load(); $app = AppFactory::create(); $container = new Container(); $container->set(AuthMiddleware::class, function (ContainerInterface $container) { $authHandler = $container->get(AuthHandler::class); return new AuthMiddleware($authHandler); }); $container->set(Database::class, function () { return new Database(); }); $container->set(DataEncryptor::class, function () { return new DataEncryptor($_ENV['ENCRYPTION_KEY']); }); // Set up the AuthHandler in the container $container->set(AuthHandler::class, function () { $secretKey = $_ENV['JWT_SECRET_KEY']; $database = new Database(); // Assuming you have a Database class return new AuthHandler($secretKey, $database); }); $authMiddleware = $container->get(AuthMiddleware::class); AppFactory::setContainer($container); $app->post('/login', function ($request, $response) use ($container) { $data = $request->getParsedBody(); $username = $data['username']; $password = $data['password']; $authHandler = $container->get(AuthHandler::class); $token = $authHandler->generateToken($username, $password); if ($token) { $response->getBody()->write(json_encode(['token' => $token])); return $response->withStatus(200); } else { $response->getBody()->write(json_encode(['error' => 'Invalid credentials'])); return $response->withStatus(401); } }); $app->post('/addUser', function ($request, $response) use ($container) { $data = $request->getParsedBody(); $username = $data['username']; $password = $data['password']; $authHandler = $container->get(AuthHandler::class); $token = $authHandler->addUser($username, $password); return $response->withStatus(201); }); $app->post('/manage/{vaultName}', function ($request, $response, array $args) use ($container) { try { // the sent body will be a json object $secret = $request->getBody()->getContents(); // if secret is empty or secret is not valid json data return 400 if (empty($secret) || json_decode($secret) === null) { $response->getBody()->write(json_encode(['error' => 'Invalid secret'])); return $response->withStatus(400); } if (!isset(json_decode($secret, true)['key'])) { $response->getBody()->write(json_encode(['error' => 'Key is required'])); return $response->withStatus(400); } $key = json_decode($secret, true)['key']; $username = $request->getAttribute('username'); if (!isset($args['vaultName'])) { $response->getBody()->write(json_encode(['error' => 'Vault name is required'])); return $response->withStatus(400); } $vaultName = $args['vaultName']; $vault = $container->get(Vault::class); $vault->storeSecret($username, $vaultName, $key, $secret); $response->getBody()->write(json_encode(['message' => 'Secret stored'])); return $response->withStatus(201); } catch (Exception $e) { $response->getBody()->write(json_encode(['error' => $e->getMessage()])); return $response->withStatus(500); } })->add($authMiddleware); $app->put('/manage/{vaultName}', function ($request, $response, array $args) use ($container) { try { // the sent body will be a json object $secret = $request->getBody()->getContents(); // if secret is empty or secret is not valid json data return 400 if (empty($secret) || json_decode($secret) === null) { $response->getBody()->write(json_encode(['error' => 'Invalid secret'])); return $response->withStatus(400); } if (!isset(json_decode($secret, true)['key'])) { $response->getBody()->write(json_encode(['error' => 'Key is required'])); return $response->withStatus(400); } $key = json_decode($secret, true)['key']; $username = $request->getAttribute('username'); if (!isset($args['vaultName'])) { $response->getBody()->write(json_encode(['error' => 'Vault name is required'])); return $response->withStatus(400); } $vaultName = $args['vaultName']; $vault = $container->get(Vault::class); $vault->updateSecret($username, $vaultName, $key, $secret); $response->getBody()->write(json_encode(['message' => 'Secret updated'])); return $response->withStatus(201); } catch (Exception $e) { $response->getBody()->write(json_encode(['error' => $e->getMessage()])); return $response->withStatus(500); } })->add($authMiddleware); $app->delete('/manage/{vaultName}', function ($request, $response, array $args) use ($container) { try { $username = $request->getAttribute('username'); $vaultName = $args['vaultName']; $vault = $container->get(Vault::class); $vault->deleteSecret($username, $vaultName); $response->getBody()->write(json_encode(['message' => 'Secret deleted'])); return $response->withStatus(200); } catch (Exception $e) { $response->getBody()->write(json_encode(['error' => $e->getMessage()])); return $response->withStatus(500); } })->add($authMiddleware); $app->post('/vault/{vaultName}', function ($request, $response, array $args) use ($container) { // the sent body will be a json object $secret = $request->getBody()->getContents(); // if secret is empty or secret is not valid json data return 400 if (empty($secret) || json_decode($secret) === null || json_decode($secret)->key === null) { $response->getBody()->write(json_encode(['error' => 'Invalid Key'])); return $response->withStatus(400); } $key = json_decode($secret)->key; $username = $request->getAttribute('username'); if (!isset($args['vaultName'])) { $response->getBody()->write(json_encode(['error' => 'Vault name is required'])); return $response->withStatus(400); } $vaultName = $args['vaultName']; $vault = $container->get(Vault::class); $secret = $vault->getSecret($username, $key, $vaultName); if ($secret) { $response->getBody()->write($secret); return $response->withStatus(200); } else { $response->getBody()->write(json_encode(['error' => 'Secret not found'])); return $response->withStatus(404); } })->add($authMiddleware); $app->run();