public function testBeforeRouterMiddleware() { // Create Router $router = new \Bramus\Router\Router(); $router->before('GET', '/.*', function () { echo 'before '; }); $router->get('/about', function () { echo 'about'; }); $router->get('/contact', function () { echo 'contact'; }); // Test the /about route ob_start(); $_SERVER['REQUEST_URI'] = '/about'; $router->run(); $this->assertContains('before', ob_get_contents()); // Test the /contact route ob_clean(); $_SERVER['REQUEST_URI'] = '/contact'; $router->run(); $this->assertContains('before', ob_get_contents()); // Cleanup ob_end_clean(); }
<?php // Require composer autoloader require __DIR__ . '/vendor/autoload.php'; require 'controller/controller.php'; // Create Router instance $router = new \Bramus\Router\Router(); $router->before('GET', '/.*', function () { header('X-Powered-By: router'); }); $router->get('/', function () { echo "Welcome to beautyUniversity JSON api"; }); $router->get('/v1/school/(\\w+)/analytic/(\\w+)', function ($name, $bool) { header('Content-Type: application/json; charset=utf-8'); ob_start("ob_gzhandler"); $req = htmlentities($name); $check = htmlentities($bool); $controller = new myController($req); if ($check === "true") { echo $controller->indexAction("colleges_" . $req); } if ($check === "false") { echo $controller->indexAction("school_" . $req); } }); $router->set404(function () { header('HTTP/1.1 404 Not Found'); echo "invalid request url"; }); $router->run();
require_once __DIR__ . '/core/Router.php'; // Include configuration and models require_once __DIR__ . '/includes/config.php'; require_once __DIR__ . '/core/Model.php'; require_once __DIR__ . '/model/Post.php'; require_once __DIR__ . '/model/FeedSource.php'; // Create a Router $router = new \Bramus\Router\Router(); // Custom 404 Handler $router->set404(function () { header($_SERVER['SERVER_PROTOCOL'] . ' 404 Not Found'); echo '404, route not found!'; }); // Before Router Middleware $router->before('GET', '/.*', function () { header('Content-Type: application/json'); }); // // Static route: / (homepage) // $router->get('/', function () { // echo ''; // }); $router->mount('/post', function () use($router) { // Route: /posts (fetch all posts) $router->get('/', function () { $postModel = new Post(); $posts = $postModel->getAllPosts(); echo json_encode($posts); }); // Route: /post/id (fetch a single post) $router->get('/(\\d+)', function ($id) { $postModel = new Post();
$router->options('/.*', function () { sendCorsHeaders(); }); sendCorsHeaders(); // Check JWT on /secured routes $router->before('GET', '/secured/.*', function () use($app) { $requestHeaders = apache_request_headers(); if (!isset($requestHeaders['Authorization'])) { header('HTTP/1.0 401 Unauthorized'); echo "No token provided."; exit; } $authorizationHeader = $requestHeaders['Authorization']; if ($authorizationHeader == null) { header('HTTP/1.0 401 Unauthorized'); echo "No authorization header sent"; exit; } $token = str_replace('Bearer ', '', $authorizationHeader); try { $app->setCurrentToken($token); } catch (\Auth0\SDK\Exception\CoreException $e) { header('HTTP/1.0 401 Unauthorized'); echo "Invalid token"; exit; } }); $router->get('/ping', function () use($app) { echo json_encode($app->publicPing()); }); $router->get('/secured/ping', function () use($app) { echo json_encode($app->privatePing());
$router->before('GET|POST', '(log.*|save.*|imgs.*|google.*)', function () { global $events; global $user; /** * Validate Apache authorization hader with token. */ $requestHeaders = apache_request_headers(); $authorizationHeader = isset($requestHeaders['Authorization']) ? $requestHeaders['Authorization'] : null; if ($authorizationHeader == null) { header('HTTP/1.0 401 Unauthorized'); /** * No authorization header sent. */ $events['auth0']['method'] = 'secure'; $events['auth0']['authorized'] = false; $events['auth0']['api'] = true; $events['auth0']['user'] = false; $events['auth0']['message'] = 'No authorization header sent.'; echo json_encode(array('events' => $events)); exit; } /** * Validate token. */ $token = str_replace('Bearer ', '', $authorizationHeader); $secret = '<--!secret-->'; $client = '<--!client-->'; $domain = "<--!forplay.eu.auth0.com-->"; $decodedToken = null; $api = new \Auth0\SDK\Auth0Api($token, $domain); try { $decodedToken = \Auth0\SDK\Auth0JWT::decode($token, $client, $secret); } catch (\Auth0\SDK\Exception\CoreException $e) { header('HTTP/1.0 401 Unauthorized'); /** * Invalid token. */ $events['auth0']['method'] = 'secure'; $events['auth0']['authorized'] = false; $events['auth0']['api'] = true; $events['auth0']['user'] = false; $events['auth0']['message'] = 'Invalid token.'; echo json_encode(array('events' => $events)); exit; } try { $user = $api->users->get($decodedToken->sub); } catch (\Auth0\SDK\Exception\CoreException $e) { header('HTTP/1.0 401 Unauthorized'); /** * Invalid user. */ $events['auth0']['method'] = 'secure'; $events['auth0']['authorized'] = false; $events['auth0']['api'] = true; $events['auth0']['user'] = false; $events['auth0']['message'] = 'Invalid user.'; echo json_encode(array('events' => $events)); exit; } if ($user['app_metadata']['roles'][0] != 'admin' && $user['app_metadata']['roles'][0] != 'superadmin') { header('HTTP/1.0 401 Unauthorized'); /** * No permissions. */ $events['auth0']['method'] = 'secure'; $events['auth0']['authorized'] = false; $events['auth0']['api'] = true; $events['auth0']['user'] = true; $events['auth0']['message'] = 'No permissions.'; echo json_encode(array('events' => $events)); exit; } });