SMMP/public_html/index.php

<?php

	require_once '../vendor/autoload.php';

	use \router\core\Router;
	use \api\core\Loader;
	use \api\core\Request;
	use \api\core\Response;
	use \database\core\DatabaseDriver;
	use \api\core\AuthSystemDefault;
	use \token\core\TreeToken;
	use \log\core\Log;

	$page_log      = Log::get('router');
	$session_guard = new TreeToken(1000);



	/*******************************************/
	/*                DEBUGGER                 */
	/*******************************************/
	debug();
	/*******************************************/
	/*                DEBUGGER                 */
	/*******************************************/

	/* [1] Gestion des authentifications et des droits
	=========================================================*/
	/* (1) On met à jour l'authentification et les permissions */
	Request::setAuthSystem(new AuthSystemDefault);

	$auth = AuthSystemDefault::auth();



	/* (2) On définit la page d'accueil */
	if(     $auth == 2 ) define('__REDIRECT__', 'Location: /history/');   // Connecté      -> Accès
	elseif( $auth == 1 ) define('__REDIRECT__', 'Location: /admin/');     // Pas identifié -> Identification
	else                 define('__REDIRECT__', 'Location: /warehouse/'); // Pas localisé  -> Localisation






	/* [2] Gestion du routage
	=========================================================*/

		/* (1) On initialise le routeur
		---------------------------------------------------------*/
		$R = new Router( $_GET['url'] );


		/* (2) Gestion des SVG avec couleur modifiée */
		$R->get('(.+)@([a-f0-9]{6})(\.svg)', function($matches){
			$path = __PUBLIC__.'/'.$matches[0].$matches[2];

			header('Content-Type: image/svg+xml');

			// On crée la partie ajoutée
			$stylesheet = "\n<style type='text/css'>\n";
				$stylesheet .= "\t#stylisable{\n";
					$stylesheet .= "\t\tfill: #".$matches[1]." !important;\n";
					$stylesheet .= "\t\tfill-opacity: 1 !important;\n";
				$stylesheet .= "\t}\n";
				$stylesheet .= "\t#stroke-stylisable{\n";
					$stylesheet .= "\t\tstroke: #".$matches[1]." !important;\n";
					$stylesheet .= "\t\tstroke-opacity: 1 !important;\n";
				$stylesheet .= "\t}\n";
			$stylesheet .= "</style></svg>";

			// On récupère le fichier
			$file = file_get_contents($path);

			// On ajoute le style
			$file = str_replace('</svg>', $stylesheet, $file);

			echo $file;
		});


		/* (3) Si ....css.map n'existe pas ne cherche pas */
		$R->get('(.+).css.map', function($matches){
			die();
		});


		/* (4) serverinfo.js -> generate it with no cache */
		$R->get('serverinfo.js', function($matches){

			global $auth;

			// session timeout warning
			$session_warn = 5; // 5 minutes before expiration

			// {1} Disable cache //
			header('Cache-Control: no-store, no-cache, must-revalidate, max-age=0');
			header('Cache-Control: post-check=0, pre-check=0', false);
			header('Pragma: no-cache');
			header('Content-Type: text/javascript');

			// {2} Generate content //
			echo "var SERVER = {\n";
				echo "\tmodule: {\n";

					// if connected to warehouse
					if( $auth >= 1 ){

						$m_id = array_keys($_SESSION['WAREHOUSE']['modules']);

						for( $m = 0 ; $m < count($m_id) ; $m++ ){

							if( $m > 0 )
								echo ",\n";

							echo "\t\t'".$_SESSION['WAREHOUSE']['modules'][$m_id[$m]]."': true";

						}
					}

				// session timeout
				echo "\n\t},\n";
				echo "\tsession: {\n";
					echo "\t\ttimeout: '".( (ini_get('session.gc_maxlifetime')-$session_warn*60) * 1000 )."'\n";
				echo "\n\t}\n";

			echo "};\n\n";

			// {3} Function that reloads or logout the user
			echo "var KEEP_SESSION = function(keep){\n";
				echo "\tdocument.location = ( keep ) ? '' : '/logout';\n";
			echo "};\n\n";

			// {4} Function called at session timeout
			echo "var SESSION_TIMEOUT_FUNC = function(){\n";

				// {4.1} setup POPUP window
				echo "\tvar popup = new Popup();\n";
				echo "\tvar popup_content = {\n";
					echo "\t\ttitle: 'Expiration de connexion',\n";
					echo "\t\tcontent: 'Vous n\'avez rien fait depuis un moment. Vous serez déconnecté dans <b>".round(.5+$session_warn)." minutes</b>. Vous pouvez recharger la page pour garder votre connexion.',\n";
					echo "\t\ttype: 'search',\n";
					echo "\t\taction: 'Recharger la page'\n";
				echo "\t}\n";

				// {4.2} Show popup dialog -> on reload: reload page ; on cancel: logout
				echo "\tpopup.ask(popup_content, KEEP_SESSION);\n";

				// {4.3} Logout by default 5min if no popup response
				echo "\tsetTimeout(function(){ KEEP_SESSION(false); }, (.5+$session_warn)*60*1000);\n";

			echo "};\n\n";

			// {5} Set the timeout
			echo "var SESSION_TIMEOUT = setTimeout(SESSION_TIMEOUT_FUNC, SERVER.session.timeout);\n";

			die();

		});




		/* (3) On cree les regles de routage QUAND ON EST CONNECTE
		---------------------------------------------------------*/
		/* (2) Si on est connecté */
		if( $auth == 2 ){

			// logout from admin
			$R->get('logout/?', function(){
				$GLOBALS['page_log']->log('admin.logout');
				$GLOBALS['session_guard']->init_parent();

				$_SERVER['REQUEST_METHOD'] = 'POST';
				$req = new Request('authenticationDefault/admin', ['username' => '-', 'password' => '']);
				$res = $req->dispatch();
				header('Location: /');
			});

			// nomPage/arg1/arg2 -> page correcte
			$page_list = [ 'history', 'profile', 'machines', 'users', 'groups', 'options', 'settings' ];

			$R->get('((?:'.implode('|', $page_list).')(?:/[\w-]+)*/?)', function($m){
				$GLOBALS['page_log']->log("admin.page(/${m[0]})");
				$GLOBALS['session_guard']->init_parent();

				include __PUBLIC__.'/view/view.php';
			});


		/* (3) Si on est pas admin, juste warehouse */
		}else if( $auth == 1 ){

			// warehouse logout
			$R->get('logout/?', function(){
				$GLOBALS['page_log']->log('warehouse.logout');
				$GLOBALS['session_guard']->init_parent();

				$_SERVER['REQUEST_METHOD'] = 'POST';
				(new Request('authenticationDefault/warehouse', ['name' => '---', 'password' => '']))->dispatch();
				header('Location: /');
			});


			// admin login page
			$R->get('admin/?', function(){
				$GLOBALS['page_log']->log('admin.login_page');
				$GLOBALS['session_guard']->init_parent();

				include __PUBLIC__.'/view/admin.php';
			});

		/* (4) Si on est pas co */
		}else{

			// warehouse login page
			$R->get('warehouse/?', function(){
				$GLOBALS['page_log']->log('warehouse.login_page');
				$GLOBALS['session_guard']->init_parent();

				include __PUBLIC__.'/view/warehouse.php';
			});

		}




		/* (4) api/module/method -> Api */
		$R->post('api(?:(/.*))/?', function($url){
			if( isset($_SERVER['HTTP_X_TREE_TOKEN']) )
				$GLOBALS['page_log']->log('api.call('.$_SERVER['HTTP_X_TREE_TOKEN'].')');
			else
				$GLOBALS['page_log']->log('api.call(NO_TOKEN)');

			header('Content-Type: application/json; charset=UTF-8');

			// {1} Allow authed SATS not to be checked by session_guard.child //
			if( $GLOBALS['auth'] < 3 || !isset($_SERVER['PHP_AUTH_DIGEST']) )
				if( !$GLOBALS['session_guard']->init_child() )
					die(json_encode([ 'error' => 100, 'ErrorDescription' => 'session_guard.child error' ]));

			$request = Loader::remote($url[0]);
			$answer  = $request->dispatch();

			// Si c'est une réponse (et non un download)
			if( $answer instanceof Response )
				echo $answer->serialize();
		});


		/* (6) N'importe -> page d'accueil */
		$R->get('.*',  function(){ $GLOBALS['page_log']->log('get.redirect');  $GLOBALS['session_guard']->init_parent(); header(__REDIRECT__); });
		$R->post('.*', function(){ $GLOBALS['page_log']->log('post.redirect'); header(__REDIRECT__); });



		/* (3) On lance le routeur
		---------------------------------------------------------*/
		$R->run();

?>