Merge branch 'development'

README.md

@@ -31,9 +31,10 @@ Replace `[your-app-name]` with the desired directory name for your new applicati
 - Configure Propel and generate it's ORM classes.
   - Copy/paste `config/settings.sample` => `config/settings.php`
   - Copy/paste `propel/propel.sample` => `propel/propel.xml`
-  - Replace all `DatabaseUsername`, `DatabasePassword`, `DatabaseName` in `config/settings.php` and `propel/propel.xml`
+  - Replace `DatabaseUsername`, `DatabasePassword`, `DatabaseName` in `propel/propel.xml`
+  - Edit `config/settings.php` according to your needs
   - Edit `propel/schema.xml` according to your needs
-- Now genereate Propel ORM classed by issuing the following commands:
+- Now generate Propel ORM classed by issuing the following commands:
 
   ```bash
   #go into your project root (e.g. /var/www/your-app-name)
@@ -44,12 +45,11 @@ Replace `[your-app-name]` with the desired directory name for your new applicati
   $ ../vendor/propel/propel/bin/propel config:convert
   ```
 
-- Again, go into your project root and make `/tmp` writable
+- Again, go into your project root, autoload newly generated propel classmap and make `/tmp` writable
 
   ```bash
   $ cd /var/www/your-app-name
-  #need once more composer install command to autoload newly generated propel classmap
-  $ composer install
+  $ composer dump-autoload
   $ chmod -R 777 tmp/
   ```
 

app/Auth/Auth.php

@@ -2,13 +2,17 @@
 
 namespace App\Auth;
 
-use UserQuery;
+use App\Models\UserQuery;
 
 class Auth
 {
     public function user()
     {
-        return UserQuery::create()->findOneByUUID($_SESSION['user']);
+        if ($this->check()) {
+            return UserQuery::create()->findOneByUUID($_SESSION['user']);
+        }
+
+        return null;
     }
 
     public function check()

app/Controllers/Auth/AuthController.php

@@ -3,11 +3,11 @@
 namespace App\Controllers\Auth;
 
 use App\Controllers\Controller;
-use Respect\Validation\Validator as v;
+use App\Models\User;
 use App\UUID;
+use Respect\Validation\Validator as v;
 use Slim\Http\Request;
 use Slim\Http\Response;
-use User;
 
 class AuthController extends Controller
 {
@@ -20,8 +20,8 @@ public function postSignUp(Request $request, Response $response)
     {
         $validation = $this->validator->validate($request, [
             'email' => v::noWhitespace()->notEmpty()->email()->emailAvailable(),
-            'firstName' => v::notEmpty()->alpha(),
-            'lastName' => v::notEmpty()->alpha(),
+            'firstName' => v::notEmpty()->alpha('äöüß'),
+            'lastName' => v::notEmpty()->alpha('äöüß'),
             'password' => v::noWhitespace()->notEmpty()
         ]);
 

app/Middleware/AuthMiddleware.php

@@ -5,15 +5,29 @@
 use Slim\Http\Request;
 use Slim\Http\Response;
 
+/**
+ * Authenticated Middleware
+ *
+ * The class checks whether the user should have access to the current request target.
+ * It does this by checking the current authentication status and redirecting to the sign in
+ * page if the user is not authenticated.
+ *
+ * It can be attached to any route or route group you would like to only have access from authenticated users.
+ *
+ * Class AuthMiddleware
+ * @package App\Middleware
+ */
 class AuthMiddleware extends Middleware
 {
-    public function __invoke(Request $request, Response $response, $next)
+    public function __invoke(Request $request, Response $response, callable $next)
     {
+        // Check if the user is signed in, redirect to sign in page if that's not the case
         if (!$this->auth->check()) {
             $this->flash->addMessage('error', 'You must be signed in to access that page.');
             return $response->withRedirect($this->router->pathFor('auth.signin'));
         }
 
+        // Next Middleware
         $response = $next($request, $response);
         return $response;
     }

app/Middleware/CsrfViewMiddleware.php

@@ -5,17 +5,29 @@
 use Slim\Http\Request;
 use Slim\Http\Response;
 
+/**
+ * Cross-Site-Request-Forgery View Middleware
+ *
+ * The class adds a global view variable with the needed csrf tokens for form validation and csrf protection.
+ *
+ * Just attach it to the Slim App and you're ready to use {{ csrf.field | raw }} in the Twig Views.
+ *
+ * Class CsrfViewMiddleware
+ * @package App\Middleware
+ */
 class CsrfViewMiddleware extends Middleware
 {
-    function __invoke(Request $request, Response $response, $next)
+    function __invoke(Request $request, Response $response, callable $next)
     {
+        // Fill a global view variable with the csrf tokens
         $this->view->getEnvironment()->addGlobal('csrf', [
             'field' => '
                 <input type="hidden" name="'.$this->csrf->getTokenNameKey().'" value="'.$this->csrf->getTokenName().'">
                 <input type="hidden" name="'.$this->csrf->getTokenValueKey().'" value="'.$this->csrf->getTokenValue().'">
             '
         ]);
 
+        // Next Middleware
         $response = $next($request, $response);
         return $response;
     }

app/Middleware/GuestMiddleware.php

@@ -5,15 +5,29 @@
 use Slim\Http\Request;
 use Slim\Http\Response;
 
+/**
+ * Guest Middleware
+ *
+ * The class checks whether the user should have access to the current request target.
+ * It does this by checking the current authentication status and redirecting to the home
+ * page if the user is signed in already.
+ *
+ * It can be attached to any route or route group you would like to only have access from guest users.
+ *
+ * Class GuestMiddleware
+ * @package App\Middleware
+ */
 class GuestMiddleware extends Middleware
 {
-    public function __invoke(Request $request, Response $response, $next)
+    public function __invoke(Request $request, Response $response, callable $next)
     {
+        // Check if the user is already signed in, redirect to home page if that's the case
         if ($this->auth->check()) {
             $this->flash->addMessage('warning', 'You can\'t access this page while you\'re signed in.');
             return $response->withRedirect($this->router->pathFor('home'));
         }
 
+        // Next Middleware
         $response = $next($request, $response);
         return $response;
     }

app/Middleware/Middleware.php

@@ -2,6 +2,20 @@
 
 namespace App\Middleware;
 
+use Slim\Http\Request;
+use Slim\Http\Response;
+
+/**
+ * Abstract Middleware
+ *
+ * This class is the base for all custom middleware. It saves the app-container and adds
+ * a magic get method for it for convenient access to other container items.
+ *
+ * Just extend your custom middleware from this and you're ready to go.
+ *
+ * Class Middleware
+ * @package App\Middleware
+ */
 abstract class Middleware
 {
     protected $container;
@@ -11,6 +25,8 @@ public function __construct($container)
         $this->container = $container;
     }
 
+    public abstract function __invoke(Request $request, Response $response, callable $next);
+
     public function __get($property)
     {
         if ($this->container->{$property}) {

app/Middleware/OldInputMiddleware.php

@@ -5,13 +5,47 @@
 use Slim\Http\Request;
 use Slim\Http\Response;
 
+/**
+ * Old Input Middleware
+ *
+ * The class keeps input data from forms etc. between requests so the user doesn't have to enter
+ * all information again and again.
+ *
+ * Just attach it to the Slim App and you're ready to use {{ old.<inputName> }} in the Twig Views.
+ *
+ * Class OldInputMiddleware
+ * @package App\Middleware
+ */
 class OldInputMiddleware extends Middleware
 {
-    function __invoke(Request $request, Response $response, $next)
+    function __invoke(Request $request, Response $response, callable $next)
     {
-        $this->view->getEnvironment()->addGlobal('old', $_SESSION['old']);
-        $_SESSION['old'] = $request->getParams();
+        // Navigated to another page, empty the $_SESSION['old'] array
+        if (isset($_SESSION['old_path']) && $_SESSION['old_path'] !== $request->getRequestTarget()) {
+            $_SESSION['old'] = [];
+        }
 
+        // Fill a global view variable with the $_SESSION['old'] contents (if any)
+        if (isset($_SESSION['old'])) {
+            $this->view->getEnvironment()->addGlobal('old', $_SESSION['old']);
+        }
+
+        // Update the $_SESSION['old'] with the current request parameters
+        if (!isset($_SESSION['old'])) {
+            $_SESSION['old'] = $request->getParams();
+        } else {
+            $requestParams = $request->getParams();
+            foreach ($requestParams as $key => $value) {
+                if (!isset($_SESSION['old'][$key]) || $_SESSION['old'][$key] !== $value) {
+                    $_SESSION['old'][$key] = $value;
+                }
+            }
+        }
+
+        // Save $_SESSION['old_path'] to the current request target
+        $_SESSION['old_path'] = $request->getRequestTarget();
+
+        // Next Middleware
         $response = $next($request, $response);
         return $response;
     }

app/Middleware/ValidationErrorsMiddleware.php

@@ -5,13 +5,29 @@
 use Slim\Http\Request;
 use Slim\Http\Response;
 
+/**
+ * Validation Errors Middleware
+ *
+ * The class adds a global view variable with all occurred errors while validating
+ * some input. You can then use this variable in your views to show the errors to
+ * the user.
+ *
+ * Just attach it to the Slim App and you're ready to use {{ errors.<inputName> }} in the Twig Views.
+ *
+ * Class ValidationErrorsMiddleware
+ * @package App\Middleware
+ */
 class ValidationErrorsMiddleware extends Middleware
 {
-    function __invoke(Request $request, Response $response, $next)
+    function __invoke(Request $request, Response $response, callable $next)
     {
-        $this->view->getEnvironment()->addGlobal('errors', $_SESSION['errors']);
-        unset($_SESSION['errors']);
+        // Fill a global view variable with the $_SESSION['errors'] contents (if any)
+        if (isset($_SESSION['errors'])) {
+            $this->view->getEnvironment()->addGlobal('errors', $_SESSION['errors']);
+            unset($_SESSION['errors']);
+        }
 
+        // Next Middleware
         $response = $next($request, $response);
         return $response;
     }