yisroelbaum/Rabbi_Gerzi
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Compare commits

base: yisroelbaum:babf9eb85588144596621cf81cdedd297a308167
Branches Tags
yisroelbaum:master
..
compare: yisroelbaum:73f24e7132488d3af9317dff8b6b5aae5c5d0808
Branches Tags
yisroelbaum:master

No commits in common. "babf9eb85588144596621cf81cdedd297a308167" and "73f24e7132488d3af9317dff8b6b5aae5c5d0808" have entirely different histories.
babf9eb855 ... 73f24e7132

27 changed files with 9 additions and 2703 deletions
Download patch file Download diff file Expand all files Collapse all files

1
.gitignore vendored
View file

@ -1,4 +1,3 @@
/.direnv/ /.direnv/
/.reference/ /.reference/
/backend/.phpunit.cache/ /backend/.phpunit.cache/
/.postgres/

5
backend/.env.example
View file

@ -1,5 +0,0 @@
DB_HOST=127.0.0.1
DB_PORT=5432
DB_NAME=rabbigerzi
DB_USER=postgres
DB_PASSWORD=

1
backend/.gitignore vendored
View file

@ -1,3 +1,2 @@
vendor/ vendor/
.phpunit.cache/ .phpunit.cache/
.env

64
backend/app/Auth/PostgresSessionRepository.php
View file

@ -1,64 +0,0 @@
<?php
namespace App\Auth;
use App\Database\SessionModel;
use App\Shared\ValueObject\EmailAddress;
use App\User\User;
class PostgresSessionRepository implements SessionRepository
{
public function create(CreateSessionDto $dto): Session
{
$record = SessionModel::create([
'token' => $dto->token,
'user_id' => $dto->user->getId(),
'created_at' => $dto->createdAt->format('Y-m-d H:i:s'),
'expires_at' => $dto->expiresAt->format('Y-m-d H:i:s'),
]);
return new Session(
token: $record->token,
user: $dto->user,
createdAt: $dto->createdAt,
expiresAt: $dto->expiresAt,
);
}
public function findByToken(string $token): ?Session
{
$record = SessionModel::where('token', $token)->first();
if ($record === null) {
return null;
}
$userRecord = $record->user;
if ($userRecord === null) {
return null;
}
$user = new User(
id: $userRecord->id,
email: new EmailAddress($userRecord->email),
passwordHash: $userRecord->password_hash,
);
return new Session(
token: $record->token,
user: $user,
createdAt: $record->created_at instanceof \DateTimeImmutable
? $record->created_at
: new \DateTimeImmutable($record->created_at->format('Y-m-d H:i:s')),
expiresAt: $record->expires_at instanceof \DateTimeImmutable
? $record->expires_at
: new \DateTimeImmutable($record->expires_at->format('Y-m-d H:i:s')),
);
}
public function deleteByToken(string $token): void
{
SessionModel::where('token', $token)->delete();
}
}

40
backend/app/Middleware/CorsMiddleware.php
View file

@ -1,40 +0,0 @@
<?php
namespace App\Middleware;
use Psr\Http\Message\ResponseInterface;
use Psr\Http\Message\ServerRequestInterface;
use Psr\Http\Server\MiddlewareInterface;
use Psr\Http\Server\RequestHandlerInterface;
use Slim\Psr7\Response;
class CorsMiddleware implements MiddlewareInterface
{
private const ALLOWED_ORIGIN = 'http://localhost:5173';
public function process(
ServerRequestInterface $request,
RequestHandlerInterface $handler,
): ResponseInterface {
if ($request->getMethod() === 'OPTIONS') {
return $this->withCorsHeaders(new Response(204));
}
return $this->withCorsHeaders($handler->handle($request));
}
private function withCorsHeaders(ResponseInterface $response): ResponseInterface
{
return $response
->withHeader('Access-Control-Allow-Origin', self::ALLOWED_ORIGIN)
->withHeader('Access-Control-Allow-Credentials', 'true')
->withHeader(
'Access-Control-Allow-Headers',
'Content-Type, Authorization',
)
->withHeader(
'Access-Control-Allow-Methods',
'GET, POST, OPTIONS',
);
}
}

53
backend/app/User/PostgresUserRepository.php
View file

@ -1,53 +0,0 @@
<?php
namespace App\User;
use App\Database\UserModel;
use App\Shared\ValueObject\EmailAddress;
class PostgresUserRepository implements UserRepository
{
public function create(CreateUserDto $dto): User
{
$record = UserModel::create([
'email' => $dto->email->value(),
'password_hash' => $dto->passwordHash,
]);
return new User(
id: $record->id,
email: new EmailAddress($record->email),
passwordHash: $record->password_hash,
);
}
public function findByEmail(EmailAddress $email): ?User
{
$record = UserModel::where('email', $email->value())->first();
if ($record === null) {
return null;
}
return new User(
id: $record->id,
email: new EmailAddress($record->email),
passwordHash: $record->password_hash,
);
}
public function find(int $id): ?User
{
$record = UserModel::find($id);
if ($record === null) {
return null;
}
return new User(
id: $record->id,
email: new EmailAddress($record->email),
passwordHash: $record->password_hash,
);
}
}

46
backend/bin/migrate
View file

@ -1,46 +0,0 @@
#!/usr/bin/env php
<?php
use App\Database\Migration;
(static function (): void {
$root = dirname(__DIR__);
require $root . '/vendor/autoload.php';
$dotenv = Dotenv\Dotenv::createImmutable($root);
$dotenv->safeLoad();
require $root . '/config/database.php';
$migrationsDir = $root . '/database/migrations';
$files = glob($migrationsDir . '/*.php');
if ($files === false || $files === []) {
echo "No migration files found.\n";
exit(0);
}
sort($files);
foreach ($files as $file) {
$className = require $file;
if (! class_exists($className)) {
echo "Migration file {$file} did not define class {$className}\n";
exit(1);
}
$migration = new $className();
if (! $migration instanceof Migration) {
echo "Class {$className} must extend " . Migration::class . "\n";
exit(1);
}
echo "Running {$className}...\n";
$migration->up();
}
echo "Done.\n";
})();

40
backend/bin/seed
View file

@ -1,40 +0,0 @@
#!/usr/bin/env php
<?php
use App\Auth\PasswordHasher;
use App\Shared\ValueObject\EmailAddress;
use App\User\CreateUserDto;
use App\User\UserRepository;
(static function (): void {
$root = dirname(__DIR__);
require $root . '/vendor/autoload.php';
$dotenv = Dotenv\Dotenv::createImmutable($root);
$dotenv->safeLoad();
require $root . '/config/database.php';
$container = require $root . '/config/container.php';
$userRepo = $container->get(UserRepository::class);
$hasher = $container->get(PasswordHasher::class);
$seedEmail = 'admin@rabbigerzi.test';
$seedPassword = 'password';
$email = new EmailAddress($seedEmail);
if ($userRepo->findByEmail($email) !== null) {
echo "Seed user {$seedEmail} already exists, skipping.\n";
exit(0);
}
$userRepo->create(new CreateUserDto(
email: $email,
passwordHash: $hasher->hash($seedPassword),
));
echo "Created seed user {$seedEmail} / {$seedPassword}\n";
})();

30
backend/bin/serve
View file

@ -1,30 +0,0 @@
#!/usr/bin/env bash
set -e
REPO_ROOT="$(git rev-parse --show-toplevel 2>/dev/null || pwd)"
export PGDATA="${PGDATA:-$REPO_ROOT/.postgres}"
export PGHOST="${PGHOST:-$PGDATA}"
export PGUSER="${PGUSER:-postgres}"
export PGDATABASE="${PGDATABASE:-rabbigerzi}"
export DB_HOST="${DB_HOST:-127.0.0.1}"
export DB_PORT="${DB_PORT:-5432}"
export DB_NAME="${DB_NAME:-rabbigerzi}"
export DB_USER="${DB_USER:-postgres}"
export DB_PASSWORD="${DB_PASSWORD:-}"
echo "[serve] waiting for postgres..."
until pg_isready -h "$PGHOST" -q 2>/dev/null; do
sleep 1
done
echo "[serve] creating database if it does not exist..."
createdb --no-password "$PGDATABASE" 2>/dev/null || echo "[serve] database already exists"
echo "[serve] running migrations..."
php "$REPO_ROOT/backend/bin/migrate"
echo "[serve] seeding..."
php "$REPO_ROOT/backend/bin/seed"
echo "[serve] starting PHP dev server..."
exec php -S 127.0.0.1:8000 -t "$REPO_ROOT/backend/public/" "$REPO_ROOT/backend/public/index.php"

7
backend/composer.json
View file

@ -2,8 +2,7 @@
"name": "pilzno/rabbigerzi", "name": "pilzno/rabbigerzi",
"autoload": { "autoload": {
"psr-4": { "psr-4": {
"App\\": "app/", "App\\": "app/"
"App\\Database\\": "database/"
} }
}, },
"autoload-dev": { "autoload-dev": {
@ -20,9 +19,7 @@
"require": { "require": {
"slim/slim": "4.*", "slim/slim": "4.*",
"slim/psr7": "^1.8", "slim/psr7": "^1.8",
"php-di/slim-bridge": "^3.4", "php-di/slim-bridge": "^3.4"
"illuminate/database": "^13.9",
"vlucas/phpdotenv": "^5.6"
}, },
"require-dev": { "require-dev": {
"phpunit/phpunit": "^13.1" "phpunit/phpunit": "^13.1"

1928
backend/composer.lock generated
View file

File diff suppressed because it is too large Load diff

9
backend/config/container.php
View file

@ -3,9 +3,7 @@
use App\Auth\BcryptPasswordHasher; use App\Auth\BcryptPasswordHasher;
use App\Auth\Clock; use App\Auth\Clock;
use App\Auth\PasswordHasher; use App\Auth\PasswordHasher;
use App\Auth\PostgresSessionRepository;
use App\Auth\RandomTokenGenerator; use App\Auth\RandomTokenGenerator;
use App\Auth\SessionRepository;
use App\Auth\SystemClock; use App\Auth\SystemClock;
use App\Auth\TokenGenerator; use App\Auth\TokenGenerator;
use App\Auth\UseCases\AuthenticateUser\AuthenticateUser; use App\Auth\UseCases\AuthenticateUser\AuthenticateUser;
@ -13,9 +11,8 @@ use App\Auth\UseCases\CreateSession\CreateSession;
use App\Auth\UseCases\Logout\Logout; use App\Auth\UseCases\Logout\Logout;
use App\Controllers\AuthController; use App\Controllers\AuthController;
use App\Middleware\AuthMiddleware; use App\Middleware\AuthMiddleware;
use App\User\PostgresUserRepository;
use App\User\UserRepository;
use DI\ContainerBuilder; use DI\ContainerBuilder;
use Psr\Container\ContainerInterface;
$builder = new ContainerBuilder(); $builder = new ContainerBuilder();
@ -26,10 +23,6 @@ $builder->addDefinitions([
TokenGenerator::class => DI\create(RandomTokenGenerator::class), TokenGenerator::class => DI\create(RandomTokenGenerator::class),
Clock::class => DI\create(SystemClock::class), Clock::class => DI\create(SystemClock::class),
// Repositories
UserRepository::class => DI\create(PostgresUserRepository::class),
SessionRepository::class => DI\create(PostgresSessionRepository::class),
// Use cases // Use cases
AuthenticateUser::class => DI\autowire(), AuthenticateUser::class => DI\autowire(),
CreateSession::class => DI\autowire(), CreateSession::class => DI\autowire(),

20
backend/config/database.php
View file

@ -1,20 +0,0 @@
<?php
use Illuminate\Database\Capsule\Manager as Capsule;
$capsule = new Capsule();
$capsule->addConnection([
'driver' => 'pgsql',
'host' => $_ENV['DB_HOST'],
'port' => $_ENV['DB_PORT'],
'database' => $_ENV['DB_NAME'],
'username' => $_ENV['DB_USER'],
'password' => $_ENV['DB_PASSWORD'],
'charset' => 'utf8',
]);
$capsule->setAsGlobal();
$capsule->bootEloquent();
return $capsule;

3
backend/config/routes.php
View file

@ -2,14 +2,11 @@
use App\Controllers\AuthController; use App\Controllers\AuthController;
use App\Middleware\AuthMiddleware; use App\Middleware\AuthMiddleware;
use App\Middleware\CorsMiddleware;
use Slim\App; use Slim\App;
use Slim\Routing\RouteCollectorProxy; use Slim\Routing\RouteCollectorProxy;
return function (App $app): void { return function (App $app): void {
$app->add(CorsMiddleware::class);
$app->get('/me', [AuthController::class, 'me']) $app->get('/me', [AuthController::class, 'me'])
->add(AuthMiddleware::class); ->add(AuthMiddleware::class);

18
backend/database/Migration.php
View file

@ -1,18 +0,0 @@
<?php
namespace App\Database;
use Illuminate\Database\Capsule\Manager as Capsule;
use Illuminate\Database\Schema\Builder;
abstract class Migration
{
abstract public function up(): void;
abstract public function down(): void;
protected function schema(): Builder
{
return Capsule::schema();
}
}

34
backend/database/SessionModel.php
View file

@ -1,34 +0,0 @@
<?php
namespace App\Database;
use Illuminate\Database\Eloquent\Model;
use Illuminate\Database\Eloquent\Relations\BelongsTo;
class SessionModel extends Model
{
protected $table = 'sessions';
public $timestamps = false;
protected $primaryKey = 'token';
public $incrementing = false;
protected $fillable = [
'token',
'user_id',
'expires_at',
'created_at',
];
protected $casts = [
'expires_at' => 'datetime',
'created_at' => 'datetime',
];
public function user(): BelongsTo
{
return $this->belongsTo(UserModel::class, 'user_id');
}
}

21
backend/database/UserModel.php
View file

@ -1,21 +0,0 @@
<?php
namespace App\Database;
use Illuminate\Database\Eloquent\Model;
class UserModel extends Model
{
protected $table = 'users';
public $timestamps = true;
protected $fillable = [
'email',
'password_hash',
];
protected $casts = [
'id' => 'int',
];
}

26
backend/database/migrations/2026_05_17_000001_create_users_table.php
View file

@ -1,26 +0,0 @@
<?php
namespace App\Database\Migrations;
use App\Database\Migration;
use Illuminate\Database\Capsule\Manager as Capsule;
class CreateUsersTable extends Migration
{
public function up(): void
{
Capsule::schema()->create('users', function ($table) {
$table->increments('id');
$table->string('email', 255)->unique();
$table->string('password_hash', 255);
$table->timestamps();
});
}
public function down(): void
{
Capsule::schema()->dropIfExists('users');
}
}
return CreateUsersTable::class;

30
backend/database/migrations/2026_05_17_000002_create_sessions_table.php
View file

@ -1,30 +0,0 @@
<?php
namespace App\Database\Migrations;
use App\Database\Migration;
use Illuminate\Database\Capsule\Manager as Capsule;
class CreateSessionsTable extends Migration
{
public function up(): void
{
Capsule::schema()->create('sessions', function ($table) {
$table->string('token')->primary();
$table->integer('user_id')->unsigned();
$table->foreign('user_id')
->references('id')
->on('users')
->cascadeOnDelete();
$table->dateTime('expires_at');
$table->dateTime('created_at');
});
}
public function down(): void
{
Capsule::schema()->dropIfExists('sessions');
}
}
return CreateSessionsTable::class;

5
backend/public/index.php
View file

@ -8,11 +8,6 @@ use Slim\App;
require $root.'/vendor/autoload.php'; require $root.'/vendor/autoload.php';
$dotenv = Dotenv\Dotenv::createImmutable($root);
$dotenv->safeLoad();
require $root . '/config/database.php';
$container = require $root.'/config/container.php'; $container = require $root.'/config/container.php';
/** @var App $app */ /** @var App $app */

19
flake.nix
View file

@ -24,25 +24,6 @@
postgresql postgresql
process-compose process-compose
]; ];
shellHook = ''
REPO_ROOT="$(git rev-parse --show-toplevel 2>/dev/null || pwd)"
export PGDATA="$REPO_ROOT/.postgres"
export PGHOST="$PGDATA"
export PGUSER="postgres"
export PGDATABASE="rabbigerzi"
if [ ! -d "$PGDATA" ]; then
echo "[pg] initializing cluster at $PGDATA"
initdb --auth=trust --username=postgres --no-locale --encoding=UTF8 >/dev/null
{
echo "listen_addresses = '127.0.0.1'"
echo "unix_socket_directories = '$PGDATA'"
} >> "$PGDATA/postgresql.conf"
fi
echo "[dev] run 'process-compose up' to start postgres + backend + vite"
'';
}; };
} }
); );

1
frontend/rabbi_gerzi/.env
View file

@ -1 +0,0 @@
VITE_API_BASE_URL=http://localhost:8000

48
frontend/rabbi_gerzi/cypress/e2e/login.cy.ts
View file

@ -1,48 +0,0 @@
describe('admin login page', () => {
it('renders the login form with email, password, and submit button', () => {
cy.visit('/login')
cy.get('[data-cy="login-email"]').should('be.visible')
cy.get('[data-cy="login-password"]').should('be.visible')
cy.get('[data-cy="login-submit"]').should('be.visible')
})
it('is not linked from the home page', () => {
cy.visit('/')
cy.contains('login').should('not.exist')
cy.contains('Login').should('not.exist')
cy.contains('admin').should('not.exist')
cy.contains('Admin').should('not.exist')
cy.get('a[href="/login"]').should('not.exist')
})
it('shows an error on failed login', () => {
cy.visit('/login')
cy.get('[data-cy="login-email"]').type('bad@example.com')
cy.get('[data-cy="login-password"]').type('wrongpassword')
cy.get('[data-cy="login-submit"]').click()
cy.get('[data-cy="login-error"]').should('be.visible')
})
it('is not linked from any navigation element on the home page', () => {
cy.visit('/')
cy.get('header a').each(($link) => {
cy.wrap($link).should('not.have.attr', 'href', '/login')
})
})
it('logs in with valid credentials and redirects to the home page', () => {
cy.visit('/login')
cy.get('[data-cy="login-email"]').type('admin@rabbigerzi.test')
cy.get('[data-cy="login-password"]').type('password')
cy.get('[data-cy="login-submit"]').click()
cy.url().should('eq', Cypress.config().baseUrl + '/')
cy.getCookie('auth_token').should('exist')
})
})

6
frontend/rabbi_gerzi/src/router/index.ts
View file

@ -1,6 +1,5 @@
import { createRouter, createWebHistory } from 'vue-router' import { createRouter, createWebHistory } from 'vue-router'
import HomePage from '@/views/HomePage.vue' import HomePage from '@/views/HomePage.vue'
import LoginPage from '@/views/LoginPage.vue'
const router = createRouter({ const router = createRouter({
history: createWebHistory(import.meta.env.BASE_URL), history: createWebHistory(import.meta.env.BASE_URL),
@ -10,11 +9,6 @@ const router = createRouter({
name: 'home', name: 'home',
component: HomePage, component: HomePage,
}, },
{
path: '/login',
name: 'login',
component: LoginPage,
},
], ],
}) })

77
frontend/rabbi_gerzi/src/stores/auth.ts
View file

@ -1,77 +0,0 @@
import { ref, computed } from 'vue'
import { defineStore } from 'pinia'
interface User {
id: number
email: string
}
const API_BASE_URL = import.meta.env.VITE_API_BASE_URL as string
export const useAuthStore = defineStore('auth', () => {
const user = ref<User | null>(null)
const loginError = ref<string | null>(null)
const isSubmitting = ref(false)
const isAuthenticated = computed(() => user.value !== null)
async function login(email: string, password: string): Promise<boolean> {
loginError.value = null
isSubmitting.value = true
try {
const response = await fetch(`${API_BASE_URL}/login`, {
method: 'POST',
headers: { 'Content-Type': 'application/json' },
credentials: 'include',
body: JSON.stringify({ email, password }),
})
if (!response.ok) {
const data: { error?: string } = await response.json()
loginError.value = data.error ?? 'Login failed'
return false
}
const data: { user: User } = await response.json()
user.value = data.user
return true
} catch {
loginError.value = 'Network error - could not reach server'
return false
} finally {
isSubmitting.value = false
}
}
async function fetchUser(): Promise<void> {
try {
const response = await fetch(`${API_BASE_URL}/me`, {
credentials: 'include',
})
if (!response.ok) {
user.value = null
return
}
const data: { user: User } = await response.json()
user.value = data.user
} catch {
user.value = null
}
}
async function logout(): Promise<void> {
try {
await fetch(`${API_BASE_URL}/logout`, {
method: 'POST',
credentials: 'include',
})
} finally {
user.value = null
}
}
return { user, loginError, isSubmitting, isAuthenticated, login, fetchUser, logout }
})

157
frontend/rabbi_gerzi/src/views/LoginPage.vue
View file

@ -1,157 +0,0 @@
<script setup lang="ts">
import { ref } from 'vue'
import { useRouter } from 'vue-router'
import { useAuthStore } from '@/stores/auth'
const router = useRouter()
const authStore = useAuthStore()
const email = ref('')
const password = ref('')
async function handleSubmit(): Promise<void> {
const success = await authStore.login(email.value, password.value)
if (success) {
router.push('/')
}
}
</script>
<template>
<div class="login-page">
<div class="login-card">
<h1 class="login-card__title">Admin Login</h1>
<form class="login-card__form" @submit.prevent="handleSubmit">
<label class="login-card__field">
<span class="login-card__label">Email</span>
<input
v-model="email"
data-cy="login-email"
type="email"
class="login-card__input"
autocomplete="email"
/>
</label>
<label class="login-card__field">
<span class="login-card__label">Password</span>
<input
v-model="password"
data-cy="login-password"
type="password"
class="login-card__input"
autocomplete="current-password"
/>
</label>
<p v-if="authStore.loginError" data-cy="login-error" class="login-card__error">
{{ authStore.loginError }}
</p>
<button
data-cy="login-submit"
type="submit"
class="login-card__submit"
:disabled="authStore.isSubmitting"
>
{{ authStore.isSubmitting ? 'Signing in...' : 'Sign In' }}
</button>
</form>
</div>
</div>
</template>
<style scoped>
.login-page {
display: flex;
align-items: center;
justify-content: center;
min-height: 100vh;
background: var(--color-cream);
padding: 1rem;
}
.login-card {
background: var(--color-white);
border: 1px solid var(--color-border);
border-radius: 8px;
padding: 2.5rem;
width: 100%;
max-width: 400px;
}
.login-card__title {
font-family: var(--font-serif);
font-size: 1.5rem;
color: var(--color-slate);
text-align: center;
margin: 0 0 1.5rem;
}
.login-card__form {
display: flex;
flex-direction: column;
gap: 1rem;
}
.login-card__field {
display: flex;
flex-direction: column;
gap: 0.25rem;
}
.login-card__label {
font-size: 0.875rem;
color: var(--color-text-muted);
}
.login-card__input {
padding: 0.625rem 0.75rem;
border: 1px solid var(--color-border);
border-radius: 4px;
font-family: var(--font-sans);
font-size: 0.9375rem;
color: var(--color-text);
background: var(--color-white);
outline: none;
transition: border-color 0.15s ease;
}
.login-card__input:focus {
border-color: var(--color-olive);
}
.login-card__error {
font-size: 0.875rem;
color: #b33;
margin: 0;
padding: 0.5rem 0.75rem;
background: #fef2f2;
border: 1px solid #fecaca;
border-radius: 4px;
}
.login-card__submit {
padding: 0.75rem 1rem;
background: var(--color-olive);
color: var(--color-white);
font-family: var(--font-sans);
font-size: 0.9375rem;
font-weight: 500;
border: none;
border-radius: 4px;
cursor: pointer;
transition: background 0.15s ease;
margin-top: 0.5rem;
}
.login-card__submit:hover:not(:disabled) {
background: var(--color-slate);
}
.login-card__submit:disabled {
opacity: 0.6;
cursor: not-allowed;
}
</style>

17
process-compose.yml
View file

@ -1,22 +1,9 @@
version: "0.5" version: "1"
processes: processes:
postgres:
command: postgres -D "$PGDATA" -k "$PGDATA" -c listen_addresses=127.0.0.1
shutdown:
signal: 2
readiness_probe:
exec:
command: pg_isready -h "$PGDATA"
initial_delay_seconds: 1
period_seconds: 2
backend: backend:
command: bash backend/bin/serve command: php -S 127.0.0.1:8000 -t backend/public/
working_dir: . working_dir: .
depends_on:
postgres:
condition: process_healthy
availability: availability:
restart: always restart: always