41 lines
1.4 KiB
PHP
41 lines
1.4 KiB
PHP
<?php
|
|
/**
|
|
* Nabeh API Front Controller
|
|
* Single entry point handling routing and application bootstrap.
|
|
*/
|
|
|
|
// 1. Boot the application (autoloader, env, errors)
|
|
require_once dirname(__DIR__) . '/app/bootstrap.php';
|
|
|
|
use App\Core\Request;
|
|
use App\Core\Response;
|
|
use App\Core\Router;
|
|
|
|
// 2. Initialize request and response objects
|
|
$request = new Request();
|
|
$response = new Response();
|
|
$router = new Router();
|
|
|
|
// 3. Define Global Middleware
|
|
$router->use(\App\Middlewares\SecurityMiddleware::class);
|
|
|
|
// 4. Define API Routes
|
|
// Health Check — no php_version or environment in production to avoid info disclosure
|
|
$router->get('/api/health', function ($request, $response) {
|
|
$response->json([
|
|
'status' => 'success',
|
|
'message' => 'Nabeh API is healthy',
|
|
'app_name' => getenv('APP_NAME') ?: 'Nabeh',
|
|
'time' => date('Y-m-d H:i:s')
|
|
]);
|
|
});
|
|
|
|
// Authentication Routes (Rate-limited: 5 attempts per 60 seconds per IP)
|
|
$router->post('/api/auth/register', [\App\Controllers\AuthController::class, 'register'], [\App\Middlewares\RateLimitMiddleware::class]);
|
|
$router->post('/api/auth/login', [\App\Controllers\AuthController::class, 'login'], [\App\Middlewares\RateLimitMiddleware::class]);
|
|
$router->get('/api/auth/me', [\App\Controllers\AuthController::class, 'me'], [\App\Middlewares\AuthMiddleware::class]);
|
|
|
|
|
|
// 4. Dispatch the request
|
|
$router->dispatch($request, $response);
|