Auth: Save user ID instead of username in auth session

public/static/style.css

@@ -31,6 +31,7 @@ nav {
 
 nav ul {
     display: flex;
+    margin: -1px 0 0 0;
     padding: 0 1.5em;
     border: 0;
     border-bottom: 1px solid #000000;

src/Auth/AuthMiddleware.php

@@ -21,8 +21,7 @@ class AuthMiddleware implements MiddlewareInterface
         // TODO: Lots of stuff. Session middleware, auth handler class, etc...
         if ($uri->getPath() !== '/login') {
             // Check authorization via session
-            // TODO username or user ID?
+            if (empty($_SESSION['user_id'])) {
-            if (empty($_SESSION['username'])) {
                 // Not logged in -> Redirect to /login
                 $response = new Response();
                 return $response

src/Common/UserHelper.php

@@ -19,15 +19,15 @@ class UserHelper
 
     public function isLoggedIn(): bool
     {
-        return !empty($_SESSION['username']);
+        return !empty($_SESSION['user_id']);
     }
 
     public function getCurrentUser(): AdminUser
     {
-        $username = $_SESSION['username'] ?? null;
+        $userId = $_SESSION['user_id'] ?? null;
-        if (empty($username)) {
+        if (empty($userId)) {
             throw new RuntimeException('Not logged in!');
         }
-        return $this->adminUserRepository->getUserByName($username);
+        return $this->adminUserRepository->getUserById($userId);
     }
 }

src/Dependencies.php

@@ -5,6 +5,8 @@ namespace MailAccountAdmin;
 
 use DI\Container;
 use MailAccountAdmin\Common\UserHelper;
+use MailAccountAdmin\Frontend\Accounts\AccountController;
+use MailAccountAdmin\Frontend\Domains\DomainController;
 use MailAccountAdmin\Frontend\Login\LoginController;
 use MailAccountAdmin\Frontend\Dashboard\DashboardController;
 use MailAccountAdmin\Repositories\AdminUserRepository;
@@ -64,7 +66,7 @@ class Dependencies
             );
         });
 
-        // Login page
+        // Frontend controllers
         $container->set(LoginController::class, function (ContainerInterface $c) {
             return new LoginController(
                 $c->get(self::TWIG),
@@ -72,14 +74,24 @@ class Dependencies
                 $c->get(AdminUserRepository::class),
             );
         });
-
-        // Dashboard
         $container->set(DashboardController::class, function (ContainerInterface $c) {
             return new DashboardController(
                 $c->get(self::TWIG),
                 $c->get(UserHelper::class),
             );
         });
+        $container->set(DomainController::class, function (ContainerInterface $c) {
+            return new DomainController(
+                $c->get(self::TWIG),
+                $c->get(UserHelper::class),
+            );
+        });
+        $container->set(AccountController::class, function (ContainerInterface $c) {
+            return new AccountController(
+                $c->get(self::TWIG),
+                $c->get(UserHelper::class),
+            );
+        });
 
         return $container;
     }

src/Frontend/Accounts/AccountController.php

@@ -0,0 +1,19 @@
+<?php
+declare(strict_types=1);
+
+namespace MailAccountAdmin\Frontend\Accounts;
+
+use MailAccountAdmin\Frontend\BaseController;
+use Psr\Http\Message\ResponseInterface as Response;
+use Psr\Http\Message\ServerRequestInterface as Request;
+
+class AccountController extends BaseController
+{
+    public function showAccounts(Request $request, Response $response): Response
+    {
+        $renderData = [
+        ];
+
+        return $this->view->render($response, 'accounts.html.twig', $renderData);
+    }
+}

src/Frontend/Dashboard/DashboardController.php

@@ -11,13 +11,6 @@ class DashboardController extends BaseController
 {
     public function showDashboard(Request $request, Response $response): Response
     {
-        $currentUser = $this->userHelper->getCurrentUser();
+        return $this->view->render($response, 'dashboard.html.twig');
-
-        $renderData = [
-            'username' => $currentUser->getUsername(),
-            'user' => $currentUser,
-        ];
-
-        return $this->view->render($response, 'dashboard.html.twig', $renderData);
     }
 }

src/Frontend/Domains/DomainController.php

@@ -0,0 +1,19 @@
+<?php
+declare(strict_types=1);
+
+namespace MailAccountAdmin\Frontend\Domains;
+
+use MailAccountAdmin\Frontend\BaseController;
+use Psr\Http\Message\ResponseInterface as Response;
+use Psr\Http\Message\ServerRequestInterface as Request;
+
+class DomainController extends BaseController
+{
+    public function showDomains(Request $request, Response $response): Response
+    {
+        $renderData = [
+        ];
+
+        return $this->view->render($response, 'domains.html.twig', $renderData);
+    }
+}

src/Frontend/Login/LoginController.php

@@ -66,7 +66,7 @@ class LoginController extends BaseController
         }
 
         // Set login session
-        $_SESSION['username'] = $user->getUsername();
+        $_SESSION['user_id'] = $user->getId();
         return $response
             ->withHeader('Location', '/')
             ->withStatus(303);

src/Repositories/AdminUserRepository.php

@@ -17,6 +17,22 @@ class AdminUserRepository
         $this->pdo = $pdo;
     }
 
+    /**
+     * @throws AdminUserNotFoundException
+     */
+    public function getUserById(int $userId): AdminUser
+    {
+        $statement = $this->pdo->prepare('SELECT * FROM admin_users WHERE admin_id = :admin_id LIMIT 1');
+        $statement->execute(['admin_id' => $userId]);
+
+        if ($statement->rowCount() < 1) {
+            throw new AdminUserNotFoundException("Admin with ID '$userId' was not found.");
+        }
+
+        $row = $statement->fetch(PDO::FETCH_ASSOC);
+        return AdminUser::createFromArray($row);
+    }
+
     /**
      * @throws AdminUserNotFoundException
      */

src/Routes.php

@@ -3,7 +3,9 @@ declare(strict_types=1);
 
 namespace MailAccountAdmin;
 
+use MailAccountAdmin\Frontend\Accounts\AccountController;
 use MailAccountAdmin\Frontend\Dashboard\DashboardController;
+use MailAccountAdmin\Frontend\Domains\DomainController;
 use MailAccountAdmin\Frontend\Login\LoginController;
 use Slim\App;
 
@@ -18,5 +20,13 @@ class Routes
 
         // Dashboard
         $app->get('/', DashboardController::class . ':showDashboard');
+
+        // Domains
+        $app->get('/domains', DomainController::class . ':showDomains');
+        $app->get('/domains/{foo}', DomainController::class . ':showDomains');
+
+        // Accounts
+        $app->get('/accounts', AccountController::class . ':showAccounts');
+        $app->get('/accounts/{foo}', AccountController::class . ':showAccounts');
     }
 }

templates/accounts.html.twig

@@ -0,0 +1,10 @@
+{% extends "base.html.twig" %}
+
+{% block title %}Accounts{% endblock %}
+
+{% block content %}
+    <h2>Accounts</h2>
+
+    <p>List of accounts ... <b>TODO</b></p>
+    <p><a href="/accounts/42">Test</a></p>
+{% endblock %}

templates/base.html.twig

@@ -18,9 +18,15 @@
 
 <nav>
     <ul>
-        <li class="nav_current_page"><a href="/">Dashboard</a></li>
+        {% macro navbar_item(path, text) -%}
-        <li><a href="/domains">Domains</a></li>
+        <li{% if current_url() == path or current_url() starts with path ~ '/' %} class="nav_current_page"{% endif %}>
-        <li><a href="/accounts">Accounts</a></li>
+            <a href="{{ path }}">{{ text }}</a>
+        </li>
+        {%- endmacro -%}
+
+        {{ _self.navbar_item('/', 'Dashboard') }}
+        {{ _self.navbar_item('/domains', 'Domains') }}
+        {{ _self.navbar_item('/accounts', 'Accounts') }}
     </ul>
 </nav>
 

templates/dashboard.html.twig

@@ -5,5 +5,5 @@
 {% block content %}
     <h2>Dashboard</h2>
 
-    <p>Hello, {{ username }}!</p>
+    <p>Hello, {{ current_user_name }}!</p>
 {% endblock %}

templates/domains.html.twig

@@ -0,0 +1,10 @@
+{% extends "base.html.twig" %}
+
+{% block title %}Domains{% endblock %}
+
+{% block content %}
+    <h2>Domains</h2>
+
+    <p>List of domains ... <b>TODO</b></p>
+    <p><a href="/domains/42">Test</a></p>
+{% endblock %}