115 lines
8.9 KiB
PHP
115 lines
8.9 KiB
PHP
<?php
|
|
declare(strict_types=1);
|
|
|
|
require_once __DIR__ . '/../vendor/autoload.php';
|
|
require_once __DIR__ . '/../app/Core/helpers.php';
|
|
|
|
use App\Core\Application;
|
|
|
|
$app = new Application(dirname(__DIR__));
|
|
$router = $app->getRouter();
|
|
|
|
// Auth
|
|
$router->addRoute('POST', '/api/v1/auth/register', [\App\Modules\Auth\AuthController::class, 'register']);
|
|
$router->addRoute('POST', '/api/v1/auth/login', [\App\Modules\Auth\AuthController::class, 'login']);
|
|
$router->addRoute('POST', '/api/v1/auth/refresh', [\App\Modules\Auth\AuthController::class, 'refresh']);
|
|
$router->addRoute('GET', '/api/v1/auth/me', ['middleware' => [\App\Middleware\AuthMiddleware::class], 'handler' => [\App\Modules\Auth\AuthController::class, 'me']]);
|
|
$router->addRoute('POST', '/api/v1/auth/logout', ['middleware' => [\App\Middleware\AuthMiddleware::class], 'handler' => [\App\Modules\Auth\AuthController::class, 'logout']]);
|
|
$router->addRoute('POST', '/api/v1/auth/2fa/enable', ['middleware' => [\App\Middleware\AuthMiddleware::class], 'handler' => [\App\Modules\Auth\AuthController::class, 'enable2FA']]);
|
|
$router->addRoute('POST', '/api/v1/auth/2fa/verify', ['middleware' => [\App\Middleware\AuthMiddleware::class], 'handler' => [\App\Modules\Auth\AuthController::class, 'verify2FA']]);
|
|
$router->addRoute('POST', '/api/v1/auth/2fa/verify_login', ['middleware' => [\App\Middleware\AuthMiddleware::class], 'handler' => [\App\Modules\Auth\AuthController::class, 'login2FAVerify']]);
|
|
$router->addRoute('POST', '/api/v1/auth/2fa/disable', ['middleware' => [\App\Middleware\AuthMiddleware::class], 'handler' => [\App\Modules\Auth\AuthController::class, 'disable2FA']]);
|
|
|
|
// Dashboard
|
|
$router->addRoute('GET', '/api/v1/dashboard', ['middleware' => [\App\Middleware\AuthMiddleware::class], 'handler' => [\App\Modules\Dashboard\DashboardController::class, 'getStats']]);
|
|
$router->addRoute('GET', '/api/v1/dashboard/risk', ['middleware' => [\App\Middleware\AuthMiddleware::class], 'handler' => [\App\Modules\Dashboard\DashboardController::class, 'getRiskStats']]);
|
|
|
|
// Companies
|
|
$router->addRoute('GET', '/api/v1/companies', ['middleware' => [\App\Middleware\AuthMiddleware::class], 'handler' => [\App\Modules\Companies\CompanyController::class, 'list']]);
|
|
$router->addRoute('POST', '/api/v1/companies', ['middleware' => [\App\Middleware\AuthMiddleware::class], 'handler' => [\App\Modules\Companies\CompanyController::class, 'create']]);
|
|
$router->addRoute('PUT', '/api/v1/companies/{id}/jofotara', ['middleware' => [\App\Middleware\AuthMiddleware::class], 'handler' => [\App\Modules\Companies\CompanyController::class, 'updateJoFotara']]);
|
|
|
|
// Invoices
|
|
$router->addRoute('GET', '/api/v1/invoices', ['middleware' => [\App\Middleware\AuthMiddleware::class], 'handler' => [\App\Modules\Invoices\InvoiceController::class, 'index']]);
|
|
$router->addRoute('POST', '/api/v1/invoices/upload', ['middleware' => [\App\Middleware\AuthMiddleware::class], 'handler' => [\App\Modules\Invoices\InvoiceController::class, 'upload']]);
|
|
$router->addRoute('GET', '/api/v1/invoices/{id}', ['middleware' => [\App\Middleware\AuthMiddleware::class], 'handler' => [\App\Modules\Invoices\InvoiceController::class, 'show']]);
|
|
$router->addRoute('PUT', '/api/v1/invoices/{id}', ['middleware' => [\App\Middleware\AuthMiddleware::class], 'handler' => [\App\Modules\Invoices\InvoiceController::class, 'update']]);
|
|
$router->addRoute('DELETE', '/api/v1/invoices/{id}', ['middleware' => [\App\Middleware\AuthMiddleware::class], 'handler' => [\App\Modules\Invoices\InvoiceController::class, 'destroy']]);
|
|
$router->addRoute('POST', '/api/v1/invoices/{id}/submit', ['middleware' => [\App\Middleware\AuthMiddleware::class], 'handler' => [\App\Modules\Invoices\InvoiceController::class, 'submit']]);
|
|
$router->addRoute('GET', '/api/v1/invoices/{id}/file', ['middleware' => [\App\Middleware\AuthMiddleware::class], 'handler' => [\App\Modules\Invoices\InvoiceController::class, 'serveFile']]);
|
|
$router->addRoute('GET', '/api/v1/invoices/{id}/status', ['middleware' => [\App\Middleware\AuthMiddleware::class], 'handler' => [\App\Modules\Invoices\InvoiceController::class, 'status']]);
|
|
|
|
// Users
|
|
$router->addRoute('GET', '/api/v1/users', ['middleware' => [\App\Middleware\AuthMiddleware::class], 'handler' => [\App\Modules\Users\UsersController::class, 'list']]);
|
|
$router->addRoute('POST', '/api/v1/users', ['middleware' => [\App\Middleware\AuthMiddleware::class], 'handler' => [\App\Modules\Users\UsersController::class, 'create']]);
|
|
$router->addRoute('PUT', '/api/v1/users/{id}', ['middleware' => [\App\Middleware\AuthMiddleware::class], 'handler' => [\App\Modules\Users\UsersController::class, 'update']]);
|
|
$router->addRoute('DELETE', '/api/v1/users/{id}', ['middleware' => [\App\Middleware\AuthMiddleware::class], 'handler' => [\App\Modules\Users\UsersController::class, 'destroy']]);
|
|
$router->addRoute('PUT', '/api/v1/users/profile', ['middleware' => [\App\Middleware\AuthMiddleware::class], 'handler' => [\App\Modules\Users\UsersController::class, 'updateProfile']]);
|
|
$router->addRoute('PUT', '/api/v1/users/password', ['middleware' => [\App\Middleware\AuthMiddleware::class], 'handler' => [\App\Modules\Users\UsersController::class, 'changePassword']]);
|
|
|
|
// API Keys
|
|
$router->addRoute('GET', '/api/v1/api-keys', ['middleware' => [\App\Middleware\AuthMiddleware::class], 'handler' => [\App\Modules\ApiKeys\ApiKeyController::class, 'index']]);
|
|
$router->addRoute('POST', '/api/v1/api-keys', ['middleware' => [\App\Middleware\AuthMiddleware::class], 'handler' => [\App\Modules\ApiKeys\ApiKeyController::class, 'create']]);
|
|
$router->addRoute('DELETE', '/api/v1/api-keys/{id}', ['middleware' => [\App\Middleware\AuthMiddleware::class], 'handler' => [\App\Modules\ApiKeys\ApiKeyController::class, 'revoke']]);
|
|
|
|
// Subscriptions
|
|
$router->addRoute('GET', '/api/v1/subscriptions/me', ['middleware' => [\App\Middleware\AuthMiddleware::class], 'handler' => [\App\Modules\Subscriptions\SubscriptionController::class, 'me']]);
|
|
$router->addRoute('GET', '/api/v1/subscriptions/plans', ['middleware' => [\App\Middleware\AuthMiddleware::class], 'handler' => [\App\Modules\Subscriptions\SubscriptionController::class, 'plans']]);
|
|
|
|
// Risk monitor
|
|
$router->addRoute('GET', '/api/v1/risks', ['middleware' => [\App\Middleware\AuthMiddleware::class], 'handler' => [\App\Modules\Risks\RiskController::class, 'index']]);
|
|
$router->addRoute('PUT', '/api/v1/risks/{id}/resolve', ['middleware' => [\App\Middleware\AuthMiddleware::class], 'handler' => [\App\Modules\Risks\RiskController::class, 'resolve']]);
|
|
|
|
// Admin (super_admin only)
|
|
$adminMw = [\App\Middleware\AuthMiddleware::class, \App\Middleware\RoleMiddleware::class . ':super_admin'];
|
|
$router->addRoute('GET', '/api/v1/admin/tenants', ['middleware' => $adminMw, 'handler' => [\App\Modules\Admin\AdminController::class, 'listTenants']]);
|
|
$router->addRoute('GET', '/api/v1/admin/tenants/{id}', ['middleware' => $adminMw, 'handler' => [\App\Modules\Admin\AdminController::class, 'getTenant']]);
|
|
$router->addRoute('PUT', '/api/v1/admin/tenants/{id}', ['middleware' => $adminMw, 'handler' => [\App\Modules\Admin\AdminController::class, 'updateTenant']]);
|
|
$router->addRoute('GET', '/api/v1/admin/stats', ['middleware' => $adminMw, 'handler' => [\App\Modules\Admin\AdminController::class, 'getSystemStats']]);
|
|
$router->addRoute('GET', '/api/v1/admin/queue', ['middleware' => $adminMw, 'handler' => [\App\Modules\Admin\AdminController::class, 'getQueueStatus']]);
|
|
$router->addRoute('POST', '/api/v1/admin/queue/{id}/retry', ['middleware' => $adminMw, 'handler' => [\App\Modules\Admin\AdminController::class, 'retryJob']]);
|
|
|
|
// ══ Health Check ═════════════════════════════════════════════
|
|
$router->addRoute('GET', '/api/v1/health', function(\App\Core\Request $request) {
|
|
$dbStatus = 'ok';
|
|
try {
|
|
\App\Core\Database::getInstance()->query('SELECT 1');
|
|
} catch (\Throwable $e) {
|
|
$dbStatus = 'error';
|
|
}
|
|
|
|
$redisStatus = 'ok';
|
|
try {
|
|
\App\Core\Redis::getInstance()->ping();
|
|
} catch (\Throwable $e) {
|
|
$redisStatus = 'error';
|
|
}
|
|
|
|
$db = \App\Core\Database::getInstance();
|
|
$queuePending = (int)$db->query("SELECT COUNT(*) FROM queue_jobs WHERE status = 'pending'")->fetchColumn();
|
|
$queueDead = (int)$db->query("SELECT COUNT(*) FROM queue_jobs WHERE status = 'dead'")->fetchColumn();
|
|
|
|
\App\Core\Response::json([
|
|
'success' => true,
|
|
'data' => [
|
|
'db' => $dbStatus,
|
|
'redis' => $redisStatus,
|
|
'queue_pending' => $queuePending,
|
|
'queue_dead' => $queueDead,
|
|
'timestamp' => date('c'),
|
|
],
|
|
]);
|
|
});
|
|
|
|
// ══ Determine if this is an API request ═════════════════════════════
|
|
$requestPath = $_GET['route'] ?? parse_url($_SERVER['REQUEST_URI'], PHP_URL_PATH);
|
|
$isApi = str_starts_with($requestPath, '/api/v1');
|
|
|
|
if (!$isApi) {
|
|
// Not an API call — serve the SPA shell
|
|
include __DIR__ . '/shell.php';
|
|
exit;
|
|
}
|
|
|
|
$app->run();
|