request = $request; } /** * Requiert une authentification valide */ protected function requireAuth(): void { $sessionId = $this->request->getSessionId(); if (empty($sessionId)) { Response::unauthorized('Session ID required'); } $user = Session::validate($sessionId); if ($user === null) { Response::unauthorized('Invalid or expired session'); } $this->user = $user; } /** * Retourne l'ID de l'utilisateur authentifié */ protected function getUserId(): int { return $this->user['id']; } /** * Valide les champs requis dans le body */ protected function validate(array $rules): array { $body = $this->request->getBody(); $errors = []; $data = []; foreach ($rules as $field => $rule) { $value = $body[$field] ?? null; $ruleList = explode('|', $rule); foreach ($ruleList as $r) { if ($r === 'required' && ($value === null || $value === '')) { $errors[$field] = "Le champ {$field} est requis"; break; } if ($r === 'email' && $value !== null && !filter_var($value, FILTER_VALIDATE_EMAIL)) { $errors[$field] = "Le champ {$field} doit être un email valide"; break; } if (str_starts_with($r, 'min:')) { $min = (int) substr($r, 4); if ($value !== null && strlen($value) < $min) { $errors[$field] = "Le champ {$field} doit contenir au moins {$min} caractères"; break; } } if (str_starts_with($r, 'max:')) { $max = (int) substr($r, 4); if ($value !== null && strlen($value) > $max) { $errors[$field] = "Le champ {$field} doit contenir au maximum {$max} caractères"; break; } } if ($r === 'int' && $value !== null && !is_numeric($value)) { $errors[$field] = "Le champ {$field} doit être un nombre entier"; break; } if ($r === 'numeric' && $value !== null && !is_numeric($value)) { $errors[$field] = "Le champ {$field} doit être un nombre"; break; } } if (!isset($errors[$field])) { $data[$field] = $value; } } if (!empty($errors)) { Response::error('Validation failed', 422, $errors); } return $data; } }