Update: 2026-05-03 17:32:57

app/modules_app/auth/login.php

@@ -0,0 +1,58 @@
+<?php
+/**
+ * Auth Login Endpoint
+ */
+
+use App\Core\Database;
+use App\Core\JWT;
+use App\Core\Validator;
+
+$data = input();
+
+// 1. Validation
+$errors = Validator::validate($data, [
+    'email'    => 'required|email',
+    'password' => 'required'
+]);
+
+if ($errors) {
+    json_error('Validation Failed', 422, $errors);
+}
+
+$email = $data['email'];
+$password = $data['password'];
+
+// 2. DB Check
+$db = Database::getInstance();
+$stmt = $db->prepare("SELECT * FROM users WHERE email = ? LIMIT 1");
+$stmt->execute([$email]);
+$user = $stmt->fetch();
+
+if (!$user || !password_verify($password, $user['password_hash'])) {
+    json_error('بيانات الدخول غير صحيحة', 401);
+}
+
+// 3. Issue Token
+$secret = env('JWT_SECRET', 'super-secret-key');
+$payload = [
+    'user_id' => $user['id'],
+    'role'    => $user['role'],
+    'exp'     => time() + (15 * 60) // 15 minutes
+];
+
+$token = JWT::encode($payload, $secret);
+
+// 4. Update Refresh Token (Simple stored in DB as requested)
+$refreshToken = bin2hex(random_bytes(32));
+$stmt = $db->prepare("UPDATE users SET refresh_token = ? WHERE id = ?");
+$stmt->execute([$refreshToken, $user['id']]);
+
+json_success([
+    'access_token'  => $token,
+    'refresh_token' => $refreshToken,
+    'user' => [
+        'id'    => $user['id'],
+        'name'  => $user['name'],
+        'email' => $user['email']
+    ]
+], 'تم تسجيل الدخول بنجاح');

app/modules_app/auth/logout.php

@@ -0,0 +1,18 @@
+<?php
+/**
+ * Auth Logout Endpoint
+ */
+
+use App\Core\Database;
+use App\Middleware\AuthMiddleware;
+
+// 1. Check Authentication
+$decoded = AuthMiddleware::check();
+$userId = $decoded['user_id'];
+
+// 2. Invalidate Refresh Token
+$db = Database::getInstance();
+$stmt = $db->prepare("UPDATE users SET refresh_token = NULL WHERE id = ?");
+$stmt->execute([$userId]);
+
+json_success(null, 'تم تسجيل الخروج بنجاح');

app/modules_app/auth/refresh.php

@@ -0,0 +1,41 @@
+<?php
+/**
+ * Auth Refresh Endpoint
+ */
+
+use App\Core\Database;
+use App\Core\JWT;
+
+$data = input();
+$refreshToken = $data['refresh_token'] ?? null;
+
+if (!$refreshToken) {
+    json_error('Refresh token is required', 400);
+}
+
+$db = Database::getInstance();
+$stmt = $db->prepare("SELECT * FROM users WHERE refresh_token = ? LIMIT 1");
+$stmt->execute([$refreshToken]);
+$user = $stmt->fetch();
+
+if (!$user) {
+    json_error('Invalid refresh token', 401);
+}
+
+$secret = env('JWT_SECRET', 'super-secret-key');
+$payload = [
+    'user_id' => $user['id'],
+    'role'    => $user['role'],
+    'exp'     => time() + (15 * 60)
+];
+
+$newToken = JWT::encode($payload, $secret);
+$newRefreshToken = bin2hex(random_bytes(32));
+
+$stmt = $db->prepare("UPDATE users SET refresh_token = ? WHERE id = ?");
+$stmt->execute([$newRefreshToken, $user['id']]);
+
+json_success([
+    'access_token'  => $newToken,
+    'refresh_token' => $newRefreshToken
+], 'تم تجديد الجلسة بنجاح');

app/modules_app/trips/index.php

@@ -0,0 +1,28 @@
+<?php
+/**
+ * Trips List Endpoint (Example Module)
+ */
+
+use App\Core\Database;
+use App\Middleware\AuthMiddleware;
+use App\Middleware\RateLimitMiddleware;
+
+// 1. Rate Limiting (e.g., 30 requests per minute)
+RateLimitMiddleware::check(30, 60);
+
+// 2. Auth Check
+$decoded = AuthMiddleware::check();
+
+// 3. Fetch Data
+// Note: Assumes a 'trips' table exists based on the requested structure
+$db = Database::getInstance();
+try {
+    $stmt = $db->prepare("SELECT * FROM trips WHERE user_id = ? ORDER BY created_at DESC");
+    $stmt->execute([$decoded['user_id']]);
+    $trips = $stmt->fetchAll();
+    
+    json_success($trips);
+} catch (\PDOException $e) {
+    // If table doesn't exist, return empty for the sake of the skeleton
+    json_success([], 'Trips table not found, returning empty array for demonstration.');
+}

app/modules_app/users/index.php

@@ -0,0 +1,23 @@
+<?php
+/**
+ * Users List Endpoint
+ */
+
+use App\Core\Database;
+use App\Middleware\AuthMiddleware;
+
+// 1. Auth Check
+$decoded = AuthMiddleware::check();
+
+// 2. Simple Role-Based Access Control (RBAC)
+if ($decoded['role'] !== 'super_admin' && $decoded['role'] !== 'admin') {
+    json_error('غير مصرح لك بالوصول لهذه البيانات', 403);
+}
+
+// 3. Fetch Data
+$db = Database::getInstance();
+$stmt = $db->prepare("SELECT id, name, email, role, is_active, created_at FROM users");
+$stmt->execute();
+$users = $stmt->fetchAll();
+
+json_success($users);