create-prisma-php-app 4.0.0-alpha.2 → 4.0.0-alpha.21

package/dist/src/Lib/MCP/WeatherTools.php

@@ -0,0 +1,104 @@
+<?php
+
+declare(strict_types=1);
+
+namespace Lib\MCP;
+
+use GuzzleHttp\Client;
+use GuzzleHttp\Exception\GuzzleException;
+use PhpMcp\Server\Attributes\McpTool;
+use PhpMcp\Server\Attributes\Schema;
+use RuntimeException;
+use JsonException;
+
+final class WeatherTools
+{
+    #[McpTool(
+        name: 'get-weathers',
+        description: 'Returns current temperature for a city'
+    )]
+    public function getWeather(
+        #[Schema(type: 'string', minLength: 1, description: 'City name')]
+        string $city
+    ): string {
+        $http = new Client([
+            'timeout'         => 10,
+            'connect_timeout' => 8,
+            'http_errors'     => true,
+            'headers'         => ['Accept' => 'application/json'],
+        ]);
+
+        try {
+            $geoUrl = 'https://geocoding-api.open-meteo.com/v1/search'
+                . '?name=' . rawurlencode($city)
+                . '&count=1&language=en&format=json';
+
+            $geoRes = $http->get($geoUrl);
+            $geoJson = $geoRes->getBody()->getContents();
+            $geo = json_decode($geoJson, true, 512, JSON_THROW_ON_ERROR);
+
+            if (empty($geo['results'][0])) {
+                throw new RuntimeException("City \"$city\" not found (geocoding returned no results).");
+            }
+
+            $lat = (float) $geo['results'][0]['latitude'];
+            $lon = (float) $geo['results'][0]['longitude'];
+
+            $wxUrl = "https://api.open-meteo.com/v1/forecast?latitude={$lat}&longitude={$lon}&current_weather=true";
+
+            $wxRes = $http->get($wxUrl);
+            $wxJson = $wxRes->getBody()->getContents();
+            $wx = json_decode($wxJson, true, 512, JSON_THROW_ON_ERROR);
+
+            $cw = $wx['current_weather'] ?? null;
+            if (!is_array($cw)) {
+                throw new RuntimeException('No current weather data found in API response.');
+            }
+
+            $map = [
+                0 => 'Clear sky',
+                1 => 'Mainly clear',
+                2 => 'Partly cloudy',
+                3 => 'Overcast',
+                45 => 'Fog',
+                48 => 'Depositing rime fog',
+                51 => 'Light drizzle',
+                53 => 'Moderate drizzle',
+                55 => 'Dense drizzle',
+                56 => 'Light freezing drizzle',
+                57 => 'Dense freezing drizzle',
+                61 => 'Slight rain',
+                63 => 'Moderate rain',
+                65 => 'Heavy rain',
+                66 => 'Light freezing rain',
+                67 => 'Heavy freezing rain',
+                71 => 'Slight snow fall',
+                73 => 'Moderate snow fall',
+                75 => 'Heavy snow fall',
+                77 => 'Snow grains',
+                80 => 'Slight rain showers',
+                81 => 'Moderate rain showers',
+                82 => 'Violent rain showers',
+                85 => 'Slight snow showers',
+                86 => 'Heavy snow showers',
+                95 => 'Thunderstorm',
+                96 => 'Thunderstorm with slight hail',
+                99 => 'Thunderstorm with heavy hail',
+            ];
+
+            $code  = (int)($cw['weathercode'] ?? -1);
+            $tempC = $cw['temperature'] ?? null;
+
+            if (!is_numeric($tempC)) {
+                throw new RuntimeException('Temperature missing or not numeric in current weather payload.');
+            }
+
+            $desc = $map[$code] ?? 'Unknown';
+            return "🌡️ {$tempC} °C · {$desc} (code {$code})";
+        } catch (GuzzleException $e) {
+            throw new RuntimeException('Weather request failed: ' . $e->getMessage(), previous: $e);
+        } catch (JsonException $e) {
+            throw new RuntimeException('Weather JSON parsing failed: ' . $e->getMessage(), previous: $e);
+        }
+    }
+}

package/dist/src/Lib/MCP/mcp-server.php

@@ -0,0 +1,80 @@
+<?php
+
+declare(strict_types=1);
+
+namespace Lib\MCP;
+
+$root = dirname(__DIR__, 3);
+require $root . '/vendor/autoload.php';
+require $root . '/settings/paths.php';
+
+use Dotenv\Dotenv;
+use PhpMcp\Server\Server;
+use PhpMcp\Server\Transports\StreamableHttpServerTransport;
+use Throwable;
+
+// ── Load .env (optional) and timezone ──────────────────────────────────────────
+if (file_exists(DOCUMENT_PATH . '/.env')) {
+    Dotenv::createImmutable(DOCUMENT_PATH)->safeLoad();
+}
+date_default_timezone_set($_ENV['APP_TIMEZONE'] ?? 'UTC');
+
+// ── Resolve settings (with sane defaults) ─────────────────────────────────────
+$appName    = $_ENV['MCP_NAME']         ?? 'prisma-php-mcp';
+$appVersion = $_ENV['MCP_VERSION']      ?? '0.0.1';
+$host       = $_ENV['MCP_HOST']         ?? '127.0.0.1';
+$port       = (int)($_ENV['MCP_PORT']   ?? 4000);
+$prefix     = trim($_ENV['MCP_PATH_PREFIX'] ?? 'mcp', '/');
+$enableJson = filter_var($_ENV['MCP_JSON_RESPONSE'] ?? 'false', FILTER_VALIDATE_BOOLEAN);
+
+// ── Build server and discover tools ───────────────────────────────────────────
+$server = Server::make()
+    ->withServerInfo($appName, $appVersion)
+    ->build();
+
+// Scan your source tree for #[McpTool] classes
+$server->discover(DOCUMENT_PATH, ['src']);
+
+// ── Pretty console output ─────────────────────────────────────────────────────
+$pid    = getmypid() ?: 0;
+$base   = "http://{$host}:{$port}/{$prefix}";
+$color  = static fn(string $t, string $c) => "\033[{$c}m{$t}\033[0m";
+
+echo PHP_EOL;
+echo $color("⚙  {$appName} (v{$appVersion})", '1;36') . PHP_EOL;
+echo $color("→ MCP server starting…", '33') . PHP_EOL;
+echo "   Host:       {$host}" . PHP_EOL;
+echo "   Port:       {$port}" . PHP_EOL;
+echo "   Path:       /{$prefix}" . PHP_EOL;
+echo "   JSON resp:  " . ($enableJson ? 'enabled' : 'disabled') . PHP_EOL;
+echo "   PID:        {$pid}" . PHP_EOL;
+echo "   URL:        {$base}" . PHP_EOL;
+
+// ── Graceful shutdown (if pcntl is available) ─────────────────────────────────
+if (function_exists('pcntl_signal')) {
+    $stop = function (int $sig) use ($color) {
+        echo PHP_EOL . $color("⏹  Caught signal {$sig}. Shutting down…", '33') . PHP_EOL;
+        exit(0);
+    };
+    pcntl_signal(SIGINT,  $stop);
+    pcntl_signal(SIGTERM, $stop);
+}
+
+// ── Listen ────────────────────────────────────────────────────────────────────
+try {
+    $transport = new StreamableHttpServerTransport(
+        $host,
+        $port,
+        $prefix,
+        null,            // sslContext
+        true,            // logger
+        $enableJson      // enableJsonResponse
+        // , false        // (optional) stateless
+    );
+    echo $color("✓ Listening on {$base}", '32') . PHP_EOL;
+    $server->listen($transport);
+    echo PHP_EOL . $color('✔ Server stopped.', '32') . PHP_EOL;
+} catch (Throwable $e) {
+    fwrite(STDERR, $color('✖ Server error: ', '31') . $e->getMessage() . PHP_EOL);
+    exit(1);
+}

package/dist/src/Lib/MainLayout.php

@@ -0,0 +1,230 @@
+<?php
+
+declare(strict_types=1);
+
+namespace Lib;
+
+use Lib\Set;
+
+class MainLayout
+{
+    public static string $title = '';
+    public static string $description = '';
+    public static string $children = '';
+    public static string $childLayoutChildren = '';
+    public static string $html = '';
+
+    /** @var Set<string>|null */
+    private static ?Set $headScripts = null;
+    /** @var Set<string>|null */
+    private static ?Set $footerScripts = null;
+    private static array $customMetadata = [];
+
+    private static array $processedScripts = [];
+
+    public static function init(): void
+    {
+        if (self::$headScripts === null) {
+            self::$headScripts = new Set();
+        }
+        if (self::$footerScripts === null) {
+            self::$footerScripts = new Set();
+        }
+        self::$processedScripts = [];
+    }
+
+    /**
+     * Adds one or more scripts to the head section if they are not already present.
+     *
+     * @param string ...$scripts The scripts to be added to the head section.
+     * @return void
+     */
+    public static function addHeadScript(string ...$scripts): void
+    {
+        foreach ($scripts as $script) {
+            self::$headScripts->add($script);
+        }
+    }
+
+    /**
+     * Adds one or more scripts to the footer section if they are not already present.
+     *
+     * @param string ...$scripts One or more scripts to be added to the footer.
+     * @return void
+     */
+    public static function addFooterScript(string ...$scripts): void
+    {
+        $trace = debug_backtrace(DEBUG_BACKTRACE_IGNORE_ARGS, 2);
+        $callerClass = $trace[1]['class'] ?? 'Unknown';
+
+        foreach ($scripts as $script) {
+            $scriptKey = md5(trim($script));
+
+            if (strpos($script, '<script') !== false) {
+                $taggedScript = "<!-- class:" . $callerClass . " -->\n" . $script;
+                if (!isset(self::$processedScripts[$scriptKey])) {
+                    self::$footerScripts->add($taggedScript);
+                    self::$processedScripts[$scriptKey] = true;
+                }
+            } else {
+                if (!isset(self::$processedScripts[$scriptKey])) {
+                    self::$footerScripts->add($script);
+                    self::$processedScripts[$scriptKey] = true;
+                }
+            }
+        }
+    }
+
+    /**
+     * Generates all the head scripts with dynamic attributes.
+     *
+     * This method iterates over all registered head scripts and adds a custom dynamic attribute
+     * based on the tag type (script, link, or style).
+     *
+     * @return string The concatenated head scripts with dynamic attributes.
+     */
+    public static function outputHeadScripts(): string
+    {
+        $headScriptsArray = self::$headScripts->values();
+        $headScriptsWithAttributes = array_map(function ($tag) {
+            if (strpos($tag, '<script') !== false) {
+                return str_replace('<script', '<script pp-dynamic-script="81D7D"', $tag);
+            } elseif (strpos($tag, '<link') !== false) {
+                return str_replace('<link', '<link pp-dynamic-link="81D7D"', $tag);
+            } elseif (strpos($tag, '<style') !== false) {
+                return str_replace('<style', '<style pp-dynamic-style="81D7D"', $tag);
+            }
+            return $tag;
+        }, $headScriptsArray);
+
+        return implode("\n", $headScriptsWithAttributes);
+    }
+
+    /**
+     * Generates all the footer scripts.
+     *
+     * @return string The concatenated footer scripts.
+     */
+    public static function outputFooterScripts(): string
+    {
+        $processed = [];
+        $componentCounter = 0;
+
+        foreach (self::$footerScripts->values() as $script) {
+            if (preg_match('/<!-- class:([^\s]+) -->/', $script, $matches)) {
+                $rawClassName = $matches[1];
+                $script = preg_replace('/<!-- class:[^\s]+ -->\s*/', '', $script, 1);
+
+                if (str_starts_with(trim($script), '<script')) {
+                    $script = preg_replace_callback(
+                        '/<script\b([^>]*)>/i',
+                        function ($m) use ($rawClassName, &$componentCounter) {
+                            $attrs = $m[1];
+                            $scriptHash = substr(md5($m[0]), 0, 8);
+                            $encodedClass = 's' . base_convert(sprintf('%u', crc32($rawClassName . $componentCounter . $scriptHash)), 10, 36);
+                            $componentCounter++;
+
+                            if (!str_contains($attrs, 'pp-component=')) {
+                                $attrs .= " pp-component=\"{$encodedClass}\"";
+                            }
+
+                            if (!preg_match('/\btype\s*=\s*(["\'])[^\1]*\1|\btype\s*=\s*\S+/i', $attrs)) {
+                                $attrs .= ' type="text/php"';
+                            }
+
+                            return "<script{$attrs}>";
+                        },
+                        $script,
+                        1
+                    );
+                }
+            }
+
+            $processed[] = $script;
+        }
+
+        return implode("\n", $processed);
+    }
+
+    /**
+     * Clears all head scripts.
+     *
+     * @return void
+     */
+    public static function clearHeadScripts(): void
+    {
+        self::$headScripts->clear();
+    }
+
+    /**
+     * Clears all footer scripts.
+     *
+     * @return void
+     */
+    public static function clearFooterScripts(): void
+    {
+        self::$footerScripts->clear();
+        self::$processedScripts = [];
+    }
+
+    /**
+     * Adds custom metadata.
+     *
+     * @param string $key   The metadata key.
+     * @param string $value The metadata value.
+     * @return void
+     */
+    public static function addCustomMetadata(string $key, string $value): void
+    {
+        self::$customMetadata[$key] = $value;
+    }
+
+    /**
+     * Retrieves custom metadata by key.
+     *
+     * @param string $key The metadata key.
+     * @return string|null The metadata value or null if the key does not exist.
+     */
+    public static function getCustomMetadata(string $key): ?string
+    {
+        return self::$customMetadata[$key] ?? null;
+    }
+
+    /**
+     * Generates the metadata as meta tags for the head section.
+     *
+     * This method includes default tags for charset and viewport, a title tag,
+     * and additional metadata. If a description is not already set in the custom metadata,
+     * it will use the class's description property.
+     *
+     * @return string The concatenated meta tags.
+     */
+    public static function outputMetadata(): string
+    {
+        $metadataContent = [
+            '<meta charset="UTF-8">',
+            '<meta name="viewport" content="width=device-width, initial-scale=1.0">',
+        ];
+        $metadataContent[] = '<title>' . htmlspecialchars(self::$title) . '</title>';
+
+        if (!isset(self::$customMetadata['description'])) {
+            self::$customMetadata['description'] = self::$description;
+        }
+
+        foreach (self::$customMetadata as $key => $value) {
+            $metadataContent[] = '<meta name="' . htmlspecialchars($key) . '" content="' . htmlspecialchars($value) . '" pp-dynamic-meta="81D7D">';
+        }
+
+        return implode("\n", $metadataContent);
+    }
+
+    /**
+     * Clears all custom metadata.
+     *
+     * @return void
+     */
+    public static function clearCustomMetadata(): void
+    {
+        self::$customMetadata = [];
+    }
+}

package/dist/src/Lib/Middleware/AuthMiddleware.php

@@ -0,0 +1,154 @@
+<?php
+
+declare(strict_types=1);
+
+namespace Lib\Middleware;
+
+use Lib\Auth\Auth;
+use Lib\Auth\AuthConfig;
+use Lib\Request;
+
+final class AuthMiddleware
+{
+    public static function handle($requestPathname)
+    {
+        if (AuthConfig::IS_ALL_ROUTES_PRIVATE) {
+            $isLogin = Auth::getInstance()->isAuthenticated();
+            $isApiAuthRoute = stripos($requestPathname, AuthConfig::API_AUTH_PREFIX) === 0;
+            $isPublicRoute = self::matches($requestPathname, AuthConfig::$publicRoutes);
+            $isAuthRoute = self::matches($requestPathname, AuthConfig::$authRoutes);
+
+            // Check if the user is authenticated and refresh the token if necessary
+            if (AuthConfig::IS_TOKEN_AUTO_REFRESH) {
+                $auth = Auth::getInstance();
+                if (isset($_COOKIE[Auth::$cookieName])) {
+                    $jwt = $_COOKIE[Auth::$cookieName];
+                    $jwt = $auth->refreshToken($jwt);
+                }
+            }
+
+            // Skip the middleware if the route is api auth route
+            if ($isApiAuthRoute) {
+                return;
+            }
+
+            // Redirect to the default sign in route if the user is already authenticated
+            if ($isAuthRoute) {
+                if ($isLogin) {
+                    Request::redirect(AuthConfig::DEFAULT_SIGNIN_REDIRECT);
+                }
+                return;
+            }
+
+            // Redirect to the default home route if the user is already authenticated
+            if (!$isLogin && !$isPublicRoute) {
+                Request::redirect("/signin");
+            }
+        } else {
+            // Skip the middleware if the route is public
+            if (!self::matches($requestPathname, AuthConfig::$privateRoutes)) {
+                return;
+            }
+
+            // Check if the user is authorized to access the route or redirect to login
+            if (!self::isAuthorized()) {
+                Request::redirect('/signin');
+            }
+        }
+
+        // Check if the user has the required role to access the route or redirect to denied
+        if (AuthConfig::IS_ROLE_BASE) {
+            $matchValue = self::hasRequiredRole($requestPathname);
+            if ($matchValue === "Route not in array") {
+                // echo "No validation needed for this route.";
+            } elseif ($matchValue === "Match") {
+                // echo "You are authorized to access this route";
+            } elseif ($matchValue === "Role mismatch") {
+                // echo "You are not authorized to access this route";
+                Request::redirect('/denied');
+            } else {
+                // echo "Unexpected error encountered";
+            }
+        }
+    }
+
+    protected static function matches(string $requestPathname, array $routes): bool
+    {
+        foreach ($routes ?? [] as $pattern) {
+            $getUriRegexValue = self::getUriRegex($pattern, $requestPathname);
+            if ($getUriRegexValue) {
+                return true;
+            }
+        }
+        return false;
+    }
+
+    protected static function isAuthorized(): bool
+    {
+        $auth = Auth::getInstance();
+        if (!isset($_COOKIE[Auth::$cookieName])) {
+            unset($_SESSION[Auth::PAYLOAD_SESSION_KEY]);
+            return false;
+        }
+
+        $jwt = $_COOKIE[Auth::$cookieName];
+
+        if (AuthConfig::IS_TOKEN_AUTO_REFRESH) {
+            $jwt = $auth->refreshToken($jwt);
+            $verifyToken = $auth->verifyToken($jwt);
+        }
+
+        $verifyToken = $auth->verifyToken($jwt);
+        if ($verifyToken === false) {
+            return false;
+        }
+
+        // Access the PAYLOAD_NAME property using the -> operator instead of array syntax
+        if (isset($verifyToken->{Auth::PAYLOAD_NAME})) {
+            return true;
+        }
+
+        return false;
+    }
+
+    protected static function hasRequiredRole(string $requestPathname): string
+    {
+        $auth = Auth::getInstance();
+        $roleBasedRoutes = AuthConfig::$roleBasedRoutes ?? [];
+
+        // Normalize the request path for matching
+        $requestPathnameValue = trim($requestPathname, '/');
+
+        foreach ($roleBasedRoutes as $pattern => $data) {
+            $patternValue = trim($pattern, '/');
+            if ($patternValue === $requestPathnameValue) {
+                // Route is found in array, check permissions
+                $userRole = Auth::ROLE_NAME ? $auth->getPayload()[Auth::ROLE_NAME] : $auth->getPayload();
+                return ($userRole !== null && AuthConfig::checkAuthRole($userRole, $data[AuthConfig::ROLE_IDENTIFIER]))
+                    ? "Match"
+                    : "Role mismatch";
+            }
+        }
+
+        // Route not found in role-based routes array
+        return "Route not in array";
+    }
+
+    private static function getUriRegex(string $pattern, string $requestPathname): int|bool
+    {
+        // Normalize both the pattern and the request path
+        $pattern = strtolower(trim($pattern, '/'));
+        $requestPathname = strtolower(trim($requestPathname, '/'));
+
+        // Handle the case where the requestPathname is empty, which means home or "/"
+        if (empty($requestPathname)) {
+            $requestPathname = '/';
+        } else {
+            $requestPathname = "/$requestPathname";
+        }
+
+        // Construct the regex pattern
+        $regex = "#^/?" . preg_quote("/$pattern", '#') . "(/.*)?$#";
+        return preg_match($regex, $requestPathname);
+    }
+}