public function testBeforeRouterMiddleware()
{
// Create Router
$router = new \Bramus\Router\Router();
$router->before('GET', '/.*', function () {
echo 'before ';
});
$router->get('/about', function () {
echo 'about';
});
$router->get('/contact', function () {
echo 'contact';
});
// Test the /about route
ob_start();
$_SERVER['REQUEST_URI'] = '/about';
$router->run();
$this->assertContains('before', ob_get_contents());
// Test the /contact route
ob_clean();
$_SERVER['REQUEST_URI'] = '/contact';
$router->run();
$this->assertContains('before', ob_get_contents());
// Cleanup
ob_end_clean();
}
<?php
// Require composer autoloader
require __DIR__ . '/vendor/autoload.php';
require 'controller/controller.php';
// Create Router instance
$router = new \Bramus\Router\Router();
$router->before('GET', '/.*', function () {
header('X-Powered-By: router');
});
$router->get('/', function () {
echo "Welcome to beautyUniversity JSON api";
});
$router->get('/v1/school/(\\w+)/analytic/(\\w+)', function ($name, $bool) {
header('Content-Type: application/json; charset=utf-8');
ob_start("ob_gzhandler");
$req = htmlentities($name);
$check = htmlentities($bool);
$controller = new myController($req);
if ($check === "true") {
echo $controller->indexAction("colleges_" . $req);
}
if ($check === "false") {
echo $controller->indexAction("school_" . $req);
}
});
$router->set404(function () {
header('HTTP/1.1 404 Not Found');
echo "invalid request url";
});
$router->run();
require_once __DIR__ . '/core/Router.php';
// Include configuration and models
require_once __DIR__ . '/includes/config.php';
require_once __DIR__ . '/core/Model.php';
require_once __DIR__ . '/model/Post.php';
require_once __DIR__ . '/model/FeedSource.php';
// Create a Router
$router = new \Bramus\Router\Router();
// Custom 404 Handler
$router->set404(function () {
header($_SERVER['SERVER_PROTOCOL'] . ' 404 Not Found');
echo '404, route not found!';
});
// Before Router Middleware
$router->before('GET', '/.*', function () {
header('Content-Type: application/json');
});
// // Static route: / (homepage)
// $router->get('/', function () {
// echo '';
// });
$router->mount('/post', function () use($router) {
// Route: /posts (fetch all posts)
$router->get('/', function () {
$postModel = new Post();
$posts = $postModel->getAllPosts();
echo json_encode($posts);
});
// Route: /post/id (fetch a single post)
$router->get('/(\\d+)', function ($id) {
$postModel = new Post();
$router->options('/.*', function () {
sendCorsHeaders();
});
sendCorsHeaders();
// Check JWT on /secured routes
$router->before('GET', '/secured/.*', function () use($app) {
$requestHeaders = apache_request_headers();
if (!isset($requestHeaders['Authorization'])) {
header('HTTP/1.0 401 Unauthorized');
echo "No token provided.";
exit;
}
$authorizationHeader = $requestHeaders['Authorization'];
if ($authorizationHeader == null) {
header('HTTP/1.0 401 Unauthorized');
echo "No authorization header sent";
exit;
}
$token = str_replace('Bearer ', '', $authorizationHeader);
try {
$app->setCurrentToken($token);
} catch (\Auth0\SDK\Exception\CoreException $e) {
header('HTTP/1.0 401 Unauthorized');
echo "Invalid token";
exit;
}
});
$router->get('/ping', function () use($app) {
echo json_encode($app->publicPing());
});
$router->get('/secured/ping', function () use($app) {
echo json_encode($app->privatePing());
$router->before('GET|POST', '(log.*|save.*|imgs.*|google.*)', function () {
global $events;
global $user;
/**
* Validate Apache authorization hader with token.
*/
$requestHeaders = apache_request_headers();
$authorizationHeader = isset($requestHeaders['Authorization']) ? $requestHeaders['Authorization'] : null;
if ($authorizationHeader == null) {
header('HTTP/1.0 401 Unauthorized');
/**
* No authorization header sent.
*/
$events['auth0']['method'] = 'secure';
$events['auth0']['authorized'] = false;
$events['auth0']['api'] = true;
$events['auth0']['user'] = false;
$events['auth0']['message'] = 'No authorization header sent.';
echo json_encode(array('events' => $events));
exit;
}
/**
* Validate token.
*/
$token = str_replace('Bearer ', '', $authorizationHeader);
$secret = '<--!secret-->';
$client = '<--!client-->';
$domain = "<--!forplay.eu.auth0.com-->";
$decodedToken = null;
$api = new \Auth0\SDK\Auth0Api($token, $domain);
try {
$decodedToken = \Auth0\SDK\Auth0JWT::decode($token, $client, $secret);
} catch (\Auth0\SDK\Exception\CoreException $e) {
header('HTTP/1.0 401 Unauthorized');
/**
* Invalid token.
*/
$events['auth0']['method'] = 'secure';
$events['auth0']['authorized'] = false;
$events['auth0']['api'] = true;
$events['auth0']['user'] = false;
$events['auth0']['message'] = 'Invalid token.';
echo json_encode(array('events' => $events));
exit;
}
try {
$user = $api->users->get($decodedToken->sub);
} catch (\Auth0\SDK\Exception\CoreException $e) {
header('HTTP/1.0 401 Unauthorized');
/**
* Invalid user.
*/
$events['auth0']['method'] = 'secure';
$events['auth0']['authorized'] = false;
$events['auth0']['api'] = true;
$events['auth0']['user'] = false;
$events['auth0']['message'] = 'Invalid user.';
echo json_encode(array('events' => $events));
exit;
}
if ($user['app_metadata']['roles'][0] != 'admin' && $user['app_metadata']['roles'][0] != 'superadmin') {
header('HTTP/1.0 401 Unauthorized');
/**
* No permissions.
*/
$events['auth0']['method'] = 'secure';
$events['auth0']['authorized'] = false;
$events['auth0']['api'] = true;
$events['auth0']['user'] = true;
$events['auth0']['message'] = 'No permissions.';
echo json_encode(array('events' => $events));
exit;
}
});
