Add login endpoint with JWT token generated

Author: pH-7

.env.dist

@@ -1,3 +1,9 @@
+# API URL
+APP_URL="http://localhost:8080"
+
+JWT_KEY=""
+JWT_ALGO_ENCRYPTION="HS512"
+
 # Database details
 DB_HOST=""
 DB_NAME=""

.gitignore

@@ -1,3 +1,4 @@
+# Environment file
 .env
 
 # Depedency files

src/Dal/UserDal.php

@@ -67,14 +67,23 @@ public static function update(string $userUuid, UserEntity $userEntity): int|str
         return false;
     }
 
-    public static function get(string $userUuid): ?array
+    public static function getById(string $userUuid): ?array
     {
         $bindings = ['userUuid' => $userUuid];
         $userBean = R::findOne(self::TABLE_NAME, 'user_uuid = :userUuid ', $bindings);
 
        return $userBean?->export();
     }
 
+    public static function getByEmail(string $email): ?array
+    {
+        $bindings = ['email' => $email];
+
+        $userBean = R::findOne(self::TABLE_NAME, 'email = :email', $bindings);
+
+        return $userBean?->export();
+    }
+
     public static function getAll(): array
     {
         return R::findAll(self::TABLE_NAME);

src/Route/Exception/NotFoundException.php

@@ -2,8 +2,8 @@
 
 namespace PH7\ApiSimpleMenu\Route\Exception;
 
-use Exception;
+use RuntimeException;
 
-class NotFoundException extends Exception
+class NotFoundException extends RuntimeException
 {
 }

src/Route/routes.php

@@ -2,6 +2,7 @@
 namespace PH7\ApiSimpleMenu\Route;
 
 use PH7\ApiSimpleMenu\Route\Exception\NotFoundException;
+use PH7\ApiSimpleMenu\Service\Exception\CredentialsInvalidException;
 
 $resource = $_REQUEST['resource'] ?? null;
 
@@ -11,7 +12,11 @@
         'item' => require_once 'food-item.routes.php',
         default => require_once 'not-found.routes.php',
     };
+} catch (CredentialsInvalidException $e) {
+    response([
+        'message' => $e->getMessage()
+    ]);
 } catch (NotFoundException $e) {
     // FYI, not-found.Route already sends a 404 Not Found HTTP code
     return require_once 'not-found.routes.php';
-}
+}

src/Route/user.routes.php

@@ -11,6 +11,7 @@
 
 enum UserAction: string
 {
+    case LOGIN = 'login';
     case CREATE = 'create';
     case RETRIEVE_ALL = 'retrieveall';
     case RETRIEVE = 'retrieve';
@@ -32,6 +33,7 @@ public function getResponse(): string
         try {
             // check first if HTTP method for the requested endpoint is valid
             $expectHttpMethod = match ($this) {
+                self::LOGIN => Http::POST_METHOD,
                 self::CREATE => Http::POST_METHOD,
                 self::UPDATE => Http::POST_METHOD,
                 self::RETRIEVE_ALL => Http::GET_METHOD,
@@ -44,6 +46,7 @@ public function getResponse(): string
             }
 
             $response = match ($this) {
+                self::LOGIN => $user->login($postBody),
                 self::CREATE => $user->create($postBody),
                 self::UPDATE => $user->update($postBody),
                 self::RETRIEVE_ALL => $user->retrieveAll(),

src/Service/Exception/CredentialsInvalidException.php

@@ -0,0 +1,9 @@
+<?php
+
+namespace PH7\ApiSimpleMenu\Service\Exception;
+
+use RuntimeException;
+
+class CredentialsInvalidException extends RuntimeException
+{
+}

src/Service/User.php

@@ -1,8 +1,10 @@
 <?php
 namespace PH7\ApiSimpleMenu\Service;
 
+use Firebase\JWT\JWT;
 use PH7\ApiSimpleMenu\Dal\UserDal;
 use PH7\ApiSimpleMenu\Service\Exception\EmailExistsException;
+use PH7\ApiSimpleMenu\Service\Exception\CredentialsInvalidException;
 use PH7\ApiSimpleMenu\Validation\Exception\InvalidValidationException;
 use PH7\ApiSimpleMenu\Validation\UserValidation;
 use PH7\JustHttp\StatusCode;
@@ -15,6 +17,42 @@ class User
 {
     public const DATE_TIME_FORMAT = 'Y-m-d H:i:s';
 
+    public function login(mixed $data)
+    {
+        $userValidation = new UserValidation($data);
+        if ($userValidation->isLoginSchemaValid()) {
+            if (UserDal::doesEmailExist($data->email)) {
+                $user = UserDal::getByEmail($data->email);
+
+                if ($user && password_verify($data->password, $user['password'])) {
+                    $userName = "{$user['first_name']} {$user['last_name']}";
+
+                    $currentTime = time();
+                    $jwtToken = JWT::encode(
+                        [
+                            'iss' => $_ENV['APP_URL'],
+                            'iat' => $currentTime,
+                            'exp' => $currentTime + (60 * 60), // valid for an hour
+                            'data' => [
+                                'email' => $data->email,
+                                'name' => $userName
+                            ]
+                        ],
+                        $_ENV['JWT_KEY'],
+                        $_ENV['JWT_ALGO_ENCRYPTION']
+                    );
+
+                    return [
+                        'message' => sprintf('%s successfully logged in', $userName),
+                        'token' => $jwtToken
+                    ];
+                }
+            }
+            throw new CredentialsInvalidException('Credentials invalid');
+        }
+        throw new InvalidValidationException('Payload invalid');
+    }
+
     public function create(mixed $data): array|object
     {
         $userValidation = new UserValidation($data);
@@ -102,7 +140,7 @@ public function retrieveAll(): array
     public function retrieve(string $userUuid): array
     {
         if (v::uuid()->validate($userUuid)) {
-            if ($user = UserDal::get($userUuid)) {
+            if ($user = UserDal::getById($userUuid)) {
                 // Removing fields we don't want to expose
                 unset($user['id']);
 

src/Validation/Exception/InvalidValidationException.php

@@ -2,8 +2,8 @@
 
 namespace PH7\ApiSimpleMenu\Validation\Exception;
 
-use RuntimeException;
+use InvalidArgumentException;
 
-class InvalidValidationException extends RuntimeException
+class InvalidValidationException extends InvalidArgumentException
 {
 }

src/Validation/UserValidation.php

@@ -41,4 +41,13 @@ public function isUpdateSchemaValid(): bool
 
         return $schemaValidation->validate($this->data);
     }
+
+    public function isLoginSchemaValid(): bool
+    {
+        $schemaValidation =
+            v::attribute('email', v::stringType())
+            ->attribute('password', v::stringType());
+
+        return $schemaValidation->validate($this->data);
+    }
 }