Merge pull request #6 from PAXANDDOS/dev

Project finished.
pokeshop-nix · Jan 19, 2022 · 0980e77 · 0980e77
2 parents dd41248 + b01aa61
commit 0980e77
Show file tree

Hide file tree

Showing 14 changed files with 252 additions and 57 deletions.
diff --git a/app/Http/Controllers/Api/AuthController.php b/app/Http/Controllers/Api/AuthController.php
@@ -2,6 +2,9 @@
 
 namespace App\Http\Controllers\Api;
 
+use Framework\{API, Auth};
+use App\Models\{User, Session};
+
 /**
  * API methods for authorization
  */
@@ -10,21 +13,52 @@ class AuthController extends Controller
     /**
      * Controls the sign in page.
      *
+     * @param mixed $data Payload of request.
      * @return void
      */
-    public function signIn(): void
+    public function signIn(mixed $data): void
     {
-        echo 'signin';
+        if (!$user = User::findWhere('name', $data->name))
+            API::response('json', ["message" => "Invalid credentials."], 400);
+        if ($user[0]->password !== hash('md5', $data->password))
+            API::response('json', ["message" => "Invalid password."], 403);
+        if ($session = Session::findWhere('user_id', $user[0]->id))
+            Session::destroy($session[0]->token);
+
+        $token = Auth::attempt($user[0]);
+        API::response('json', [
+            'message' => "Signed in.",
+            'cookie' => [
+                'id' => $user[0]->id,
+                'name' => $user[0]->name,
+                'email' => $user[0]->email,
+                'token' => "Bearer $token",
+            ]
+        ], 201);
     }
 
     /**
      * Controls the sign up page.
      *
+     * @param mixed $data Payload of request.
      * @return void
      */
-    public function signUp(): void
+    public function signUp(mixed $data): void
     {
-        echo 'signup';
+        if (User::findWhere('name', $data->name))
+            API::response('json', ["message" => "This user name is already taken."], 400);
+        if ($data->password !== $data->password_confirmation)
+            API::response('json', ["message" => "Passwords did not match."], 400);
+
+        User::create([
+            "name" => $data->name,
+            "email" => $data->email,
+            "password" => hash("md5", $data->password)
+        ]);
+
+        API::response('json', [
+            'message' => "Successfully signed up."
+        ], 201);
     }
 
     /**
@@ -34,6 +68,9 @@ public function signUp(): void
      */
     public function signOut(): void
     {
-        echo 'signout';
+        Session::destroy(Auth::token());
+        API::response('json', [
+            "message" => 'Successfully signed out.'
+        ]);
     }
 }
diff --git a/app/Http/Controllers/Api/CatalogController.php b/app/Http/Controllers/Api/CatalogController.php
@@ -2,6 +2,7 @@
 
 namespace App\Http\Controllers\Api;
 
+use Framework\API;
 use App\Models\Product;
 
 /**
@@ -16,7 +17,7 @@ class CatalogController extends Controller
      */
     public function index(): void
     {
-        echo self::json(Product::getAll());
+        API::response('json', Product::getAll());
     }
 
     /**
@@ -25,8 +26,8 @@ public function index(): void
      * @param int $id ID of the product.
      * @return void
      */
-    public function show($id): void
+    public function show(int $id): void
     {
-        echo self::json(Product::findOne($id));
+        API::response('json', Product::findOne($id));
     }
 }
diff --git a/app/Http/Controllers/Api/Controller.php b/app/Http/Controllers/Api/Controller.php
@@ -4,14 +4,4 @@
 
 class Controller
 {
-    /**
-     * Converts given data and prepares the response for JSON.
-     *
-     * @return string JSON encoded data.
-     */
-    protected static function json($data): string
-    {
-        header('Content-Type: application/json; charset=utf-8');
-        return json_encode($data);
-    }
 }
diff --git a/app/Http/Controllers/Api/OrderController.php b/app/Http/Controllers/Api/OrderController.php
@@ -2,6 +2,7 @@
 
 namespace App\Http\Controllers\Api;
 
+use Framework\{API, Auth};
 use App\Models\Order;
 
 /**
@@ -16,7 +17,7 @@ class OrderController extends Controller
      */
     public function index(): void
     {
-        echo self::json(Order::getAll());
+        API::response('json', Order::findWhere('user_id', Auth::user()->id));
     }
 
     /**
@@ -25,28 +26,41 @@ public function index(): void
      * @param int $id ID of the order.
      * @return void
      */
-    public function show($id): void
+    public function show(int $id): void
     {
-        echo self::json(Order::findOne($id));
+        Auth::user();
+        API::response('json', Order::findOne($id));
     }
 
     /**
      * Creates new order.
      *
      * @return void
      */
-    public function create($data): void
+    public function create(array $data): void
     {
-        echo self::json(Order::create($data));
+        $user = Auth::user();
+        foreach ($data as $product) {
+            $quantity = property_exists($product, 'quantity') ? $product->quantity : 1;
+            Order::create([
+                'user_id' => $user->id,
+                'product_id' => $product->id,
+                'quantity' => $quantity,
+            ]);
+        }
+        API::response('json', [
+            'message' => "Order succesfully created."
+        ], 201);
     }
 
     /**
      * Deletes the order by ID.
      *
      * @return void
      */
-    public function destroy($id): void
+    public function destroy(int $id): void
     {
-        echo self::json(Order::destroy($id));
+        Auth::user();
+        API::response('json', Order::destroy($id), 201);
     }
 }
diff --git a/app/Http/Controllers/Api/UserController.php b/app/Http/Controllers/Api/UserController.php
@@ -2,6 +2,7 @@
 
 namespace App\Http\Controllers\Api;
 
+use Framework\API;
 use App\Models\User;
 
 /**
@@ -16,7 +17,7 @@ class UserController extends Controller
      */
     public function index(): void
     {
-        echo self::json(User::getAll());
+        API::response('json', User::getAll());
     }
 
     /**
@@ -25,8 +26,8 @@ public function index(): void
      * @param int $id ID of the user.
      * @return void
      */
-    public function show($id): void
+    public function show(int $id): void
     {
-        echo self::json(User::findOne($id));
+        API::response('json', User::findOne($id));
     }
 }
diff --git a/app/Models/Model.php b/app/Models/Model.php
@@ -6,9 +6,9 @@ abstract class Model
 {
     abstract public static function getAll(): array;
 
-    abstract public static function create(array $data): Model;
+    abstract public static function create(array $data): Model | bool;
 
-    abstract public static function findOne(int | string $id): Model;
+    abstract public static function findOne(int | string $id): Model | bool;
 
     abstract public static function update(array $data, int | string $id): Model;
 

diff --git a/app/Models/Order.php b/app/Models/Order.php
@@ -10,8 +10,9 @@
 class Order extends Model
 {
     public int $id;
-    public string $user_id;
-    public string $product_id;
+    public int $user_id;
+    public int $product_id;
+    public int $quantity;
     public string $created_at;
     public string $updated_at;
 
@@ -34,11 +35,12 @@ public static function getAll(): array
     public static function create(array $data): Order
     {
         $db = DB::connect();
-        $stm = $db->prepare("INSERT INTO orders (user_id, product_id) VALUES (:user_id, :product_id)");
+        $stm = $db->prepare("INSERT INTO orders (user_id, product_id, quantity) VALUES (:user_id, :product_id, :quantity)");
         try {
             $stm->execute([
                 ':user_id' => $data['user_id'],
                 ':product_id' => $data['product_id'],
+                ':quantity' => $data['quantity'],
             ]);
         } catch (\PDOException $e) {
             echo "Creation failed: " . $e->getMessage();
@@ -61,7 +63,8 @@ public static function findOne(int | string $id): Order
     /**
      * Gets the requested Order from the database.
      *
-     * @param  int $id ID of the requested order.
+     * @param string $param Searched parameter.
+     * @param mixed $value Parameter value.
      * @return Order|array Single Order object or array of Order.
      */
     public static function findWhere(string $param, mixed $value): Order | array
@@ -79,11 +82,12 @@ public static function findWhere(string $param, mixed $value): Order | array
     public static function update(array $data, int | string $id): Order
     {
         $db = DB::connect();
-        $stm = $db->prepare("UPDATE orders SET user_id=:user_id, product_id=:product_id WHERE id=$id");
+        $stm = $db->prepare("UPDATE orders SET user_id=:user_id, product_id=:product_id, quantity=:quantity WHERE id=$id");
         try {
             $stm->execute([
                 ':user_id' => $data['user_id'],
                 ':product_id' => $data['product_id'],
+                ':quantity' => $data['quantity'],
             ]);
         } catch (\PDOException $e) {
             echo "Updating failed: " . $e->getMessage();

diff --git a/app/Models/Product.php b/app/Models/Product.php
@@ -65,7 +65,8 @@ public static function findOne(int | string $id): Product
     /**
      * Gets the requested Product from the database.
      *
-     * @param  int $id ID of the requested product.
+     * @param string $param Searched parameter.
+     * @param mixed $value Parameter value.
      * @return Product|array Single Product object or array of Product.
      */
     public static function findWhere(string $param, mixed $value): Product | array

diff --git a/app/Models/Session.php b/app/Models/Session.php
@@ -12,7 +12,6 @@ class Session extends Model
     public string $token;
     public string $user_id;
     public string $created_at;
-    public string $expires_at;
 
     /**
      * Converts the database data into an array of Session objects.
@@ -30,7 +29,7 @@ public static function getAll(): array
      * @param  array $data Array of parameters.
      * @return Session Newly created Session object.
      */
-    public static function create(array $data): Session
+    public static function create(array $data): Session | bool
     {
         $db = DB::connect();
         $stm = $db->prepare("INSERT INTO sessions (user_id, token) VALUES (:user_id, :token)");
@@ -43,7 +42,7 @@ public static function create(array $data): Session
             echo "Creation failed: " . $e->getMessage();
         }
 
-        return $db->query("SELECT * FROM sessions WHERE token=" . $data['token'])->fetchObject(__CLASS__);
+        return $db->query("SELECT * FROM sessions WHERE token='" . $data['token'] . "'")->fetchObject(__CLASS__);
     }
 
     /**
@@ -52,9 +51,21 @@ public static function create(array $data): Session
      * @param  string $id ID of the requested session.
      * @return Session Single Session object.
      */
-    public static function findOne(int | string $token): Session
+    public static function findOne(int | string $token): Session | bool
     {
-        return DB::connect()->query("SELECT * FROM sessions LEFT JOIN users ON users.id = sessions.user_id WHERE session.token=$token")->fetchObject(__CLASS__);
+        return DB::connect()->query("SELECT * FROM sessions WHERE token='$token'")->fetchObject(__CLASS__);
+    }
+
+    /**
+     * Gets the requested Session from the database.
+     *
+     * @param string $param Searched parameter.
+     * @param mixed $value Parameter value.
+     * @return Product|array Single Product object or array of Product.
+     */
+    public static function findWhere(string $param, mixed $value): Product | array | bool
+    {
+        return DB::connect()->query("SELECT * FROM sessions WHERE $param='$value'")->fetchAll(\PDO::FETCH_CLASS, __CLASS__);
     }
 
     /**
@@ -77,7 +88,7 @@ public static function update(array $data, int | string $token): Session
             echo "Updating failed: " . $e->getMessage();
         }
 
-        return $db->query("SELECT * FROM sessions WHERE token=$token")->fetchObject(__CLASS__);
+        return $db->query("SELECT * FROM sessions WHERE token='$token'")->fetchObject(__CLASS__);
     }
 
     /**
@@ -86,8 +97,8 @@ public static function update(array $data, int | string $token): Session
      * @param  int $id ID of the requested session.
      * @return bool Operation status.
      */
-    public static function destroy(int $id): bool
+    public static function destroy(int | string $token): bool
     {
-        return DB::connect()->prepare("DELETE FROM sessions WHERE id=$id")->execute();
+        return DB::connect()->prepare("DELETE FROM sessions WHERE token='$token'")->execute();
     }
 }
diff --git a/app/Models/User.php b/app/Models/User.php
@@ -60,7 +60,8 @@ public static function findOne(int | string $id): User
     /**
      * Gets the requested User from the database.
      *
-     * @param  int $id ID of the requested user.
+     * @param string $param Searched parameter.
+     * @param mixed $value Parameter value.
      * @return User|array Single User object or array of Users.
      */
     public static function findWhere(string $param, mixed $value): User | array

diff --git a/database/database.sql b/database/database.sql
@@ -17,7 +17,7 @@ CREATE TABLE IF NOT EXISTS `products` (
   `id` BIGINT UNSIGNED NOT NULL AUTO_INCREMENT PRIMARY KEY,
   `name` VARCHAR(32) NOT NULL UNIQUE,
   `price` DECIMAL UNSIGNED NOT NULL,
-  `stock` TINYINT NOT NULL,
+  `stock` TINYINT UNSIGNED NOT NULL,
   `image` VARCHAR(128) NOT NULL,
   `created_at` TIMESTAMP DEFAULT now(),
   `updated_at` TIMESTAMP DEFAULT now()
@@ -27,6 +27,7 @@ CREATE TABLE `orders` (
   `id` INT UNSIGNED NOT NULL AUTO_INCREMENT PRIMARY KEY,
   `user_id` BIGINT UNSIGNED NOT NULL,
   `product_id` BIGINT UNSIGNED NOT NULL,
+  `quantity` TINYINT UNSIGNED DEFAULT 1,
   `created_at` TIMESTAMP DEFAULT now(),
   `updated_at` TIMESTAMP DEFAULT now()
 ) ENGINE=InnoDB AUTO_INCREMENT=1 DEFAULT CHARACTER SET utf8mb4 COLLATE 'utf8mb4_unicode_ci';