ISSUE-345: set up router

Author: tatevikg1

.env.example

@@ -0,0 +1,3 @@
+# .env
+API_BASE_URL=http://api.phplist.com/api/v2
+

.gitignore

@@ -14,3 +14,4 @@
 /var/
 /vendor/
 .phpunit.result.cache
+.env

composer.json

@@ -30,7 +30,8 @@
     },
     "require": {
         "php": "^8.1",
-        "phplist/core": "v5.0.0-alpha7"
+        "phplist/core": "v5.0.0-alpha7",
+        "symfony/twig-bundle": "^6.4.0"
     },
     "require-dev": {
         "phpunit/phpunit": "^9.5",
@@ -83,8 +84,18 @@
         "symfony-web-dir": "public",
         "symfony-tests-dir": "tests",
         "phplist/core": {
-            "bundles": [],
-            "routes": {}
+            "bundles": [
+                "FOS\\RestBundle\\FOSRestBundle",
+                "Symfony\\Bundle\\TwigBundle\\TwigBundle",
+                "PhpList\\WebFrontend\\PhpListFrontendBundle"
+            ],
+            "routes": {
+                "rest-api": {
+                    "resource": "@PhpListFrontendBundle/Controller/",
+                    "type": "attribute",
+                    "prefix": "/"
+                }
+            }
         }
     }
 }

config/.gitkeep

@@ -0,0 +1,27 @@
+# config/services.yaml
+services:
+  _defaults:
+    autowire: true
+    autoconfigure: true
+    public: false
+
+  PhpList\WebFrontend\:
+    resource: '../src/'
+    exclude:
+      - '../src/DependencyInjection/'
+      - '../src/Entity/'
+      - '../src/Kernel.php'
+
+  PhpList\WebFrontend\Service\ApiClient:
+    arguments:
+      $baseUrl: '${env(API_BASE_URL):http://api.phplist.local/api/v2}'
+#    calls:
+#      - setAuthToken: ['%session.auth_token%']
+
+  PhpList\WebFrontend\Controller\:
+    resource: '../src/Controller'
+    public: true
+    autowire: true
+    tags: ['controller.service_arguments']
+
+  Symfony\Component\HttpFoundation\Session\SessionInterface: '@session'

config/services.yml

@@ -0,0 +1,78 @@
+<?php
+
+declare(strict_types=1);
+
+namespace PhpList\WebFrontend\Controller;
+
+use Exception;
+use GuzzleHttp\Exception\GuzzleException;
+use PhpList\WebFrontend\Service\ApiClient;
+use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
+use Symfony\Component\HttpFoundation\Request;
+use Symfony\Component\HttpFoundation\RequestStack;
+use Symfony\Component\HttpFoundation\Response;
+use Symfony\Component\HttpFoundation\Session\SessionInterface;
+use Symfony\Component\Routing\Attribute\Route;
+
+class SecurityController extends AbstractController
+{
+    private ApiClient $apiClient;
+    private SessionInterface $session;
+
+    public function __construct(ApiClient $apiClient, RequestStack $requestStack)
+    {
+        $this->apiClient = $apiClient;
+        $this->session = $requestStack->getSession();
+    }
+
+    #[Route('', name: 'login', methods: ['GET', 'POST'])]
+    public function login(Request $request): Response
+    {
+        if ($this->session->has('auth_token')) {
+            return $this->redirectToRoute('dashboard');
+        }
+
+        $error = null;
+
+        if ($request->isMethod('POST')) {
+            $username = $request->request->get('username');
+            $password = $request->request->get('password');
+
+            try {
+                $authData = $this->apiClient->authenticate($username, $password);
+
+                // Store token in session
+                $this->session->set('auth_token', $authData['token']);
+
+                // Store user data if needed
+                if (isset($authData['user'])) {
+                    $this->session->set('user', $authData['user']);
+                }
+
+                // Set token for future API requests
+                $this->apiClient->setAuthToken($authData['token']);
+
+                // Redirect to dashboard
+                return $this->redirectToRoute('dashboard');
+            } catch (Exception $e) {
+                $error = 'Invalid credentials or server error: ' . $e->getMessage();
+            } catch (GuzzleException $e) {
+                $error = 'Invalid credentials or server error: ' . $e->getMessage();
+            }
+        }
+
+        return $this->render('security/login.html.twig', [
+            'error' => $error,
+        ]);
+    }
+
+    #[Route('/logout', name: 'logout')]
+    public function logout(): Response
+    {
+        // Clear session data
+        $this->session->remove('auth_token');
+        $this->session->remove('user');
+
+        return $this->redirectToRoute('login');
+    }
+}

src/.gitkeep

@@ -0,0 +1,33 @@
+<?php
+
+declare(strict_types=1);
+
+namespace PhpList\WebFrontend\DependencyInjection;
+
+use Exception;
+use InvalidArgumentException;
+use Symfony\Component\Config\FileLocator;
+use Symfony\Component\DependencyInjection\ContainerBuilder;
+use Symfony\Component\DependencyInjection\Loader\YamlFileLoader;
+use Symfony\Component\HttpKernel\DependencyInjection\Extension;
+
+class PhpListFrontendExtension extends Extension
+{
+    /**
+     * Loads a specific configuration.
+     *
+     * @param array $configs configuration values
+     * @param ContainerBuilder $container
+     *
+     * @return void
+     *
+     * @throws InvalidArgumentException|Exception if the provided tag is not defined in this extension
+     */
+    public function load(array $configs, ContainerBuilder $container): void
+    {
+        // @phpstan-ignore-next-line
+        $configs;
+        $loader = new YamlFileLoader($container, new FileLocator(__DIR__ . '/../../config'));
+        $loader->load('services.yml');
+    }
+}

src/Controller/SecurityController.php

@@ -0,0 +1,27 @@
+<?php
+
+namespace PhpList\WebFrontend\EventSubscriber;
+
+use Symfony\Component\EventDispatcher\EventSubscriberInterface;
+use Symfony\Component\HttpKernel\Event\ExceptionEvent;
+use Symfony\Component\HttpKernel\KernelEvents;
+use GuzzleHttp\Exception\ClientException;
+
+class UnauthorizedSubscriber implements EventSubscriberInterface
+{
+    public static function getSubscribedEvents(): array
+    {
+        return [
+            KernelEvents::EXCEPTION => 'onKernelException',
+        ];
+    }
+
+    public function onKernelException(ExceptionEvent $event): void
+    {
+        $exception = $event->getThrowable();
+
+        if ($exception instanceof ClientException && $exception->getCode() === 401) {
+            // Redirect to login page or handle unauthorized access
+        }
+    }
+}

src/DependencyInjection/PhpListFrontendExtension.php

@@ -0,0 +1,11 @@
+<?php
+
+declare(strict_types=1);
+
+namespace PhpList\WebFrontend;
+
+use Symfony\Component\HttpKernel\Bundle\Bundle;
+
+class PhpListFrontendBundle extends Bundle
+{
+}

src/EventSubscriber/UnauthorizedSubscriber.php

@@ -0,0 +1,83 @@
+<?php
+
+declare(strict_types=1);
+
+namespace PhpList\WebFrontend\Service;
+
+namespace PhpList\WebFrontend\Service;
+
+use GuzzleHttp\Client;
+use GuzzleHttp\Exception\GuzzleException;
+use JsonException;
+
+class ApiClient
+{
+    private Client $client;
+    private ?string $authToken = null;
+
+    public function __construct(string $baseUrl)
+    {
+        $this->client = new Client([
+            'base_uri' => $baseUrl,
+            'headers' => [
+                'Authorization' => 'Bearer ' . $this->authToken,
+                'Accept' => 'application/json',
+            ]
+        ]);
+    }
+
+    /**
+     * @throws GuzzleException
+     * @throws JsonException
+     */
+    public function authenticate(string $username, string $password): array
+    {
+        try {
+            $response = $this->request('POST', '/api/login', [
+                'json' => [
+                    'username' => $username,
+                    'password' => $password,
+                ]
+            ]);
+
+            if (!isset($response['token'])) {
+                throw new \RuntimeException('Authentication failed: No token received');
+            }
+
+            return $response;
+        } catch (GuzzleException $e) {
+            if ($e->getCode() === 401) {
+                throw new \RuntimeException('Invalid credentials', 401, $e);
+            }
+            throw $e;
+        }
+    }
+
+    public function setAuthToken(string $token): void
+    {
+        $this->authToken = $token;
+    }
+
+    /**
+     * @throws GuzzleException
+     * @throws JsonException
+     */
+    private function request(string $method, string $endpoint, array $options = []): array
+    {
+        if ($this->authToken) {
+            $options['headers'] = [
+                'Authorization' => 'Bearer ' . $this->authToken,
+                ...$options['headers'] ?? [],
+            ];
+        }
+
+        $response = $this->client->request($method, $endpoint, $options);
+
+        return json_decode(
+            $response->getBody()->getContents(),
+            true,
+            512,
+            JSON_THROW_ON_ERROR
+        );
+    }
+}

src/PhpListFrontendBundle.php

@@ -0,0 +1,22 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <title>{% block title %}phpList{% endblock %}</title>
+    <meta name="viewport" content="width=device-width, initial-scale=1">
+
+    {# Optionally include Bootstrap for styling #}
+    <link rel="stylesheet" href="https://stackpath.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css">
+
+    {# Add your own custom CSS later if needed #}
+</head>
+<body>
+<main class="container mt-5">
+    {% block body %}{% endblock %}
+</main>
+
+{# Optionally include Bootstrap JS if you use interactive components #}
+<script src="https://code.jquery.com/jquery-3.5.1.slim.min.js"></script>
+<script src="https://cdn.jsdelivr.net/npm/[email protected]/dist/js/bootstrap.bundle.min.js"></script>
+</body>
+</html>

src/Service/ApiClient.php

@@ -0,0 +1,28 @@
+{# templates/security/login.html.twig #}
+{% extends 'base.html.twig' %}
+
+{% block title %}phpList - Login{% endblock %}
+
+{% block body %}
+    <div class="login-container">
+        <h1>Sign in to phpList</h1>
+
+        {% if error %}
+            <div class="alert alert-danger">{{ error }}</div>
+        {% endif %}
+
+        <form method="post">
+            <div class="form-group">
+                <label for="username">Username</label>
+                <input type="text" id="username" name="username" class="form-control" required autofocus>
+            </div>
+
+            <div class="form-group">
+                <label for="password">Password</label>
+                <input type="password" id="password" name="password" class="form-control" required>
+            </div>
+
+            <button type="submit" class="btn btn-primary btn-block">Sign in</button>
+        </form>
+    </div>
+{% endblock %}