my-portfolio/dist/api/middleware.php

<?php
// middleware
namespace api;

session_start();

use Psr\Http\Message\ServerRequestInterface;
use Psr\Http\Server\RequestHandlerInterface;
use Slim\App;
use Selective\SameSiteCookie\SameSiteCookieConfiguration;
use Selective\SameSiteCookie\SameSiteCookieMiddleware;
use Slim\Exception\HttpInternalServerErrorException;
use Slim\Exception\HttpMethodNotAllowedException;
use Slim\Exception\HttpNotFoundException;
use Slim\Psr7\Response;
use Tuupola\Middleware\JwtAuthentication;
use Tuupola\Middleware\JwtAuthentication\RequestMethodRule;
use Tuupola\Middleware\JwtAuthentication\RequestPathRule;

/**
 * Middleware
 * Define all middleware functions
 */
class middleware
{
    /**
     * Constructor for middleware
     * @param App $app - Slim App
     */
    function __construct(App $app)
    {
        $this->baseMiddleware($app);
        $this->sameSiteConfig($app);
        $this->jwtAuth($app);
        $this->errorHandling($app);
        $this->returnAsJSON($app);
    }

    /**
     * Base middleware
     * @param App $app - Slim App
     */
    function baseMiddleware(App $app): void
    {
        $app->addBodyParsingMiddleware();
        $app->addRoutingMiddleware();
    }
    
    /**
     * SameSite Cookie Configuration
     * @param App $app - Slim App
     */
    function sameSiteConfig(App $app): void
    {
        $ssConfig = new SameSiteCookieConfiguration(["same_site" => "strict"]);
        $app->add(new SameSiteCookieMiddleware($ssConfig));
    }

    /**
     * Return all responses as JSON
     * @param App $app - Slim App
     */
    function returnAsJSON(App $app): void
    {
        $app->add(function ($request, $handler)
        {
            $response = $handler->handle($request);
            return $response->withHeader("Content-Type", "application/json");
        });
    }
    
    /**
     * JWT Authentication
     * @param App $app - Slim App
     */
    function jwtAuth(App $app): void
    {
        $jwtSecret = getSecretKey();
        $app->add(new JwtAuthentication([
            "rules" => [
                new RequestPathRule([
                    "path" => ["/api/projectData", "/api/timelineData/[a-z]*", "/api/projectImage/[0-9]*", "/api/logout"],
                    "ignore" => ["/api/contact", "/api/user/login", "/api/user/changePassword"]
                ]),
                new RequestMethodRule([
                    "ignore" => ["OPTIONS", "GET"]
                ])
            ],
            "secret" => $jwtSecret,
            "error" => function ($response)
            {
                session_destroy();
                $response->getBody()->write(json_encode(array("status" => "401", "message" => 
                                                              "Unauthorized, please provide a valid token")));
                return $response->withStatus(401);
            }
        ]));
    }

    function errorHandling(App $app): void
    {
        $app->add(function (ServerRequestInterface $request, RequestHandlerInterface $handler)
        {
            try
            {
                return $handler->handle($request);
            }
            catch (HttpNotFoundException $httpException)
            {
                $response = (new Response())->withStatus(404);
                $response->getBody()->write(json_encode(array("status" => "404", "message" => $request->getUri()->getPath() . " not found")));
                return $response;
            }
            catch (HttpMethodNotAllowedException $httpException)
            {
                $response = (new Response())->withStatus(405);
                $response->getBody()->write(json_encode(array("status" => "405", "message" => "Method not allowed")));
                return $response;
            }
            catch (HttpInternalServerErrorException $exception)
            {
                $response = (new Response())->withStatus(500);
                $response->getBody()->write(json_encode(array("status" => "500", "message" => $exception->getMessage())));
                return $response;
            }
        });
        $app->addErrorMiddleware(true, true, true);

    }
    
}
Created the JWT authentication for the editor so that it's more secure and can potentially be used to create a desktop app in the future. Used Tuupola's JWT auth middleware implementation to help with the auth part. Used Firebase's JWT method to create the token Signed-off-by: rodude123 <rodude123@gmail.com> 2022-10-09 02:40:06 +01:00			`<?php`
			`// middleware`
			`namespace api;`

Added in ability to add a new project with and without an image Signed-off-by: rodude123 <rodude123@gmail.com> 2023-02-06 01:26:35 +00:00			`session_start();`

Base HTML for projects section completed Signed-off-by: rodude123 <rodude123@gmail.com> 2023-01-17 01:56:03 +00:00			`use Psr\Http\Message\ServerRequestInterface;`
			`use Psr\Http\Server\RequestHandlerInterface;`
Created the JWT authentication for the editor so that it's more secure and can potentially be used to create a desktop app in the future. Used Tuupola's JWT auth middleware implementation to help with the auth part. Used Firebase's JWT method to create the token Signed-off-by: rodude123 <rodude123@gmail.com> 2022-10-09 02:40:06 +01:00			`use Slim\App;`
			`use Selective\SameSiteCookie\SameSiteCookieConfiguration;`
			`use Selective\SameSiteCookie\SameSiteCookieMiddleware;`
Added in ability to add a new project with and without an image Signed-off-by: rodude123 <rodude123@gmail.com> 2023-02-06 01:26:35 +00:00			`use Slim\Exception\HttpInternalServerErrorException;`
Base HTML for projects section completed Signed-off-by: rodude123 <rodude123@gmail.com> 2023-01-17 01:56:03 +00:00			`use Slim\Exception\HttpMethodNotAllowedException;`
			`use Slim\Exception\HttpNotFoundException;`
			`use Slim\Psr7\Response;`
Created the JWT authentication for the editor so that it's more secure and can potentially be used to create a desktop app in the future. Used Tuupola's JWT auth middleware implementation to help with the auth part. Used Firebase's JWT method to create the token Signed-off-by: rodude123 <rodude123@gmail.com> 2022-10-09 02:40:06 +01:00			`use Tuupola\Middleware\JwtAuthentication;`
			`use Tuupola\Middleware\JwtAuthentication\RequestMethodRule;`
			`use Tuupola\Middleware\JwtAuthentication\RequestPathRule;`

			`/**`
			`* Middleware`
			`* Define all middleware functions`
			`*/`
			`class middleware`
			`{`
			`/**`
			`* Constructor for middleware`
			`* @param App $app - Slim App`
			`*/`
			`function __construct(App $app)`
			`{`
			`$this->baseMiddleware($app);`
			`$this->sameSiteConfig($app);`
			`$this->jwtAuth($app);`
Base HTML for projects section completed Signed-off-by: rodude123 <rodude123@gmail.com> 2023-01-17 01:56:03 +00:00			`$this->errorHandling($app);`
Created the JWT authentication for the editor so that it's more secure and can potentially be used to create a desktop app in the future. Used Tuupola's JWT auth middleware implementation to help with the auth part. Used Firebase's JWT method to create the token Signed-off-by: rodude123 <rodude123@gmail.com> 2022-10-09 02:40:06 +01:00			`$this->returnAsJSON($app);`
			`}`

			`/**`
			`* Base middleware`
			`* @param App $app - Slim App`
			`*/`
			`function baseMiddleware(App $app): void`
			`{`
Being able to edit a timeline item fully working as currently tested. Signed-off-by: rodude123 <rodude123@gmail.com> 2022-10-09 23:32:50 +01:00			`$app->addBodyParsingMiddleware();`
Created the JWT authentication for the editor so that it's more secure and can potentially be used to create a desktop app in the future. Used Tuupola's JWT auth middleware implementation to help with the auth part. Used Firebase's JWT method to create the token Signed-off-by: rodude123 <rodude123@gmail.com> 2022-10-09 02:40:06 +01:00			`$app->addRoutingMiddleware();`
			`}`

			`/**`
			`* SameSite Cookie Configuration`
			`* @param App $app - Slim App`
			`*/`
			`function sameSiteConfig(App $app): void`
			`{`
			`$ssConfig = new SameSiteCookieConfiguration(["same_site" => "strict"]);`
			`$app->add(new SameSiteCookieMiddleware($ssConfig));`
			`}`

			`/**`
			`* Return all responses as JSON`
			`* @param App $app - Slim App`
			`*/`
			`function returnAsJSON(App $app): void`
			`{`
			`$app->add(function ($request, $handler)`
			`{`
			`$response = $handler->handle($request);`
			`return $response->withHeader("Content-Type", "application/json");`
			`});`
			`}`

			`/**`
			`* JWT Authentication`
			`* @param App $app - Slim App`
			`*/`
			`function jwtAuth(App $app): void`
			`{`
			`$jwtSecret = getSecretKey();`
			`$app->add(new JwtAuthentication([`
			`"rules" => [`
			`new RequestPathRule([`
Final fixes to the website which should have been committed in the previous branch :( Signed-off-by: rodude123 <rodude123@gmail.com> 2023-02-25 20:17:09 +00:00			`"path" => ["/api/projectData", "/api/timelineData/[a-z]", "/api/projectImage/[0-9]", "/api/logout"],`
Created the JWT authentication for the editor so that it's more secure and can potentially be used to create a desktop app in the future. Used Tuupola's JWT auth middleware implementation to help with the auth part. Used Firebase's JWT method to create the token Signed-off-by: rodude123 <rodude123@gmail.com> 2022-10-09 02:40:06 +01:00			`"ignore" => ["/api/contact", "/api/user/login", "/api/user/changePassword"]`
			`]),`
			`new RequestMethodRule([`
			`"ignore" => ["OPTIONS", "GET"]`
			`])`
			`],`
			`"secret" => $jwtSecret,`
			`"error" => function ($response)`
			`{`
			`session_destroy();`
			`$response->getBody()->write(json_encode(array("status" => "401", "message" =>`
			`"Unauthorized, please provide a valid token")));`
			`return $response->withStatus(401);`
			`}`
			`]));`
Base HTML for projects section completed Signed-off-by: rodude123 <rodude123@gmail.com> 2023-01-17 01:56:03 +00:00			`}`

			`function errorHandling(App $app): void`
			`{`
			`$app->add(function (ServerRequestInterface $request, RequestHandlerInterface $handler)`
			`{`
			`try`
			`{`
			`return $handler->handle($request);`
			`}`
			`catch (HttpNotFoundException $httpException)`
			`{`
			`$response = (new Response())->withStatus(404);`
			`$response->getBody()->write(json_encode(array("status" => "404", "message" => $request->getUri()->getPath() . " not found")));`
			`return $response;`
			`}`
			`catch (HttpMethodNotAllowedException $httpException)`
			`{`
			`$response = (new Response())->withStatus(405);`
			`$response->getBody()->write(json_encode(array("status" => "405", "message" => "Method not allowed")));`
			`return $response;`
			`}`
Added in ability to add a new project with and without an image Signed-off-by: rodude123 <rodude123@gmail.com> 2023-02-06 01:26:35 +00:00			`catch (HttpInternalServerErrorException $exception)`
			`{`
			`$response = (new Response())->withStatus(500);`
			`$response->getBody()->write(json_encode(array("status" => "500", "message" => $exception->getMessage())));`
			`return $response;`
			`}`
Base HTML for projects section completed Signed-off-by: rodude123 <rodude123@gmail.com> 2023-01-17 01:56:03 +00:00			`});`
Created the JWT authentication for the editor so that it's more secure and can potentially be used to create a desktop app in the future. Used Tuupola's JWT auth middleware implementation to help with the auth part. Used Firebase's JWT method to create the token Signed-off-by: rodude123 <rodude123@gmail.com> 2022-10-09 02:40:06 +01:00			`$app->addErrorMiddleware(true, true, true);`
Base HTML for projects section completed Signed-off-by: rodude123 <rodude123@gmail.com> 2023-01-17 01:56:03 +00:00
Created the JWT authentication for the editor so that it's more secure and can potentially be used to create a desktop app in the future. Used Tuupola's JWT auth middleware implementation to help with the auth part. Used Firebase's JWT method to create the token Signed-off-by: rodude123 <rodude123@gmail.com> 2022-10-09 02:40:06 +01:00			`}`

			`}`