<?php
require_once("Router/Router.php");
require_once("Router/Response.php");
require_once("Router/Route.php");
require_once("BancaDati/BancaDati.php");
require_once("User.php");
use Router\Response;
use Router\Router;
use Router\Route;
use BancaDati\BancaDati;
abstract class HTTP_STATUS_CODE {
const OK = 200;
const CREATED = 201;
const BAD_REQUEST = 400;
const FORBIDDEN = 403;
const NOT_FOUNT = 404;
}
$app = new Router("/DirektiveDesDons");
$db = new BancaDati();
/*
* Middleware
*/
$app->use("/", function (array &$req, Response $res) {
if (isset($_COOKIE["TOKEN"])) {
$user = new User();
if ($user->loginWithToken($_COOKIE["TOKEN"])) {
$req["user"] = $user;
}
}
});
/*
* Home
*/
$app->get("/", function (array $req, Response $res) use ($db) {
$res->json(["message" => "Die Einkaufsliste des Don",
"name" => "Shopping List",
"authors" => "Simon Bock, Johannes Kantz & Malte Schulze Hobeling"]);
});
/*
* User
*/
$app->get("/user", function (array $req, Response $res) {
if (isset($req["user"])) {
$res->json(["id" => $req["user"]->id, "username" => $req["user"]->username, "email" => $req["user"]->email]);
} else {
$res->json(["status" => HTTP_STATUS_CODE::FORBIDDEN, "message" => "You are not logged in. Goto '/login' to login"]);
}
});
$app->post("/signup", function (array $req, Response $res) use ($db) {
$newUsername = $req["body"]["username"];
$newPassword = $req["body"]["password"];
$newEmail = $req["body"]["email"];
$db->insert("utente", ["email" => "$newEmail", "parolaDordine" => "$newPassword", "nomeUtente" => "$newUsername"]);
$res->send("Account Created", HTTP_STATUS_CODE::CREATED);
});
$app->post("/login", function (array $req, Response $res) use ($db) {
$username = $req["body"]["username"];
$password = $req["body"]["password"];
$user = new User();
$usertoken = $user->loginWithUsername($username, $password);
if ($usertoken) {
setcookie("TOKEN", $usertoken, time() + 3600); // 1h
$res->json(["message" => "Login successful", "token" => $usertoken]);
} else {
$res->json(["message" => "Login failed"], HTTP_STATUS_CODE::FORBIDDEN);
}
});
/*
* Ingredients
*/
$app->route("/ingredient")
->get(function (array $req, Response $res) use ($db) {
$res->json(["data" => $db->select("ingredienti")]);
})
->post(function (array $req, Response $res) use ($db) {
$name = $req["body"]["name"];
$calories = $req["body"]["calories"];
$quantity = $req["body"]["quantity"];
$unit = $req["body"]["unit"];
$price = $req["body"]["price"];
$unitInTable = $db->select("folla", ["unita" => $unit]);
if (count($unitInTable) > 1) {
$res->json(["message" => "Unit: " . $unit . " does not exist. Please create unit first"], HTTP_STATUS_CODE::BAD_REQUEST);
return;
}
$unitId = $unitInTable[0]["id"];
$id = $db->insert("ingredienti", ["cognome" => "$name", "calorie" => "$calories", "quantita" => "$quantity", "follaID" => $unitId, "prezzo" => "$price"]);
if (!$id) {
$res->json(["message" => "Something went wrong when creating the Ingredient"], HTTP_STATUS_CODE::BAD_REQUEST);
return;
}
$res->json(["message" => "New ingredient has been listed",
"ingredient" => $db->select("ingredienti", ["id" => $id])]);
});
$app->route("/ingredient/:id")
->get(function (array $req, Response $res) use ($db) {
$id = $req["params"]["id"];
$query = $db->select("ingredienti", ["id" => $id]);
if(count($query) < 1){
$res->json(["message" => "Item does not exists"]);
return;
}
$ingredient = $query[0];
$res->json(["data" => $ingredient]);
})
->put(function (array $req, Response $res) use ($db) {
$id = $req["params"]["id"];
$name = $req["body"]["name"];
$calories = $req["body"]["calories"];
$quantity = $req["body"]["quantity"];
$unit = $req["body"]["unit"];
$price = $req["body"]["price"];
$unitInTable = $db->select("folla", ["unita" => $unit]);
if (count($unitInTable) > 1) {
$res->json(["message" => "Unit: " . $unit . " does not exist. Please create unit first"], HTTP_STATUS_CODE::BAD_REQUEST);
return;
}
$unitId = $unitInTable[0]["id"];
$db->update("ingredienti", $id, ["cognome" => "$name", "calorie" => "$calories", "quantita" => "$quantity", "follaID" => $unitId, "prezzo" => "$price"]);
$res->json(["message" => "Ingredient has been updated", "data" => $db->select("ingredienti", ["id" => $id])[0]]);
})
->delete(function (array $req, Response $res) use ($db) {
$id = $req["params"]["id"];
$db->delete("ingredienti", $id);
$res->json(["message" => "Ingredient has been deleted"]);
});
/*
* Unit
*/
$app->route("/unit")
->get(function (array $req, Response $res) use ($db) {
$res->json(["data" => $db->select("folla")]);
})
->post(function (array $req, Response $res) use ($db) {
$name = $req["body"]["name"];
if (!isset($name) || strlen($name) < 1 || strlen($name) > 200) {
$res->json(["message" => "Invalid Request. Please follow the Documentation", HTTP_STATUS_CODE::BAD_REQUEST]);
return;
}
$selectWithSameName = $db->select("folla", ["unita" => $name]);
if (count($selectWithSameName) >= 1) {
$res->json(["message" => "Unit: " . $name . " already exists", "data" => $selectWithSameName[0]], HTTP_STATUS_CODE::BAD_REQUEST);
return;
}
$newUnitId = $db->insert("folla", ["unita" => $name]);
$res->json(["message" => "Unit: '" . $name . "' created", "data" => $db->select("folla", ["id" => $newUnitId])[0]], HTTP_STATUS_CODE::CREATED);
});
$app->route("/unit/:id")
->get(function (array $req, Response $res) use ($db) {
$id = $req["params"]["id"];
$query = $db->select("folla", ["id" => $id]);
if(count($query) < 1){
$res->json(["message" => "Unit does not exists"]);
return;
}
$unit = $query[0];
$res->json(["data" => $unit]);
})
->put(function (array $req, Response $res) use ($db) {
$id = $req["params"]["id"];
$name = $req["body"]["name"];
if (!isset($name) || strlen($name) < 1 || strlen($name) > 200) {
$res->json(["message" => "Invalid Request. Please follow the Documentation", HTTP_STATUS_CODE::BAD_REQUEST]);
return;
}
$db->update("folla", $id, ["unita" => $name]);
$res->json(["message" => "Unit has been updated", "data" => $db->select("folla", ["id" => $id])]);
})
->delete(function (array $req, Response $res) use ($db) {
$id = $req["params"]["id"];
$db->delete("folla", $id);
$res->json(["message" => "Unit has been deleted"]);
});
/*
* List
*/
$app->use("/list", function (array $req, Response $res) {
if (!isset($req["user"])) {
$res->json(["message" => "You need to be signed in to use lists"], HTTP_STATUS_CODE::FORBIDDEN);
die;
}
});
$app->route("/list")
->get(function (array $req, Response $res) use ($db) {
$lists = $db->select("elenco", ["utenteID" => $req["user"]->id]);
// add items to list
foreach ($lists as &$list) {
$listId = $list["id"];
$ingredients = $db->select("elencoIngredienti", ["elencoId" => $listId]);
$ingredientData = [];
foreach ($ingredients as &$ingredient) {
$ingredientData[] = $db->select("Ingredienti", ["id" => $ingredient["ingredientiID"]]);
}
$list["inredients"] = $ingredientData;
}
$res->json(["data" => $lists]);
})
->post(function (array $req, Response $res) use ($db) {
$name = $req["body"]["name"];
$bgColor = $req["body"]["backgoundColor"] ?? "#fff";
if (!isset($name) || strlen($name) < 1) {
$res->json(["message" => "Invalid Request. Please follow the Documentation"], HTTP_STATUS_CODE::BAD_REQUEST);
return;
}
$lastListId = $db->insert("elenco", ["cognome" => $name, "coloreDiSfondo" => $bgColor, "utenteID" => $req["user"]->id]);
$res->json(["message" => "New List '" . $name . "' created", "data" => $db->select("elenco", ["id" => $lastListId])], HTTP_STATUS_CODE::CREATED);
});
$app->route("/list/:id")
->get(function (array $req, Response $res) use ($db) {
$id = $req["params"]["id"];
$query = $db->select("elenco", ["id" => $id, "utenteID" => $req["user"]->id]);
if (count($query) < 1) {
$res->json(["message" => "List does not exists or you dont have permissions to view it"]);
return;
}
$list = $query[0];
$listId = $list["id"];
$ingredients = $db->select("elencoIngredienti", ["elencoId" => $listId]);
$ingredientData = [];
foreach ($ingredients as &$ingredient) {
$ingredientData[] = $db->select("Ingredienti", ["id" => $ingredient["ingredientiID"]]);
}
$list["inredients"] = $ingredientData;
$res->json(["data" => $list]);
})
->post(function (array $req, Response $res) use ($db) {
$id = $req["params"]["id"];
$ingredientId = $req["body"]["ingredientId"];
if (!isset($ingredientId)) {
$res->json(["message" => "You need to set a valid 'ingredientId'", HTTP_STATUS_CODE::BAD_REQUEST]);
return;
}
$newId = $db->insert("elencoIngredienti", ["ingredientiID" => $ingredientId, "elencoID" => $id]);
if(!$newId){
$res->json(["message" => "Cannot insert item in list"], HTTP_STATUS_CODE::BAD_REQUEST);
return;
}
$res->json(["message" => "Item has been added"]);
})
->delete(function (array $req, Response $res) use ($db) {
$id = $req["params"]["id"];
$list = $db->select("elenco", ["id" => $id]);
if (count($list) < 1) {
$res->json(["message" => "List does not exist"]);
return;
}
if ($list[0]["utenteID"] != $req["user"]->id) {
$res->json(["message" => "You have no permissions the delete this list"], HTTP_STATUS_CODE::FORBIDDEN);
return;
}
$db->delete("elenco", $id);
$res->json(["message" => "List has been deleted"]);
});
$app->delete("/list/:id/:item", function (array $req, Response $res) use ($db) {
$listId = $req["params"]["id"];
$itemId = $req["params"]["item"];
$list = $db->select("elenco", ["id" => $listId, "utenteID" => $req["user"]->id]);
if(count($list) < 1){
$res->json(["message" => "List does not exist or you dont have the permissions to edit the list"]);
return;
}
$db->delete("elencoIngredienti", $itemId);
$res->json(["message" => "Item has been deleted"]);
});
$app->start();