Complete Phase 1: MVC, DB migrations, Auth, RBAC, Security, and Views

2026-06-05 00:56:41 +03:00
parent 7ffbc8bafa
commit bed7624ae9
51 changed files with 3295 additions and 0 deletions
--- a/public/assets/css/admin.css
+++ b/public/assets/css/admin.css
@@ -0,0 +1,187 @@
+.admin-container {
+    display: flex;
+    min-height: 100vh;
+}
+
+.sidebar {
+    width: 280px;
+    background: hsla(222, 47%, 10%, 0.85);
+    backdrop-filter: blur(12px);
+    -webkit-backdrop-filter: blur(12px);
+    border-right: 1px solid var(--border-color);
+    padding: 40px 24px;
+    display: flex;
+    flex-direction: column;
+    gap: 40px;
+}
+
+.brand {
+    font-size: 1.7rem;
+    font-weight: 800;
+    background: var(--primary-gradient);
+    -webkit-background-clip: text;
+    -webkit-text-fill-color: transparent;
+    display: flex;
+    align-items: center;
+    gap: 12px;
+}
+
+.nav-menu {
+    list-style: none;
+    display: flex;
+    flex-direction: column;
+    gap: 10px;
+}
+
+.nav-item a {
+    display: flex;
+    align-items: center;
+    gap: 14px;
+    padding: 14px 20px;
+    border-radius: var(--radius-md);
+    color: var(--text-muted);
+    font-weight: 500;
+    font-size: 0.95rem;
+    transition: var(--transition);
+}
+
+.nav-item a:hover, .nav-item.active a {
+    color: var(--text-main);
+    background: hsla(217, 32%, 18%, 0.6);
+    border: 1px solid var(--border-color);
+}
+
+.main-content {
+    flex: 1;
+    display: flex;
+    flex-direction: column;
+}
+
+.top-bar {
+    height: 80px;
+    background: hsla(222, 47%, 8%, 0.4);
+    backdrop-filter: blur(8px);
+    -webkit-backdrop-filter: blur(8px);
+    border-bottom: 1px solid var(--border-color);
+    display: flex;
+    align-items: center;
+    justify-content: space-between;
+    padding: 0 40px;
+}
+
+.user-info {
+    display: flex;
+    align-items: center;
+    gap: 14px;
+}
+
+.avatar {
+    width: 42px;
+    height: 42px;
+    border-radius: 50%;
+    background: var(--primary-gradient);
+    display: flex;
+    align-items: center;
+    justify-content: center;
+    font-weight: 700;
+    color: #fff;
+    box-shadow: 0 0 15px rgba(0, 0, 0, 0.4);
+    font-family: 'Outfit', sans-serif;
+}
+
+.content-body {
+    flex: 1;
+    padding: 40px;
+    display: flex;
+    flex-direction: column;
+    gap: 40px;
+    overflow-y: auto;
+}
+
+.dashboard-header {
+    display: flex;
+    flex-direction: column;
+    gap: 8px;
+}
+
+.dashboard-header h1 {
+    font-size: 2.4rem;
+    font-weight: 700;
+    background: linear-gradient(135deg, #fff 60%, hsl(215, 20%, 75%));
+    -webkit-background-clip: text;
+    -webkit-text-fill-color: transparent;
+}
+
+.dashboard-header p {
+    color: var(--text-muted);
+}
+
+/* Metric Cards Grid */
+.metrics-grid {
+    display: grid;
+    grid-template-columns: repeat(auto-fit, minmax(240px, 1fr));
+    gap: 24px;
+}
+
+.metric-card {
+    padding: 28px;
+    display: flex;
+    flex-direction: column;
+    gap: 14px;
+    position: relative;
+    overflow: hidden;
+}
+
+.metric-card::before {
+    content: '';
+    position: absolute;
+    top: 0;
+    left: 0;
+    width: 4px;
+    height: 100%;
+    background: var(--primary-gradient);
+}
+
+.metric-title {
+    font-size: 0.85rem;
+    color: var(--text-muted);
+    text-transform: uppercase;
+    letter-spacing: 0.08em;
+    font-weight: 600;
+}
+
+.metric-value {
+    font-size: 2.2rem;
+    font-weight: 700;
+    color: var(--text-main);
+    font-family: 'Outfit', sans-serif;
+}
+
+.metric-footer {
+    font-size: 0.8rem;
+    color: var(--success);
+    display: flex;
+    align-items: center;
+    gap: 6px;
+}
+
+/* Charts Grid */
+.charts-grid {
+    display: grid;
+    grid-template-columns: repeat(auto-fit, minmax(450px, 1fr));
+    gap: 24px;
+}
+
+.chart-card {
+    padding: 28px;
+    display: flex;
+    flex-direction: column;
+    gap: 20px;
+    min-height: 320px;
+}
+
+.chart-title {
+    font-size: 1.1rem;
+    font-weight: 600;
+    color: var(--text-main);
+}
--- a/public/assets/css/app.css
+++ b/public/assets/css/app.css
@@ -0,0 +1,166 @@
+@import url('https://fonts.googleapis.com/css2?family=Inter:wght@300;400;500;600;700&family=Outfit:wght@400;500;600;700;800&display=swap');
+
+:root {
+    --bg-dark: hsl(222, 47%, 7%);
+    --bg-card: hsla(222, 47%, 11%, 0.7);
+    --border-color: hsla(217, 32%, 22%, 0.5);
+    
+    --primary: hsl(263, 90%, 60%);
+    --primary-hover: hsl(263, 90%, 65%);
+    --primary-gradient: linear-gradient(135deg, hsl(263, 90%, 60%) 0%, hsl(220, 95%, 50%) 100%);
+    
+    --accent: hsl(180, 100%, 50%);
+    --accent-glow: hsla(180, 100%, 50%, 0.15);
+    
+    --text-main: hsl(210, 40%, 98%);
+    --text-muted: hsl(215, 20%, 70%);
+    
+    --success: hsl(142, 70%, 45%);
+    --error: hsl(0, 84%, 60%);
+    --warning: hsl(38, 92%, 50%);
+    
+    --radius-sm: 8px;
+    --radius-md: 12px;
+    --radius-lg: 20px;
+    --shadow-glow: 0 0 25px -5px hsla(263, 90%, 60%, 0.3);
+    
+    --transition: all 0.3s cubic-bezier(0.4, 0, 0.2, 1);
+}
+
+* {
+    box-sizing: border-box;
+    margin: 0;
+    padding: 0;
+}
+
+body {
+    background-color: var(--bg-dark);
+    color: var(--text-main);
+    font-family: 'Inter', sans-serif;
+    min-height: 100vh;
+    display: flex;
+    flex-direction: column;
+    overflow-x: hidden;
+    background-image: 
+        radial-gradient(at 10% 20%, hsla(263, 90%, 50%, 0.1) 0px, transparent 50%),
+        radial-gradient(at 90% 80%, hsla(220, 95%, 50%, 0.08) 0px, transparent 50%);
+}
+
+h1, h2, h3, h4, .brand-title {
+    font-family: 'Outfit', sans-serif;
+}
+
+a {
+    color: var(--accent);
+    text-decoration: none;
+    transition: var(--transition);
+}
+
+a:hover {
+    filter: brightness(1.2);
+    text-shadow: 0 0 8px var(--accent-glow);
+}
+
+/* Glassmorphism Panel */
+.glass-panel {
+    background: var(--bg-card);
+    backdrop-filter: blur(16px);
+    -webkit-backdrop-filter: blur(16px);
+    border: 1px solid var(--border-color);
+    border-radius: var(--radius-lg);
+    box-shadow: 0 8px 32px 0 rgba(0, 0, 0, 0.37);
+}
+
+/* Buttons */
+.btn {
+    display: inline-flex;
+    align-items: center;
+    justify-content: center;
+    padding: 12px 24px;
+    font-size: 0.95rem;
+    font-weight: 600;
+    border-radius: var(--radius-md);
+    border: none;
+    cursor: pointer;
+    transition: var(--transition);
+    font-family: 'Outfit', sans-serif;
+}
+
+.btn-primary {
+    background: var(--primary-gradient);
+    color: #fff;
+    box-shadow: var(--shadow-glow);
+}
+
+.btn-primary:hover {
+    transform: translateY(-2px);
+    box-shadow: 0 0 30px -2px hsla(263, 90%, 60%, 0.5);
+}
+
+.btn-secondary {
+    background: hsla(217, 32%, 17%, 0.6);
+    color: var(--text-main);
+    border: 1px solid var(--border-color);
+}
+
+.btn-secondary:hover {
+    background: hsla(217, 32%, 22%, 0.8);
+    transform: translateY(-2px);
+}
+
+/* Form Inputs */
+.form-group {
+    margin-bottom: 20px;
+    display: flex;
+    flex-direction: column;
+    gap: 8px;
+}
+
+.form-label {
+    font-size: 0.85rem;
+    font-weight: 500;
+    color: var(--text-muted);
+    text-transform: uppercase;
+    letter-spacing: 0.05em;
+}
+
+.form-control {
+    background: hsla(217, 32%, 12%, 0.5);
+    border: 1px solid var(--border-color);
+    border-radius: var(--radius-md);
+    padding: 12px 16px;
+    color: var(--text-main);
+    font-size: 0.95rem;
+    outline: none;
+    transition: var(--transition);
+}
+
+.form-control:focus {
+    border-color: var(--primary);
+    box-shadow: 0 0 15px -3px hsla(263, 90%, 60%, 0.25);
+    background: hsla(217, 32%, 15%, 0.7);
+}
+
+/* Alert notifications */
+.alert {
+    padding: 14px 20px;
+    border-radius: var(--radius-md);
+    margin-bottom: 20px;
+    font-size: 0.9rem;
+    font-weight: 500;
+    display: flex;
+    align-items: center;
+    border: 1px solid transparent;
+}
+
+.alert-success {
+    background: hsla(142, 70%, 45%, 0.15);
+    color: var(--success);
+    border-color: hsla(142, 70%, 45%, 0.3);
+}
+
+.alert-error {
+    background: hsla(0, 84%, 60%, 0.15);
+    color: var(--error);
+    border-color: hsla(0, 84%, 60%, 0.3);
+}
--- a/public/index.php
+++ b/public/index.php
@@ -0,0 +1,44 @@
+<?php
+
+/** @var App\Core\App $app */
+$app = require_once __DIR__ . '/../bootstrap/app.php';
+
+use App\Controllers\HomeController;
+use App\Controllers\AuthController;
+use App\Controllers\Admin\DashboardController;
+use App\Middleware\SecurityHeaders;
+use App\Middleware\RateLimit;
+use App\Middleware\CsrfProtection;
+use App\Middleware\Authenticate;
+
+// Register Global Web Middlewares on Route groups
+$app->router->group([
+    'middleware' => [SecurityHeaders::class]
+], function($router) {
+    
+    // Public index redirection
+    $router->get('/', [HomeController::class, 'index']);
+    
+    // Auth routes throttled via Rate Limiter
+    $router->group([
+        'middleware' => [RateLimit::class]
+    ], function($r) {
+        $r->get('/login', [AuthController::class, 'showLogin']);
+        $r->post('/login', [AuthController::class, 'login']);
+        $r->get('/register', [AuthController::class, 'showRegister']);
+        $r->post('/register', [AuthController::class, 'register']);
+    });
+
+    // Protected Admin routes requiring Session Auth & CSRF tokens
+    $router->group([
+        'prefix' => '/admin',
+        'middleware' => [Authenticate::class, CsrfProtection::class]
+    ], function($r) {
+        $r->get('/dashboard', [DashboardController::class, 'index']);
+    });
+
+    // Logout endpoint
+    $router->get('/logout', [AuthController::class, 'logout']);
+});
+
+$app->run();