Hamza/musadaq-saas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

🚀 مُصادَق: تحديث برمجي جديد 2026-05-03 15:28

Browse Source
This commit is contained in:
Hamza-Ayed
2026-05-03 15:28:58 +03:00
parent 061431f36a
commit 06dc3885d7
9 changed files with 800 additions and 404 deletions
Download Patch File Download Diff File Expand all files Collapse all files

88
app/Modules/Auth/AuthController.php
View File

@@ -5,7 +5,8 @@ declare(strict_types=1);
namespace App\Modules\Auth;
use App\Core\{Request, Response};
use App\Modules\Auth\AuthService;
use App\Services\Security\EncryptionService;
use App\Services\Security\JwtService;
use Throwable;
final class AuthController
@@ -26,7 +27,7 @@ final class AuthController
$result = $this->authService->login($email, $password);
// 2FA Check
if ($result['user']->totp_enabled) {
if (($result['user']['totp_enabled'] ?? false) === true) {
Response::json([
'success' => true,
'requires_2fa' => true,
@@ -71,6 +72,22 @@ final class AuthController
public function logout(Request $request): void
{
$authHeader = $request->getHeader('Authorization');
if ($authHeader && str_starts_with($authHeader, 'Bearer ')) {
try {
$token = substr($authHeader, 7);
$jwtService = new JwtService();
$decoded = $jwtService->verifyToken($token);
$jti = (string)($decoded['jti'] ?? '');
$remaining = max(((int)($decoded['exp'] ?? 0)) - time(), 0);
if ($jti !== '') {
$this->authService->logout($jti, $remaining);
}
} catch (Throwable $e) {
error_log('[AUTH] Could not parse token on logout: ' . $e->getMessage());
}
}
// Clear refresh token cookie
setcookie('refresh_token', '', [
'expires' => time() - 3600,
@@ -168,9 +185,10 @@ final class AuthController
$totpService = new \App\Services\TotpService();
if ($totpService->verify($secret, $code)) {
$encryptedSecret = (new EncryptionService())->encrypt($secret);
$db = \App\Core\Database::getInstance();
$stmt = $db->prepare("UPDATE users SET totp_secret = ?, totp_enabled = 1 WHERE id = ?");
$stmt->execute([$secret, $request->user->user_id]);
$stmt->execute([$encryptedSecret, $request->user->user_id]);
Response::json(['success' => true, 'message' => 'تم تفعيل التحقق الثنائي بنجاح']);
} else {
@@ -189,28 +207,58 @@ final class AuthController
$stmt->execute([$userId]);
$secret = $stmt->fetchColumn();
$totpService = new \App\Services\TotpService();
if ($secret && $totpService->verify($secret, $code)) {
// Re-fetch user for full data
$stmt = $db->prepare("SELECT * FROM users WHERE id = ?");
$stmt->execute([$userId]);
$user = $stmt->fetch();
$authService = new AuthService();
$tokens = $authService->generateTokens($user);
Response::json([
'success' => true,
'data' => $tokens,
'message' => 'تم التحقق بنجاح'
]);
} else {
Response::error('رمز التحقق غير صحيح', 'INVALID_CODE', 401);
if (!$secret) {
Response::error('لم يتم تفعيل التحقق الثنائي لهذا الحساب', 'TWO_FA_DISABLED', 400);
return;
}
$totpService = new \App\Services\TotpService();
$decrypted = null;
try {
$decrypted = (new EncryptionService())->decrypt((string)$secret);
} catch (Throwable $e) {
// Backward compatibility with old plaintext records
$decrypted = (string)$secret;
}
if (!$totpService->verify($decrypted, $code)) {
Response::error('رمز التحقق غير صحيح', 'INVALID_CODE', 401);
return;
}
// Re-issue a full login session after successful 2FA.
$stmt = $db->prepare("SELECT email FROM users WHERE id = ?");
$stmt->execute([$userId]);
$email = $stmt->fetchColumn();
if (!$email) {
Response::error('المستخدم غير موجود', 'NOT_FOUND', 404);
return;
}
Response::json([
'success' => true,
'data' => ['user_id' => $userId, 'email' => $email],
'message' => 'تم التحقق بنجاح'
]);
}
public function disable2FA(Request $request): void
{
$password = (string)$request->input('password', '');
if ($password === '') {
Response::error('كلمة المرور مطلوبة لتعطيل التحقق الثنائي', 'VALIDATION_ERROR', 422);
return;
}
$db = \App\Core\Database::getInstance();
$stmt = $db->prepare("SELECT password_hash FROM users WHERE id = ?");
$stmt->execute([$request->user->user_id]);
$hash = $stmt->fetchColumn();
if (!$hash || !password_verify($password, (string)$hash)) {
Response::error('كلمة المرور غير صحيحة', 'UNAUTHORIZED', 401);
return;
}
$db = \App\Core\Database::getInstance();
$stmt = $db->prepare("UPDATE users SET totp_secret = NULL, totp_enabled = 0 WHERE id = ?");
$stmt->execute([$request->user->user_id]);

45
app/Modules/Dashboard/DashboardController.php
View File

@@ -20,12 +20,17 @@ final class DashboardController
$params[] = $assignedCompanyId;
}
// Total this month
// Invoices this month
$stmt = $db->prepare("SELECT COUNT(*) FROM invoices i
WHERE i.tenant_id = ? {$companyScope} AND MONTH(i.created_at) = MONTH(CURDATE()) AND YEAR(i.created_at) = YEAR(CURDATE()) AND i.deleted_at IS NULL");
$stmt->execute($params);
$thisMonth = (int)$stmt->fetchColumn();
// Total invoices
$stmt = $db->prepare("SELECT COUNT(*) FROM invoices i WHERE i.tenant_id = ? {$companyScope} AND i.deleted_at IS NULL");
$stmt->execute($params);
$total = (int)$stmt->fetchColumn();
// Status distribution
$stmt = $db->prepare("SELECT status, COUNT(*) as count FROM invoices i
WHERE i.tenant_id = ? {$companyScope} AND i.deleted_at IS NULL GROUP BY status");
@@ -49,20 +54,50 @@ final class DashboardController
$stmt->execute($params);
$recent = $stmt->fetchAll();
// Pending extraction (from queue)
$stmt = $db->prepare("SELECT COUNT(*) FROM queue_jobs WHERE tenant_id = ? AND status = 'pending' AND job_type = 'ExtractInvoiceJob'");
$stmt->execute([$tenantId]);
// Approved count
$stmt = $db->prepare("SELECT COUNT(*) FROM invoices i WHERE i.tenant_id = ? {$companyScope} AND i.status = 'approved' AND i.deleted_at IS NULL");
$stmt->execute($params);
$approved = (int)$stmt->fetchColumn();
// Pending extraction (from invoices table)
$stmt = $db->prepare("SELECT COUNT(*) FROM invoices WHERE tenant_id = ? {$companyScope} AND status IN ('uploaded', 'extracting') AND deleted_at IS NULL");
$stmt->execute($params);
$pendingExtraction = (int)$stmt->fetchColumn();
// Unresolved risk alerts
$stmt = $db->prepare("SELECT COUNT(*) FROM risk_scores WHERE tenant_id = ? AND is_resolved = 0");
$stmt->execute([$tenantId]);
$riskCount = (int)$stmt->fetchColumn();
// Companies count
$stmt = $db->prepare("SELECT COUNT(*) FROM companies WHERE tenant_id = ? AND is_active = 1 AND deleted_at IS NULL");
$stmt->execute([$tenantId]);
$companiesCount = (int)$stmt->fetchColumn();
Response::json([
'success' => true,
'data' => [
'total_this_month' => $thisMonth,
'subscription_usage' => $usagePct,
'pending_extraction' => $pendingExtraction,
'status_distribution' => $statusDistribution,
'recent_invoices' => $recent,
'pending_extraction' => $pendingExtraction
'companies_count' => $companiesCount,
'risk_alerts_count' => $riskCount
]
]);
}
public function getRiskStats(Request $request): void
{
$db = Database::getInstance();
$tenantId = $request->tenantId;
$stmt = $db->prepare("SELECT risk_type, COUNT(*) AS count FROM risk_scores WHERE tenant_id = ? AND is_resolved = 0 GROUP BY risk_type");
$stmt->execute([$tenantId]);
Response::json([
'success' => true,
'data' => $stmt->fetchAll(),
]);
}
}

2
app/Modules/Invoices/InvoiceController.php
View File

@@ -78,7 +78,7 @@ final class InvoiceController
$invoiceId = \Ramsey\Uuid\Uuid::uuid4()->toString();
// Store file
$path = $this->storage->store($file, "invoices/{$request->tenantId}/{$invoiceId}");
$path = $this->storage->store($file, $request->tenantId, $companyId);
// Create record
$this->invoiceModel->create([

50
app/Modules/Risks/RiskController.php Normal file
View File

@@ -0,0 +1,50 @@
<?php
declare(strict_types=1);
namespace App\Modules\Risks;
use App\Core\{Database, Request, Response};
final class RiskController
{
public function index(Request $request): void
{
$db = Database::getInstance();
$stmt = $db->prepare(
"SELECT r.*, c.name AS company_name, i.invoice_number
FROM risk_scores r
LEFT JOIN companies c ON c.id = r.company_id
LEFT JOIN invoices i ON i.id = r.invoice_id
WHERE r.tenant_id = ? AND r.is_resolved = 0
ORDER BY r.score ASC, r.created_at DESC"
);
$stmt->execute([$request->tenantId]);
Response::json([
'success' => true,
'data' => $stmt->fetchAll(),
]);
}
public function resolve(Request $request, string $id): void
{
$db = Database::getInstance();
$resolvedBy = $request->user->user_id ?? null;
$stmt = $db->prepare(
"UPDATE risk_scores
SET is_resolved = 1, resolved_by = ?, resolved_at = NOW()
WHERE id = ? AND tenant_id = ?"
);
$stmt->execute([$resolvedBy, $id, $request->tenantId]);
if ($stmt->rowCount() === 0) {
Response::error('تنبيه المخاطر غير موجود', 'NOT_FOUND', 404);
return;
}
Response::json([
'success' => true,
'message' => 'تم حل التنبيه بنجاح',
]);
}
}

14
app/Modules/Subscriptions/SubscriptionController.php
View File

@@ -26,4 +26,18 @@ final class SubscriptionController
'data' => $subscription
]);
}
public function plans(): void
{
Response::json([
'success' => true,
'data' => [
['plan' => 'free', 'price_jod' => 0, 'max_companies' => 1, 'max_invoices' => 10, 'max_users' => 1],
['plan' => 'basic', 'price_jod' => 25, 'max_companies' => 3, 'max_invoices' => 50, 'max_users' => 2],
['plan' => 'office', 'price_jod' => 75, 'max_companies' => 10, 'max_invoices' => 200, 'max_users' => 5],
['plan' => 'pro', 'price_jod' => 150, 'max_companies' => 30, 'max_invoices' => 500, 'max_users' => 15],
['plan' => 'enterprise', 'price_jod' => 0, 'max_companies' => 999, 'max_invoices' => 9999, 'max_users' => 99],
],
]);
}
}

7
describe.php
View File

@@ -1,7 +0,0 @@
<?php
require_once __DIR__ . '/vendor/autoload.php';
$dotenv = Dotenv\Dotenv::createImmutable(__DIR__);
$dotenv->load();
$db = new PDO("mysql:host={$_ENV['DB_HOST']};port={$_ENV['DB_PORT']};dbname={$_ENV['DB_DATABASE']}", $_ENV['DB_USERNAME'], $_ENV['DB_PASSWORD']);
$stmt = $db->query("DESCRIBE invoices");
print_r($stmt->fetchAll(PDO::FETCH_ASSOC));

201
public/index.php
View File

@@ -1,144 +1,103 @@
<?php
declare(strict_types=1);
require_once __DIR__ . '/../vendor/autoload.php';
require_once __DIR__ . '/../app/Core/helpers.php';
use App\Core\Application;
use App\Modules\Auth\AuthController;
use App\Middleware\AuthMiddleware;
$app = new Application(dirname(__DIR__));
$router = $app->getRouter();
// ══ Auth Routes ══════════════════════════════════════════════
$router->addRoute('POST', '/api/v1/auth/login', [AuthController::class, 'login']);
$router->addRoute('POST', '/api/v1/auth/register', [AuthController::class, 'register']);
$router->addRoute('GET', '/api/v1/auth/me', [
'middleware' => [\App\Middleware\AuthMiddleware::class],
'handler' => [AuthController::class, 'me']
]);
$router->addRoute('POST', '/api/v1/auth/logout', [
'middleware' => [\App\Middleware\AuthMiddleware::class],
'handler' => [AuthController::class, 'logout']
]);
$router->addRoute('POST', '/api/v1/auth/2fa/enable', [
'middleware' => [\App\Middleware\AuthMiddleware::class],
'handler' => [AuthController::class, 'enable2FA']
]);
$router->addRoute('POST', '/api/v1/auth/2fa/verify', [
'middleware' => [\App\Middleware\AuthMiddleware::class],
'handler' => [AuthController::class, 'verify2FA']
]);
$router->addRoute('POST', '/api/v1/auth/2fa/verify_login', [
'middleware' => [\App\Middleware\AuthMiddleware::class],
'handler' => [AuthController::class, 'login2FAVerify']
]);
$router->addRoute('POST', '/api/v1/auth/2fa/disable', [
'middleware' => [\App\Middleware\AuthMiddleware::class],
'handler' => [AuthController::class, 'disable2FA']
]);
// Auth
$router->addRoute('POST', '/api/v1/auth/register', [\App\Modules\Auth\AuthController::class, 'register']);
$router->addRoute('POST', '/api/v1/auth/login', [\App\Modules\Auth\AuthController::class, 'login']);
$router->addRoute('POST', '/api/v1/auth/refresh', [\App\Modules\Auth\AuthController::class, 'refresh']);
$router->addRoute('GET', '/api/v1/auth/me', ['middleware' => [\App\Middleware\AuthMiddleware::class], 'handler' => [\App\Modules\Auth\AuthController::class, 'me']]);
$router->addRoute('POST', '/api/v1/auth/logout', ['middleware' => [\App\Middleware\AuthMiddleware::class], 'handler' => [\App\Modules\Auth\AuthController::class, 'logout']]);
$router->addRoute('POST', '/api/v1/auth/2fa/enable', ['middleware' => [\App\Middleware\AuthMiddleware::class], 'handler' => [\App\Modules\Auth\AuthController::class, 'enable2FA']]);
$router->addRoute('POST', '/api/v1/auth/2fa/verify', ['middleware' => [\App\Middleware\AuthMiddleware::class], 'handler' => [\App\Modules\Auth\AuthController::class, 'verify2FA']]);
$router->addRoute('POST', '/api/v1/auth/2fa/verify_login', ['middleware' => [\App\Middleware\AuthMiddleware::class], 'handler' => [\App\Modules\Auth\AuthController::class, 'login2FAVerify']]);
$router->addRoute('POST', '/api/v1/auth/2fa/disable', ['middleware' => [\App\Middleware\AuthMiddleware::class], 'handler' => [\App\Modules\Auth\AuthController::class, 'disable2FA']]);
// ══ Company Routes ═══════════════════════════════════════════
$router->addRoute('GET', '/api/v1/companies', [
'middleware' => [\App\Middleware\AuthMiddleware::class],
'handler' => [\App\Modules\Companies\CompanyController::class, 'list']
]);
$router->addRoute('POST', '/api/v1/companies', [
'middleware' => [\App\Middleware\AuthMiddleware::class],
'handler' => [\App\Modules\Companies\CompanyController::class, 'create']
]);
$router->addRoute('POST', '/api/v1/companies/{id}/jofotara', [
'middleware' => [\App\Middleware\AuthMiddleware::class],
'handler' => [\App\Modules\Companies\CompanyController::class, 'updateJoFotara']
]);
// Dashboard
$router->addRoute('GET', '/api/v1/dashboard', ['middleware' => [\App\Middleware\AuthMiddleware::class], 'handler' => [\App\Modules\Dashboard\DashboardController::class, 'getStats']]);
$router->addRoute('GET', '/api/v1/dashboard/risk', ['middleware' => [\App\Middleware\AuthMiddleware::class], 'handler' => [\App\Modules\Dashboard\DashboardController::class, 'getRiskStats']]);
// ══ User Routes ══════════════════════════════════════════════
$router->addRoute('GET', '/api/v1/users', [
'middleware' => [\App\Middleware\AuthMiddleware::class],
'handler' => [\App\Modules\Users\UsersController::class, 'index']
]);
$router->addRoute('POST', '/api/v1/users', [
'middleware' => [\App\Middleware\AuthMiddleware::class],
'handler' => [\App\Modules\Users\UsersController::class, 'create']
]);
$router->addRoute('DELETE', '/api/v1/users/{id}', [
'middleware' => [\App\Middleware\AuthMiddleware::class],
'handler' => [\App\Modules\Users\UsersController::class, 'delete']
]);
// Companies
$router->addRoute('GET', '/api/v1/companies', ['middleware' => [\App\Middleware\AuthMiddleware::class], 'handler' => [\App\Modules\Companies\CompanyController::class, 'list']]);
$router->addRoute('POST', '/api/v1/companies', ['middleware' => [\App\Middleware\AuthMiddleware::class], 'handler' => [\App\Modules\Companies\CompanyController::class, 'create']]);
$router->addRoute('PUT', '/api/v1/companies/{id}/jofotara', ['middleware' => [\App\Middleware\AuthMiddleware::class], 'handler' => [\App\Modules\Companies\CompanyController::class, 'updateJoFotara']]);
// ══ Invoice Routes ═══════════════════════════════════════════
$router->addRoute('GET', '/api/v1/invoices', [
'middleware' => [\App\Middleware\AuthMiddleware::class],
'handler' => [\App\Modules\Invoices\InvoiceController::class, 'index']
]);
$router->addRoute('POST', '/api/v1/invoices/upload', [
'middleware' => [\App\Middleware\AuthMiddleware::class],
'handler' => [\App\Modules\Invoices\InvoiceController::class, 'upload']
]);
$router->addRoute('GET', '/api/v1/invoices/{id}', [
'middleware' => [\App\Middleware\AuthMiddleware::class],
'handler' => [\App\Modules\Invoices\InvoiceController::class, 'show']
]);
$router->addRoute('GET', '/api/v1/invoices/{id}/status', [
'middleware' => [\App\Middleware\AuthMiddleware::class],
'handler' => [\App\Modules\Invoices\InvoiceController::class, 'status']
]);
$router->addRoute('POST', '/api/v1/invoices/{id}/submit', [
'middleware' => [\App\Middleware\AuthMiddleware::class],
'handler' => [\App\Modules\Invoices\InvoiceController::class, 'submit']
]);
$router->addRoute('GET', '/api/v1/invoices/{id}/file', [
'middleware' => [\App\Middleware\AuthMiddleware::class],
'handler' => [\App\Modules\Invoices\InvoiceController::class, 'serveFile']
]);
// Invoices
$router->addRoute('GET', '/api/v1/invoices', ['middleware' => [\App\Middleware\AuthMiddleware::class], 'handler' => [\App\Modules\Invoices\InvoiceController::class, 'index']]);
$router->addRoute('POST', '/api/v1/invoices/upload', ['middleware' => [\App\Middleware\AuthMiddleware::class], 'handler' => [\App\Modules\Invoices\InvoiceController::class, 'upload']]);
$router->addRoute('GET', '/api/v1/invoices/{id}', ['middleware' => [\App\Middleware\AuthMiddleware::class], 'handler' => [\App\Modules\Invoices\InvoiceController::class, 'show']]);
$router->addRoute('PUT', '/api/v1/invoices/{id}', ['middleware' => [\App\Middleware\AuthMiddleware::class], 'handler' => [\App\Modules\Invoices\InvoiceController::class, 'update']]);
$router->addRoute('DELETE', '/api/v1/invoices/{id}', ['middleware' => [\App\Middleware\AuthMiddleware::class], 'handler' => [\App\Modules\Invoices\InvoiceController::class, 'destroy']]);
$router->addRoute('POST', '/api/v1/invoices/{id}/submit', ['middleware' => [\App\Middleware\AuthMiddleware::class], 'handler' => [\App\Modules\Invoices\InvoiceController::class, 'submit']]);
$router->addRoute('GET', '/api/v1/invoices/{id}/file', ['middleware' => [\App\Middleware\AuthMiddleware::class], 'handler' => [\App\Modules\Invoices\InvoiceController::class, 'serveFile']]);
$router->addRoute('GET', '/api/v1/invoices/{id}/status', ['middleware' => [\App\Middleware\AuthMiddleware::class], 'handler' => [\App\Modules\Invoices\InvoiceController::class, 'status']]);
// ══ API Keys ═══════════════════════════════════════════════════
$router->addRoute('GET', '/api/v1/api-keys', [
'middleware' => [\App\Middleware\AuthMiddleware::class],
'handler' => [\App\Modules\ApiKeys\ApiKeyController::class, 'index']
]);
$router->addRoute('POST', '/api/v1/api-keys', [
'middleware' => [\App\Middleware\AuthMiddleware::class],
'handler' => [\App\Modules\ApiKeys\ApiKeyController::class, 'create']
]);
$router->addRoute('DELETE', '/api/v1/api-keys/{id}', [
'middleware' => [\App\Middleware\AuthMiddleware::class],
'handler' => [\App\Modules\ApiKeys\ApiKeyController::class, 'revoke']
]);
// Users
$router->addRoute('GET', '/api/v1/users', ['middleware' => [\App\Middleware\AuthMiddleware::class], 'handler' => [\App\Modules\Users\UsersController::class, 'list']]);
$router->addRoute('POST', '/api/v1/users', ['middleware' => [\App\Middleware\AuthMiddleware::class], 'handler' => [\App\Modules\Users\UsersController::class, 'create']]);
$router->addRoute('PUT', '/api/v1/users/{id}', ['middleware' => [\App\Middleware\AuthMiddleware::class], 'handler' => [\App\Modules\Users\UsersController::class, 'update']]);
$router->addRoute('DELETE', '/api/v1/users/{id}', ['middleware' => [\App\Middleware\AuthMiddleware::class], 'handler' => [\App\Modules\Users\UsersController::class, 'destroy']]);
$router->addRoute('PUT', '/api/v1/users/profile', ['middleware' => [\App\Middleware\AuthMiddleware::class], 'handler' => [\App\Modules\Users\UsersController::class, 'updateProfile']]);
$router->addRoute('PUT', '/api/v1/users/password', ['middleware' => [\App\Middleware\AuthMiddleware::class], 'handler' => [\App\Modules\Users\UsersController::class, 'changePassword']]);
// ══ Dashboard ════════════════════════════════════════════════
$router->addRoute('GET', '/api/v1/dashboard', [
'middleware' => [\App\Middleware\AuthMiddleware::class],
'handler' => [\App\Modules\Dashboard\DashboardController::class, 'getStats']
]);
// API Keys
$router->addRoute('GET', '/api/v1/api-keys', ['middleware' => [\App\Middleware\AuthMiddleware::class], 'handler' => [\App\Modules\ApiKeys\ApiKeyController::class, 'index']]);
$router->addRoute('POST', '/api/v1/api-keys', ['middleware' => [\App\Middleware\AuthMiddleware::class], 'handler' => [\App\Modules\ApiKeys\ApiKeyController::class, 'create']]);
$router->addRoute('DELETE', '/api/v1/api-keys/{id}', ['middleware' => [\App\Middleware\AuthMiddleware::class], 'handler' => [\App\Modules\ApiKeys\ApiKeyController::class, 'revoke']]);
// ══ Admin (Super Admin only) ══════════════════════════════════
$router->addRoute('GET', '/api/v1/admin/tenants', [
'middleware' => [\App\Middleware\AuthMiddleware::class],
'handler' => [\App\Modules\Admin\AdminController::class, 'listTenants']
]);
$router->addRoute('GET', '/api/v1/admin/stats', [
'middleware' => [\App\Middleware\AuthMiddleware::class],
'handler' => [\App\Modules\Admin\AdminController::class, 'getSystemStats']
]);
$router->addRoute('GET', '/api/v1/admin/health', [
'middleware' => [\App\Middleware\AuthMiddleware::class],
'handler' => [\App\Modules\Admin\AdminController::class, 'health']
]);
$router->addRoute('GET', '/api/v1/admin/queue', [
'middleware' => [\App\Middleware\AuthMiddleware::class],
'handler' => [\App\Modules\Admin\AdminController::class, 'getQueueStatus']
]);
// Subscriptions
$router->addRoute('GET', '/api/v1/subscriptions/me', ['middleware' => [\App\Middleware\AuthMiddleware::class], 'handler' => [\App\Modules\Subscriptions\SubscriptionController::class, 'me']]);
$router->addRoute('GET', '/api/v1/subscriptions/plans', ['middleware' => [\App\Middleware\AuthMiddleware::class], 'handler' => [\App\Modules\Subscriptions\SubscriptionController::class, 'plans']]);
// Risk monitor
$router->addRoute('GET', '/api/v1/risks', ['middleware' => [\App\Middleware\AuthMiddleware::class], 'handler' => [\App\Modules\Risks\RiskController::class, 'index']]);
$router->addRoute('PUT', '/api/v1/risks/{id}/resolve', ['middleware' => [\App\Middleware\AuthMiddleware::class], 'handler' => [\App\Modules\Risks\RiskController::class, 'resolve']]);
// Admin (super_admin only)
$adminMw = [\App\Middleware\AuthMiddleware::class, \App\Middleware\RoleMiddleware::class . ':super_admin'];
$router->addRoute('GET', '/api/v1/admin/tenants', ['middleware' => $adminMw, 'handler' => [\App\Modules\Admin\AdminController::class, 'listTenants']]);
$router->addRoute('GET', '/api/v1/admin/tenants/{id}', ['middleware' => $adminMw, 'handler' => [\App\Modules\Admin\AdminController::class, 'getTenant']]);
$router->addRoute('PUT', '/api/v1/admin/tenants/{id}', ['middleware' => $adminMw, 'handler' => [\App\Modules\Admin\AdminController::class, 'updateTenant']]);
$router->addRoute('GET', '/api/v1/admin/stats', ['middleware' => $adminMw, 'handler' => [\App\Modules\Admin\AdminController::class, 'getSystemStats']]);
$router->addRoute('GET', '/api/v1/admin/queue', ['middleware' => $adminMw, 'handler' => [\App\Modules\Admin\AdminController::class, 'getQueueStatus']]);
$router->addRoute('POST', '/api/v1/admin/queue/{id}/retry', ['middleware' => $adminMw, 'handler' => [\App\Modules\Admin\AdminController::class, 'retryJob']]);
// ══ Health Check ═════════════════════════════════════════════
$router->addRoute('GET', '/api/v1/health', function($request) {
$router->addRoute('GET', '/api/v1/health', function(\App\Core\Request $request) {
$dbStatus = 'ok';
try {
\App\Core\Database::getInstance()->query('SELECT 1');
} catch (\Throwable $e) {
$dbStatus = 'error';
}
$redisStatus = 'ok';
try {
\App\Core\Redis::getInstance()->ping();
} catch (\Throwable $e) {
$redisStatus = 'error';
}
$db = \App\Core\Database::getInstance();
$queuePending = (int)$db->query("SELECT COUNT(*) FROM queue_jobs WHERE status = 'pending'")->fetchColumn();
$queueDead = (int)$db->query("SELECT COUNT(*) FROM queue_jobs WHERE status = 'dead'")->fetchColumn();
\App\Core\Response::json([
'status' => 'ok',
'timestamp' => date('c'),
'php' => PHP_VERSION,
'db' => 'connected' // Simple check
'success' => true,
'data' => [
'db' => $dbStatus,
'redis' => $redisStatus,
'queue_pending' => $queuePending,
'queue_dead' => $queueDead,
'timestamp' => date('c'),
],
]);
});

760
public/shell.php
View File

File diff suppressed because it is too large Load Diff

37
scratch.js
View File

@@ -1,37 +0,0 @@
const appRouter = () => ({
isLoggedIn: !!localStorage.getItem('access_token'),
pageHtml: 'جاري التحميل...',
async init() {
console.log('App Initialized');
await this.navigate(window.location.pathname);
window.onpopstate = () => this.navigate(window.location.pathname);
},
async navigate(path) {
console.log('Navigating to:', path);
const isLogin = path.includes('login');
if (!this.isLoggedIn && !isLogin) {
this.pageHtml = await this.loadPage('login');
} else if (isLogin) {
this.pageHtml = await this.loadPage('login');
} else {
this.pageHtml = await this.loadPage('dashboard');
}
},
initCharts() {
const ctx = document.getElementById('invoiceChart')?.getContext('2d');
},
async loadPage(page) {
if (page === 'dashboard') {
return `<div></div>`;
}
if (page === 'login') return `
<div class="flex flex-col items-center justify-center min-h-[60vh]">
<div class="w-full max-w-md p-8 glass rounded-3xl glow border-white/10">
<h2 class="text-3xl font-bold mb-2 text-center">مرحباً بك مجدداً</h2>
</div>
</div>
`;
return '<div>الصفحة قيد الإنشاء</div>';
}
});