290 lines
10 KiB
PHP
290 lines
10 KiB
PHP
<?php
|
|
|
|
require_once("Router/Router.php");
|
|
require_once("Router/Response.php");
|
|
require_once("Router/Route.php");
|
|
require_once("BancaDati/BancaDati.php");
|
|
require_once("User.php");
|
|
|
|
use Router\Response;
|
|
use Router\Router;
|
|
use Router\Route;
|
|
use BancaDati\BancaDati;
|
|
|
|
abstract class HTTP_STATUS_CODE {
|
|
const OK = 200;
|
|
const CREATED = 201;
|
|
const BAD_REQUEST = 400;
|
|
const FORBIDDEN = 403;
|
|
const NOT_FOUNT = 404;
|
|
}
|
|
|
|
|
|
$app = new Router("/DirektiveDesDons");
|
|
$db = new BancaDati();
|
|
|
|
|
|
/*
|
|
* Middleware
|
|
*/
|
|
$app->use("/", function (array &$req, Response $res) {
|
|
if (isset($_COOKIE["TOKEN"])) {
|
|
$user = new User();
|
|
if ($user->loginWithToken($_COOKIE["TOKEN"])) {
|
|
$req["user"] = $user;
|
|
}
|
|
}
|
|
});
|
|
|
|
/*
|
|
* Home
|
|
*/
|
|
$app->get("/", function (array $req, Response $res) use ($db) {
|
|
$res->json(["message" => "",
|
|
"name" => "Shopping List",
|
|
"authors" => "Simon Bock, Johannes Kantz & Malte Schulze Hobeling"]);
|
|
});
|
|
|
|
/*
|
|
* User
|
|
*/
|
|
$app->get("/user", function (array $req, Response $res) {
|
|
if (isset($req["user"])) {
|
|
$res->json(["id" => $req["user"]->id, "username" => $req["user"]->username, "email" => $req["user"]->email]);
|
|
} else {
|
|
$res->json(["status" => HTTP_STATUS_CODE::FORBIDDEN, "message" => "You are not logged in. Goto '/login' to login"]);
|
|
}
|
|
});
|
|
$app->get("/user/:id", function (array $req, Response $res) use ($db) {
|
|
$db->select("utente", ["username" => $req["id"]]);
|
|
$res->send("user " . $req["params"]["id"]);
|
|
});
|
|
$app->post("/signup", function (array $req, Response $res) use ($db) {
|
|
$newUsername = $req["body"]["username"];
|
|
$newPassword = $req["body"]["password"];
|
|
$newEmail = $req["body"]["email"];
|
|
$db->insert("utente", ["email" => "$newEmail", "parolaDordine" => "$newPassword", "nomeUtente" => "$newUsername"]);
|
|
|
|
$res->send("Account Created", HTTP_STATUS_CODE::CREATED);
|
|
});
|
|
|
|
$app->post("/login", function (array $req, Response $res) use ($db) {
|
|
$username = $req["body"]["username"];
|
|
$password = $req["body"]["password"];
|
|
|
|
$user = new User();
|
|
$usertoken = $user->loginWithUsername($username, $password);
|
|
|
|
if ($usertoken) {
|
|
setcookie("TOKEN", $usertoken, time() + 3600); // 1h
|
|
$res->json(["message" => "Login successful", "token" => $usertoken]);
|
|
} else {
|
|
$res->json(["message" => "Login failed"], HTTP_STATUS_CODE::FORBIDDEN);
|
|
}
|
|
});
|
|
|
|
/*
|
|
* Ingredients
|
|
*/
|
|
$app->route("/ingredient")
|
|
->get(function (array $req, Response $res) use ($db) {
|
|
$res->json(["data" => $db->select("ingredienti")]);
|
|
})
|
|
->post(function (array $req, Response $res) use ($db) {
|
|
$name = $req["body"]["name"];
|
|
$calories = $req["body"]["calories"];
|
|
$quantity = $req["body"]["quantity"];
|
|
$unit = $req["body"]["unit"];
|
|
$price = $req["body"]["price"];
|
|
|
|
$unitInTable = $db->select("folla", ["unita" => $unit]);
|
|
if (count($unitInTable) > 1) {
|
|
$res->json(["message" => "Unit: " . $unit . " does not exist. Please create unit first"], HTTP_STATUS_CODE::BAD_REQUEST);
|
|
return;
|
|
}
|
|
$unitId = $unitInTable[0]["id"];
|
|
|
|
$id = $db->insert("ingredienti", ["cognome" => "$name", "calorie" => "$calories", "quantita" => "$quantity", "follaID" => $unitId, "prezzo" => "$price"]);
|
|
if (!$id) {
|
|
$res->json(["message" => "Something went wrong when creating the Ingredient"], HTTP_STATUS_CODE::BAD_REQUEST);
|
|
return;
|
|
}
|
|
|
|
$res->json(["message" => "New ingredient has been listed",
|
|
"ingredient" => $db->select("ingredienti", ["id" => $id])]);
|
|
});
|
|
$app->route("/ingredient/:id")
|
|
->get(function (array $req, Response $res) use ($db) {
|
|
$id = $req["params"]["id"];
|
|
$ingredient = $db->select("ingredienti", ["id" => $id])[0];
|
|
$res->json(["data" => $ingredient]);
|
|
})
|
|
->put(function (array $req, Response $res) use ($db) {
|
|
$id = $req["params"]["id"];
|
|
|
|
$name = $req["body"]["name"];
|
|
$calories = $req["body"]["calories"];
|
|
$quantity = $req["body"]["quantity"];
|
|
$unit = $req["body"]["unit"];
|
|
$price = $req["body"]["price"];
|
|
|
|
$unitInTable = $db->select("folla", ["unita" => $unit]);
|
|
if (count($unitInTable) > 1) {
|
|
$res->json(["message" => "Unit: " . $unit . " does not exist. Please create unit first"], HTTP_STATUS_CODE::BAD_REQUEST);
|
|
return;
|
|
}
|
|
$unitId = $unitInTable[0]["id"];
|
|
|
|
$db->update("ingredienti", $id, ["cognome" => "$name", "calorie" => "$calories", "quantita" => "$quantity", "follaID" => $unitId, "prezzo" => "$price"]);
|
|
|
|
$res->json(["message" => "Ingredient has been updated", "data" => $db->select("ingredienti", ["id" => $id])[0]]);
|
|
})
|
|
->delete(function (array $req, Response $res) use ($db) {
|
|
$id = $req["params"]["id"];
|
|
$db->delete("ingredienti", $id);
|
|
$res->json(["message" => "Ingredient has been deleted"]);
|
|
});
|
|
|
|
/*
|
|
* Unit
|
|
*/
|
|
$app->route("/unit")
|
|
->get(function (array $req, Response $res) use ($db) {
|
|
$res->json(["data" => $db->select("folla")]);
|
|
})
|
|
->post(function (array $req, Response $res) use ($db) {
|
|
$name = $req["body"]["name"];
|
|
|
|
if (!isset($name) || strlen($name) < 1 || strlen($name) > 200) {
|
|
$res->json(["message" => "Invalid Request. Please follow the Documentation", HTTP_STATUS_CODE::BAD_REQUEST]);
|
|
return;
|
|
}
|
|
|
|
$selectWithSameName = $db->select("folla", ["unita" => $name]);
|
|
if (count($selectWithSameName) >= 1) {
|
|
$res->json(["message" => "Unit: " . $name . " already exists", "data" => $selectWithSameName[0]], HTTP_STATUS_CODE::BAD_REQUEST);
|
|
return;
|
|
}
|
|
|
|
$newUnitId = $db->insert("folla", ["unita" => $name]);
|
|
$res->json(["message" => "Unit: '" . $name . "' created", "data" => $db->select("folla", ["id" => $newUnitId])[0]], HTTP_STATUS_CODE::CREATED);
|
|
});
|
|
$app->route("/unit/:id")
|
|
->get(function (array $req, Response $res) use ($db) {
|
|
$id = $req["params"]["id"];
|
|
$ingredient = $db->select("folla", ["id" => $id])[0];
|
|
$res->json(["data" => $ingredient]);
|
|
})
|
|
->put(function (array $req, Response $res) use ($db) {
|
|
$id = $req["params"]["id"];
|
|
$name = $req["body"]["name"];
|
|
|
|
if (!isset($name) || strlen($name) < 1 || strlen($name) > 200) {
|
|
$res->json(["message" => "Invalid Request. Please follow the Documentation", HTTP_STATUS_CODE::BAD_REQUEST]);
|
|
return;
|
|
}
|
|
$db->update("folla", $id, ["unita" => $name]);
|
|
$res->json(["message" => "Unit has been updated", "data" => $db->select("folla", ["id" => $id])]);
|
|
})
|
|
->delete(function (array $req, Response $res) use ($db) {
|
|
$id = $req["params"]["id"];
|
|
$db->delete("folla", $id);
|
|
$res->json(["message" => "Unit has been deleted"]);
|
|
});
|
|
|
|
/*
|
|
* List
|
|
*/
|
|
$app->use("/list", function (array $req, Response $res) {
|
|
if (!isset($req["user"])) {
|
|
$res->json(["message" => "You need to be signed in to use lists"], HTTP_STATUS_CODE::FORBIDDEN);
|
|
die;
|
|
}
|
|
});
|
|
|
|
$app->route("/list")
|
|
->get(function (array $req, Response $res) use ($db) {
|
|
$lists = $db->select("elenco", ["utenteID" => $req["user"]->id]);
|
|
// add items to list
|
|
foreach ($lists as &$list) {
|
|
$listId = $list["id"];
|
|
$ingredients = $db->select("elencoIngredienti", ["elencoId" => $listId]);
|
|
$ingredientData = [];
|
|
foreach ($ingredients as &$ingredient) {
|
|
$ingredientData[] = $db->select("Ingredienti", ["id" => $ingredient["ingredientiID"]]);
|
|
}
|
|
$list["inredients"] = $ingredientData;
|
|
}
|
|
$res->json(["data" => $lists]);
|
|
})
|
|
->post(function (array $req, Response $res) use ($db) {
|
|
$name = $req["body"]["name"];
|
|
$bgColor = $req["body"]["backgoundColor"] ?? "#fff";
|
|
|
|
if (!isset($name) || strlen($name) < 1) {
|
|
$res->json(["message" => "Invalid Request. Please follow the Documentation"], HTTP_STATUS_CODE::BAD_REQUEST);
|
|
return;
|
|
}
|
|
|
|
$lastListId = $db->insert("elenco", ["cognome" => $name, "coloreDiSfondo" => $bgColor, "utenteID" => $req["user"]->id]);
|
|
$res->json(["message" => "New List '" . $name . "' created", "data" => $db->select("elenco", ["id" => $lastListId])], HTTP_STATUS_CODE::CREATED);
|
|
});
|
|
$app->route("/list/:id")
|
|
->get(function (array $req, Response $res) use ($db) {
|
|
$id = $req["params"]["id"];
|
|
$query = $db->select("elenco", ["id" => $id, "utenteID" => $req["user"]->id]);
|
|
|
|
if (count($query) < 1) {
|
|
$res->json(["message" => "List does not exists or you dont have permissions to view it"]);
|
|
return;
|
|
}
|
|
$list = $query[0];
|
|
|
|
$listId = $list["id"];
|
|
$ingredients = $db->select("elencoIngredienti", ["elencoId" => $listId]);
|
|
$ingredientData = [];
|
|
foreach ($ingredients as &$ingredient) {
|
|
$ingredientData[] = $db->select("Ingredienti", ["id" => $ingredient["ingredientiID"]]);
|
|
}
|
|
$list["inredients"] = $ingredientData;
|
|
|
|
$res->json(["data" => $list]);
|
|
})
|
|
->post(function (array $req, Response $res) use ($db) {
|
|
// TODO: add Item to List with id
|
|
$id = $req["params"]["id"];
|
|
$ingredientId = $req["body"]["ingredientId"];
|
|
|
|
if (!isset($ingredientId)) {
|
|
$res->json(["message" => "You need to set a valid 'ingredientId'", HTTP_STATUS_CODE::BAD_REQUEST]);
|
|
return;
|
|
}
|
|
|
|
$newId = $db->insert("elencoIngredienti", ["ingredientiID" => $ingredientId, "elencoID" => $id]);
|
|
if(!$newId){
|
|
$res->json(["message" => "Cannot insert item in list"], HTTP_STATUS_CODE::BAD_REQUEST);
|
|
return;
|
|
}
|
|
$res->json(["message" => "Item has been added"]);
|
|
})
|
|
->delete(function (array $req, Response $res) use ($db) {
|
|
$id = $req["params"]["id"];
|
|
|
|
$list = $db->select("elenco", ["id" => $id]);
|
|
if (count($list) < 1) {
|
|
$res->json(["message" => "List does not exist"]);
|
|
return;
|
|
}
|
|
if ($list[0]["utenteID"] != $req["user"]->id) {
|
|
$res->json(["message" => "You have no permissions the delete this list"], HTTP_STATUS_CODE::FORBIDDEN);
|
|
return;
|
|
}
|
|
|
|
$db->delete("elenco", $id);
|
|
$res->json(["message" => "List has been deleted"]);
|
|
});
|
|
$app->delete("/list/:id/:item", function (array $req, Response $res) use ($db) {
|
|
// TODO: delete item from list
|
|
});
|
|
|
|
$app->start(); |