153 lines
6.3 KiB
PHP
153 lines
6.3 KiB
PHP
<?php
|
|
|
|
declare(strict_types=1);
|
|
|
|
require_once __DIR__ . '/../vendor/autoload.php';
|
|
require_once __DIR__ . '/../app/Core/helpers.php';
|
|
|
|
use App\Core\Application;
|
|
use App\Modules\Auth\AuthController;
|
|
use App\Modules\Companies\CompanyController;
|
|
use App\Modules\Invoices\InvoiceController;
|
|
use App\Modules\Dashboard\DashboardController;
|
|
use App\Modules\Users\UsersController;
|
|
use App\Modules\ApiKeys\ApiKeyController;
|
|
use App\Modules\Admin\AdminController;
|
|
use App\Middleware\AuthMiddleware;
|
|
use App\Middleware\HmacMiddleware;
|
|
|
|
$app = new Application(dirname(__DIR__));
|
|
$router = $app->getRouter();
|
|
|
|
// ══ Auth Routes ══════════════════════════════════════════════
|
|
$router->addRoute('POST', '/api/v1/auth/login', [AuthController::class, 'login']);
|
|
$router->addRoute('POST', '/api/v1/auth/register', [AuthController::class, 'register']);
|
|
$router->addRoute('POST', '/api/v1/auth/refresh', [AuthController::class, 'refresh']);
|
|
$router->addRoute('POST', '/api/v1/auth/logout', [AuthController::class, 'logout']);
|
|
$router->addRoute('GET', '/api/v1/auth/me', [
|
|
'middleware' => [AuthMiddleware::class],
|
|
'handler' => [AuthController::class, 'me']
|
|
]);
|
|
$router->addRoute('POST', '/api/v1/auth/2fa/enable', [
|
|
'middleware' => [AuthMiddleware::class],
|
|
'handler' => [AuthController::class, 'enable2FA']
|
|
]);
|
|
$router->addRoute('POST', '/api/v1/auth/2fa/verify', [
|
|
'middleware' => [AuthMiddleware::class],
|
|
'handler' => [AuthController::class, 'verify2FA']
|
|
]);
|
|
$router->addRoute('POST', '/api/v1/auth/2fa/disable', [
|
|
'middleware' => [AuthMiddleware::class],
|
|
'handler' => [AuthController::class, 'disable2FA']
|
|
]);
|
|
|
|
// ══ Company Routes ═══════════════════════════════════════════
|
|
$router->addRoute('GET', '/api/v1/companies', [
|
|
'middleware' => [AuthMiddleware::class],
|
|
'handler' => [CompanyController::class, 'index']
|
|
]);
|
|
$router->addRoute('POST', '/api/v1/companies', [
|
|
'middleware' => [AuthMiddleware::class],
|
|
'handler' => [CompanyController::class, 'store']
|
|
]);
|
|
$router->addRoute('GET', '/api/v1/companies/{id}', [
|
|
'middleware' => [AuthMiddleware::class],
|
|
'handler' => [CompanyController::class, 'show']
|
|
]);
|
|
$router->addRoute('PUT', '/api/v1/companies/{id}', [
|
|
'middleware' => [AuthMiddleware::class],
|
|
'handler' => [CompanyController::class, 'update']
|
|
]);
|
|
$router->addRoute('DELETE', '/api/v1/companies/{id}', [
|
|
'middleware' => [AuthMiddleware::class],
|
|
'handler' => [CompanyController::class, 'destroy']
|
|
]);
|
|
|
|
// ══ User Routes ══════════════════════════════════════════════
|
|
$router->addRoute('GET', '/api/v1/users', [
|
|
'middleware' => [AuthMiddleware::class],
|
|
'handler' => [UsersController::class, 'list']
|
|
]);
|
|
$router->addRoute('POST', '/api/v1/users', [
|
|
'middleware' => [AuthMiddleware::class],
|
|
'handler' => [UsersController::class, 'create']
|
|
]);
|
|
$router->addRoute('PUT', '/api/v1/users/{id}', [
|
|
'middleware' => [AuthMiddleware::class],
|
|
'handler' => [UsersController::class, 'update']
|
|
]);
|
|
$router->addRoute('DELETE', '/api/v1/users/{id}', [
|
|
'middleware' => [AuthMiddleware::class],
|
|
'handler' => [UsersController::class, 'destroy']
|
|
]);
|
|
|
|
// ══ Invoice Routes ═══════════════════════════════════════════
|
|
$router->addRoute('GET', '/api/v1/invoices', [
|
|
'middleware' => [AuthMiddleware::class],
|
|
'handler' => [InvoiceController::class, 'index']
|
|
]);
|
|
$router->addRoute('POST', '/api/v1/invoices/upload', [
|
|
'middleware' => [AuthMiddleware::class],
|
|
'handler' => [InvoiceController::class, 'upload']
|
|
]);
|
|
$router->addRoute('GET', '/api/v1/invoices/{id}', [
|
|
'middleware' => [AuthMiddleware::class],
|
|
'handler' => [InvoiceController::class, 'show']
|
|
]);
|
|
$router->addRoute('GET', '/api/v1/invoices/{id}/status', [
|
|
'middleware' => [AuthMiddleware::class],
|
|
'handler' => [InvoiceController::class, 'status']
|
|
]);
|
|
$router->addRoute('GET', '/api/v1/invoices/{id}/file', [
|
|
'middleware' => [AuthMiddleware::class],
|
|
'handler' => [InvoiceController::class, 'serveFile']
|
|
]);
|
|
|
|
// ══ Dashboard ════════════════════════════════════════════════
|
|
$router->addRoute('GET', '/api/v1/dashboard', [
|
|
'middleware' => [AuthMiddleware::class],
|
|
'handler' => [DashboardController::class, 'getStats']
|
|
]);
|
|
|
|
// ══ API Keys ═══════════════════════════════════════════════════
|
|
$router->addRoute('GET', '/api/v1/api-keys', [
|
|
'middleware' => [AuthMiddleware::class],
|
|
'handler' => [ApiKeyController::class, 'index']
|
|
]);
|
|
$router->addRoute('POST', '/api/v1/api-keys', [
|
|
'middleware' => [AuthMiddleware::class],
|
|
'handler' => [ApiKeyController::class, 'create']
|
|
]);
|
|
$router->addRoute('DELETE', '/api/v1/api-keys/{id}', [
|
|
'middleware' => [AuthMiddleware::class],
|
|
'handler' => [ApiKeyController::class, 'revoke']
|
|
]);
|
|
|
|
// ══ Admin Routes (Super Admin) ════════════════════════════════
|
|
$router->addRoute('GET', '/api/v1/admin/tenants', [
|
|
'middleware' => [AuthMiddleware::class],
|
|
'handler' => [AdminController::class, 'listTenants']
|
|
]);
|
|
$router->addRoute('GET', '/api/v1/admin/stats', [
|
|
'middleware' => [AuthMiddleware::class],
|
|
'handler' => [AdminController::class, 'getSystemStats']
|
|
]);
|
|
$router->addRoute('GET', '/api/v1/admin/queue', [
|
|
'middleware' => [AuthMiddleware::class],
|
|
'handler' => [AdminController::class, 'getQueueStatus']
|
|
]);
|
|
|
|
// ══ Health & Public ═══════════════════════════════════════════
|
|
$router->addRoute('GET', '/api/v1/health', [AdminController::class, 'health']);
|
|
|
|
// ══ Determine if this is an API request ═════════════════════════════
|
|
$apiRoute = $_GET['route'] ?? null;
|
|
|
|
if (!$apiRoute) {
|
|
// Not an API call — serve the SPA shell
|
|
include __DIR__ . '/shell.php';
|
|
exit;
|
|
}
|
|
|
|
$app->run();
|