baseMiddleware($app); $this->sameSiteConfig($app); $this->jwtAuth($app); $this->errorHandling($app); $this->returnAsJSON($app); } /** * Base middleware * @param App $app - Slim App */ function baseMiddleware(App $app): void { $app->addBodyParsingMiddleware(); $app->addRoutingMiddleware(); } /** * SameSite Cookie Configuration * @param App $app - Slim App */ function sameSiteConfig(App $app): void { $ssConfig = new SameSiteCookieConfiguration(["same_site" => "strict"]); $app->add(new SameSiteCookieMiddleware($ssConfig)); } /** * Return all responses as JSON * @param App $app - Slim App */ function returnAsJSON(App $app): void { $app->add(function ($request, $handler) { $response = $handler->handle($request); return $response->withHeader("Content-Type", "application/json"); }); } /** * JWT Authentication * @param App $app - Slim App */ function jwtAuth(App $app): void { $jwtSecret = getSecretKey(); $app->add(new JwtAuthentication([ "rules" => [ new RequestPathRule([ "path" => ["/api/projectData", "/api/timelineData/[a-z]*", "/api/projectImage/[0-9]*", "/api/logout"], "ignore" => ["/api/contact", "/api/userData/login", "/api/userData/changePassword"] ]), new RequestMethodRule([ "ignore" => ["OPTIONS", "GET"] ]) ], "secret" => $jwtSecret, "error" => function ($response) { session_destroy(); $response->getBody()->write(json_encode(array("status" => "401", "message" => "Unauthorized, please provide a valid token"))); return $response->withStatus(401); } ])); } function errorHandling(App $app): void { $app->add(function (ServerRequestInterface $request, RequestHandlerInterface $handler) { try { return $handler->handle($request); } catch (HttpNotFoundException $httpException) { $response = (new Response())->withStatus(404); $response->getBody()->write(json_encode(array("status" => "404", "message" => $request->getUri()->getPath() . " not found"))); return $response; } catch (HttpMethodNotAllowedException $httpException) { $response = (new Response())->withStatus(405); $response->getBody()->write(json_encode(array("status" => "405", "message" => "Method not allowed"))); return $response; } catch (HttpInternalServerErrorException $exception) { $response = (new Response())->withStatus(500); $response->getBody()->write(json_encode(array("status" => "500", "message" => $exception->getMessage()))); return $response; } }); $app->addErrorMiddleware(true, true, true); } }