sogoms/clients/prokov/api/core/Controller.php

<?php
/**
 * Contrôleur de base
 */

declare(strict_types=1);

abstract class Controller
{
    protected Request $request;
    protected ?array $user = null;

    public function __construct(Request $request)
    {
        $this->request = $request;
    }

    /**
     * Requiert une authentification valide
     */
    protected function requireAuth(): void
    {
        $sessionId = $this->request->getSessionId();

        if (empty($sessionId)) {
            Response::unauthorized('Session ID required');
        }

        $user = Session::validate($sessionId);

        if ($user === null) {
            Response::unauthorized('Invalid or expired session');
        }

        $this->user = $user;
    }

    /**
     * Retourne l'ID de l'utilisateur authentifié
     */
    protected function getUserId(): int
    {
        return $this->user['id'];
    }

    /**
     * Valide les champs requis dans le body
     */
    protected function validate(array $rules): array
    {
        $body = $this->request->getBody();
        $errors = [];
        $data = [];

        foreach ($rules as $field => $rule) {
            $value = $body[$field] ?? null;
            $ruleList = explode('|', $rule);

            foreach ($ruleList as $r) {
                if ($r === 'required' && ($value === null || $value === '')) {
                    $errors[$field] = "Le champ {$field} est requis";
                    break;
                }

                if ($r === 'email' && $value !== null && !filter_var($value, FILTER_VALIDATE_EMAIL)) {
                    $errors[$field] = "Le champ {$field} doit être un email valide";
                    break;
                }

                if (str_starts_with($r, 'min:')) {
                    $min = (int) substr($r, 4);
                    if ($value !== null && strlen($value) < $min) {
                        $errors[$field] = "Le champ {$field} doit contenir au moins {$min} caractères";
                        break;
                    }
                }

                if (str_starts_with($r, 'max:')) {
                    $max = (int) substr($r, 4);
                    if ($value !== null && strlen($value) > $max) {
                        $errors[$field] = "Le champ {$field} doit contenir au maximum {$max} caractères";
                        break;
                    }
                }

                if ($r === 'int' && $value !== null && !is_numeric($value)) {
                    $errors[$field] = "Le champ {$field} doit être un nombre entier";
                    break;
                }

                if ($r === 'numeric' && $value !== null && !is_numeric($value)) {
                    $errors[$field] = "Le champ {$field} doit être un nombre";
                    break;
                }
            }

            if (!isset($errors[$field])) {
                $data[$field] = $value;
            }
        }

        if (!empty($errors)) {
            Response::error('Validation failed', 422, $errors);
        }

        return $data;
    }
}