SameSite=Lax; Max-Age=0';
}
}