Yisroel Baum
56ddba707d
phpcbf auto-fixes: string concatenation spacing, single-line class braces, closing brace placement.
146 lines
4.2 KiB
PHP
146 lines
4.2 KiB
PHP
<?php
|
|
|
|
namespace App\Controllers;
|
|
|
|
use App\Auth\UseCases\AuthenticateUser\AuthenticateUser;
|
|
use App\Auth\UseCases\AuthenticateUser\AuthenticateUserRequest;
|
|
use App\Auth\UseCases\CreateSession\CreateSession;
|
|
use App\Auth\UseCases\Logout\Logout;
|
|
use App\Exceptions\BadRequestException;
|
|
use App\Exceptions\UnauthorizedException;
|
|
use App\Middleware\AuthMiddleware;
|
|
use App\User\User;
|
|
use Psr\Http\Message\ResponseInterface;
|
|
use Psr\Http\Message\ServerRequestInterface;
|
|
use Slim\Psr7\Response;
|
|
|
|
class AuthController
|
|
{
|
|
public function __construct(
|
|
private AuthenticateUser $authenticateUser,
|
|
private CreateSession $createSession,
|
|
private Logout $logout,
|
|
) {
|
|
}
|
|
|
|
public function login(
|
|
ServerRequestInterface $request,
|
|
ResponseInterface $response,
|
|
): ResponseInterface {
|
|
$body = $this->parseBody($request);
|
|
|
|
try {
|
|
$user = $this->authenticateUser->execute(
|
|
new AuthenticateUserRequest(
|
|
email: $body['email'] ?? null,
|
|
password: $body['password'] ?? null,
|
|
),
|
|
);
|
|
} catch (BadRequestException $exception) {
|
|
return $this->jsonResponse(
|
|
new Response(400),
|
|
['error' => $exception->getMessage()],
|
|
400,
|
|
);
|
|
} catch (UnauthorizedException $exception) {
|
|
return $this->jsonResponse(
|
|
new Response(401),
|
|
['error' => $exception->getMessage()],
|
|
401,
|
|
);
|
|
}
|
|
|
|
$session = $this->createSession->execute($user);
|
|
|
|
$response = $this->jsonResponse(
|
|
new Response(200),
|
|
['user' => $this->buildUserPayload($user)],
|
|
200,
|
|
);
|
|
|
|
$cookieValue = sprintf(
|
|
'%s=%s; Expires=%s; Path=/; HttpOnly; SameSite=Lax',
|
|
AuthMiddleware::COOKIE_NAME,
|
|
$session->getToken(),
|
|
$session->getExpiresAt()->format('D, d-M-Y H:i:s T'),
|
|
);
|
|
|
|
return $response->withHeader('Set-Cookie', $cookieValue);
|
|
}
|
|
|
|
public function logout(
|
|
ServerRequestInterface $request,
|
|
ResponseInterface $response,
|
|
): ResponseInterface {
|
|
$cookies = $request->getCookieParams();
|
|
$token = $cookies[AuthMiddleware::COOKIE_NAME] ?? null;
|
|
|
|
if (is_string($token) && $token !== '') {
|
|
$this->logout->execute($token);
|
|
}
|
|
|
|
$response = new Response(204);
|
|
|
|
$cookieValue = sprintf(
|
|
'%s=; Expires=%s; Path=/; HttpOnly; SameSite=Lax',
|
|
AuthMiddleware::COOKIE_NAME,
|
|
'Thu, 01-Jan-1970 00:00:00 GMT',
|
|
);
|
|
|
|
return $response->withHeader('Set-Cookie', $cookieValue);
|
|
}
|
|
|
|
public function me(
|
|
ServerRequestInterface $request,
|
|
ResponseInterface $response,
|
|
): ResponseInterface {
|
|
$user = $request->getAttribute('user');
|
|
|
|
if (! $user instanceof User) {
|
|
return $this->jsonResponse(
|
|
new Response(401),
|
|
['error' => 'unauthenticated'],
|
|
401,
|
|
);
|
|
}
|
|
|
|
return $this->jsonResponse(
|
|
new Response(200),
|
|
['user' => $this->buildUserPayload($user)],
|
|
200,
|
|
);
|
|
}
|
|
|
|
private function buildUserPayload(User $user): array
|
|
{
|
|
return [
|
|
'id' => $user->getId(),
|
|
'email' => $user->getEmail()->value(),
|
|
];
|
|
}
|
|
|
|
private function jsonResponse(
|
|
ResponseInterface $response,
|
|
array $data,
|
|
int $status,
|
|
): ResponseInterface {
|
|
$response = $response->withStatus($status);
|
|
$response->getBody()->write(json_encode($data));
|
|
|
|
return $response->withHeader('Content-Type', 'application/json');
|
|
}
|
|
|
|
private function parseBody(ServerRequestInterface $request): array
|
|
{
|
|
$contentType = $request->getHeaderLine('Content-Type');
|
|
|
|
if (str_contains($contentType, 'application/json')) {
|
|
$body = (string) $request->getBody();
|
|
$decoded = json_decode($body, true);
|
|
|
|
return is_array($decoded) ? $decoded : [];
|
|
}
|
|
|
|
return (array) $request->getParsedBody();
|
|
}
|
|
}
|