Cametendo/Todo-App-Backend
1
0
Fork 0
mirror of https://github.com/JGH0/Todo-App-Backend.git synced 2026-06-03 13:28:47 +02:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: Cametendo:dev
Branches Tags
Cametendo:main Cametendo:dev Cametendo:feature/marketplace Cametendo:APIhardening Cametendo:feature/codeigniter
...
compare: Cametendo:bf05b5d2957a74fe1ef60e0d28ac133dcebbab06
Branches Tags
Cametendo:dev Cametendo:feature/marketplace Cametendo:main Cametendo:APIhardening Cametendo:feature/codeigniter

16 Commits
dev ... bf05b5d295

Author SHA1 Message Date
Cametendo
bf05b5d295 FIxed Theme Browser not showing themes 2026-05-13 16:48:55 +02:00
Cametendo
3b65f482c7 some shit 2026-05-13 16:32:44 +02:00
Cametendo
7cea9e5ea4 Merge main into feature/marketplace 2026-05-13 16:23:30 +02:00
Cametendo
5454644a31 Fixed permission error 2026-05-13 16:19:34 +02:00
Cametendo
caf81ea4e2 Working marketplace 2026-05-13 16:17:56 +02:00
Cametendo
f27498dc26 Fix merge conflict 2026-05-13 16:15:00 +02:00
Cametendo
bb09f3d024 Add marketplace 2026-05-13 16:14:19 +02:00
Cametendo
daa6ec8b1e Merge feature/marketplace into main 2026-05-13 16:06:27 +02:00
Cametendo
43f0a742b6 Working marketplace 2026-05-13 15:29:47 +02:00
Jürg Hallenbarter
e125ac34d7 fix category duplicates: validate unique name on create and rename, return proper 409 error instead of SQL 500 2026-05-13 14:25:32 +02:00
Jürg Hallenbarter
fb9ff9d56b fix todo create/update: link category via todo_categories junction table, return single object (not array), include category_ids in response 2026-05-13 14:08:24 +02:00
Jürg Hallenbarter
7c81586d3f fix backend CORS: add global CORS filter and catch-all OPTIONS route; fix MySQL insert errors: set updatedField to empty string instead of null in models without updated_at column 2026-05-13 13:59:31 +02:00
Cametendo
3438888314 Fix merge conflict 2026-05-06 14:24:53 +02:00
Cametendo
af21317040 Add marketplace 2026-05-06 14:17:25 +02:00
Jürg Hallenbarter
092bb53324 added loging 2026-04-29 16:59:52 +02:00
Jürg Hallenbarter
6cbb6a2e3e added API and login 2026-04-29 16:01:19 +02:00
59 changed files with 4794 additions and 90 deletions
Expand all files Collapse all files

2
.gitignore vendored
View File

@@ -126,3 +126,5 @@ _modules/*
/phpunit*.xml
.env
env
.claude/
.claude/*

825
API_DOCUMENTATION.md Normal file
View File

@@ -0,0 +1,825 @@
# Todo App API Documentation
## Version: 1.0
Base URL: `http://localhost:8080/api/v1`
## Overview
This API provides access to the Todo App functionality with versioned endpoints. The API uses API key authentication for protected endpoints, while some endpoints (like the marketplace) are publicly accessible.
## Authentication
### API Key Authentication
Most endpoints require an API key for authentication. The API key should be included in the `X-API-Key` header.
**Header:**
```
X-API-Key: todo_your_api_key_here
```
### Register a New User
**Endpoint:** `POST /api/v1/auth/register`
**Request Body:**
```json
{
"email": "user@example.com",
"password": "your_password",
"name": "John Doe",
"avatar_url": "https://example.com/avatar.jpg",
"settings": {
"theme": "dark",
"language": "en"
}
}
```
**Response:**
```json
{
"success": true,
"message": "User registered successfully",
"data": {
"user": {
"id": "user-uuid",
"email": "user@example.com",
"name": "John Doe",
"avatar_url": "https://example.com/avatar.jpg",
"settings": {"theme": "dark"},
"created_at": "2025-01-01 00:00:00",
"updated_at": "2025-01-01 00:00:00"
},
"api_key": "todo_abc123...",
"key_prefix": "todo_abc1"
}
}
```
**Important:** Store the API key securely. You won't be able to retrieve it again.
### Login
**Endpoint:** `POST /api/v1/auth/login`
**Request Body:**
```json
{
"email": "user@example.com",
"password": "your_password"
}
```
**Response (New API Key Created):**
```json
{
"success": true,
"message": "Login successful",
"data": {
"user": {
"id": "user-uuid",
"email": "user@example.com",
"name": "John Doe"
},
"api_key": "todo_abc123...",
"key_prefix": "todo_abc1"
}
}
```
**Response (Using Existing API Key):**
```json
{
"success": true,
"message": "Login successful",
"data": {
"user": {
"id": "user-uuid",
"email": "user@example.com",
"name": "John Doe"
},
"api_key_prefix": "todo_abc1",
"message": "Using existing API key"
}
}
```
**Note:** If you already have an active API key, the login will return the key prefix only (not the full key for security). You should store your API key securely after the first login.
### Creating an API Key (Legacy)
To create an additional API key, you can use this endpoint:
**Endpoint:** `POST /api/v1/auth/api-key`
**Request Body:**
```json
{
"email": "user@example.com",
"password": "your_password",
"name": "My App Key",
"scopes": ["read", "write"],
"expires_at": "2026-12-31 23:59:59"
}
```
**Response:**
```json
{
"success": true,
"message": "API key created successfully",
"data": {
"key": "todo_abc123...",
"prefix": "todo_abc1",
"name": "My App Key",
"scopes": ["read", "write"],
"expires_at": "2026-12-31 23:59:59"
}
}
```
### Scopes
API keys can have the following scopes:
- `read` - Read-only access to data
- `write` - Full access to create, update, and delete data
If no scopes are specified, the key will have full access.
## Public Endpoints
These endpoints do not require authentication.
### Marketplace Themes
#### Get All Themes
**Endpoint:** `GET /api/v1/marketplace/themes`
**Response:**
```json
{
"success": true,
"message": "Marketplace themes retrieved successfully",
"data": [
{
"id": "theme-id-1",
"name": "Dark Theme",
"description": "A dark theme for the app",
"preview_url": "https://example.com/preview.png",
"price": 0,
"is_free": true,
"created_at": "2025-01-01 00:00:00"
}
]
}
```
#### Get Theme by ID
**Endpoint:** `GET /api/v1/marketplace/themes/{id}`
**Response:**
```json
{
"success": true,
"message": "Theme retrieved successfully",
"data": {
"id": "theme-id-1",
"name": "Dark Theme",
"description": "A dark theme for the app",
"preview_url": "https://example.com/preview.png",
"price": 0,
"is_free": true,
"created_at": "2025-01-01 00:00:00"
}
}
```
## Protected Endpoints
These endpoints require an API key in the `X-API-Key` header.
### User Management
#### Get User Profile
**Endpoint:** `GET /api/v1/user/profile`
**Response:**
```json
{
"success": true,
"message": "Profile retrieved successfully",
"data": {
"id": "user-id",
"email": "user@example.com",
"name": "John Doe",
"avatar_url": null,
"settings": {"theme": "dark"},
"created_at": "2025-01-01 00:00:00",
"updated_at": "2025-01-01 00:00:00"
}
}
```
#### Update User Profile
**Endpoint:** `PUT /api/v1/user/profile`
**Request Body:**
```json
{
"name": "Jane Doe",
"avatar_url": "https://example.com/avatar.jpg",
"settings": {"theme": "light", "language": "en"}
}
```
#### List API Keys
**Endpoint:** `GET /api/v1/user/api-keys`
**Response:**
```json
{
"success": true,
"message": "API keys retrieved successfully",
"data": [
{
"id": "key-id",
"key_prefix": "todo_abc1",
"name": "My App Key",
"scopes": ["read", "write"],
"is_active": true,
"last_used_at": "2025-01-01 12:00:00",
"created_at": "2025-01-01 00:00:00"
}
]
}
```
#### Create API Key
**Endpoint:** `POST /api/v1/user/api-keys`
**Request Body:**
```json
{
"name": "New App Key",
"scopes": ["read"],
"expires_at": "2026-12-31 23:59:59"
}
```
#### Revoke API Key
**Endpoint:** `DELETE /api/v1/user/api-keys/{id}`
### Categories
#### Get All Categories
**Endpoint:** `GET /api/v1/categories`
**Response:**
```json
{
"success": true,
"message": "Categories retrieved successfully",
"data": [
{
"id": "cat-id-1",
"user_id": "user-id",
"name": "Work",
"color": "#3B82F6",
"favorite": true,
"created_at": "2025-01-01 00:00:00"
}
]
}
```
#### Create Category
**Endpoint:** `POST /api/v1/categories`
**Request Body:**
```json
{
"name": "Personal",
"color": "#10B981",
"favorite": false
}
```
#### Get Category
**Endpoint:** `GET /api/v1/categories/{id}`
#### Update Category
**Endpoint:** `PUT /api/v1/categories/{id}`
**Request Body:**
```json
{
"name": "Updated Name",
"color": "#FF5733",
"favorite": true
}
```
#### Delete Category
**Endpoint:** `DELETE /api/v1/categories/{id}`
### Projects
#### Get All Projects
**Endpoint:** `GET /api/v1/projects`
**Response:**
```json
{
"success": true,
"message": "Projects retrieved successfully",
"data": [
{
"id": "proj-id-1",
"user_id": "user-id",
"name": "Web Redesign",
"description": "Redesign the company website",
"color": "#8B5CF6",
"created_at": "2025-01-01 00:00:00"
}
]
}
```
#### Create Project
**Endpoint:** `POST /api/v1/projects`
**Request Body:**
```json
{
"name": "New Project",
"description": "Project description",
"color": "#EC4899"
}
```
#### Get Project
**Endpoint:** `GET /api/v1/projects/{id}`
#### Update Project
**Endpoint:** `PUT /api/v1/projects/{id}`
**Request Body:**
```json
{
"name": "Updated Project",
"description": "Updated description",
"color": "#14B8A6"
}
```
#### Delete Project
**Endpoint:** `DELETE /api/v1/projects/{id}`
### Todos
#### Get All Todos
**Endpoint:** `GET /api/v1/todos`
**Response:**
```json
{
"success": true,
"message": "Todos retrieved successfully",
"data": [
{
"id": "todo-id-1",
"user_id": "user-id",
"title": "Complete task",
"description": "Task description",
"status": "open",
"due_date": "2025-01-15",
"due_time": "10:30:00",
"sync_enabled": true,
"reminder_enabled": false,
"recurring_enabled": false,
"project_id": "proj-id-1",
"created_at": "2025-01-01 00:00:00",
"updated_at": "2025-01-01 00:00:00",
"categories": [
{
"id": "cat-id-1",
"name": "Work",
"color": "#3B82F6"
}
]
}
]
}
```
#### Create Todo
**Endpoint:** `POST /api/v1/todos`
**Request Body:**
```json
{
"title": "New Task",
"description": "Task description",
"status": "open",
"due_date": "2025-01-15",
"due_time": "10:30:00",
"sync_enabled": true,
"reminder_enabled": false,
"recurring_enabled": false,
"project_id": "proj-id-1"
}
```
**Status options:** `open`, `in_progress`, `completed`, `archived`
#### Get Todo
**Endpoint:** `GET /api/v1/todos/{id}`
#### Update Todo
**Endpoint:** `PUT /api/v1/todos/{id}`
**Request Body:**
```json
{
"title": "Updated Task",
"status": "in_progress",
"due_date": "2025-01-20"
}
```
#### Delete Todo
**Endpoint:** `DELETE /api/v1/todos/{id}`
#### Add Category to Todo
**Endpoint:** `POST /api/v1/todos/{id}/categories`
**Request Body:**
```json
{
"category_id": "cat-id-1"
}
```
#### Remove Category from Todo
**Endpoint:** `DELETE /api/v1/todos/{id}/categories/{categoryId}`
### Recurring Tasks
#### Get All Recurring Tasks
**Endpoint:** `GET /api/v1/recurring-tasks`
**Response:**
```json
{
"success": true,
"message": "Recurring tasks retrieved successfully",
"data": [
{
"id": "rt-id-1",
"user_id": "user-id",
"title": "Weekly Review",
"description": "Plan next week's tasks",
"schedule": "weekly",
"custom_days": [],
"favorite": true,
"created_at": "2025-01-01 00:00:00",
"updated_at": "2025-01-01 00:00:00",
"categories": [
{
"id": "cat-id-1",
"name": "Work",
"color": "#3B82F6"
}
]
}
]
}
```
#### Create Recurring Task
**Endpoint:** `POST /api/v1/recurring-tasks`
**Request Body:**
```json
{
"title": "Daily Standup",
"description": "Team meeting every morning",
"schedule": "daily",
"custom_days": [],
"favorite": true
}
```
**Schedule options:** `daily`, `weekly`, `monthly`, `custom`
For `custom` schedule, provide days in `custom_days` array: `["mon", "wed", "fri"]`
#### Get Recurring Task
**Endpoint:** `GET /api/v1/recurring-tasks/{id}`
#### Update Recurring Task
**Endpoint:** `PUT /api/v1/recurring-tasks/{id}`
**Request Body:**
```json
{
"title": "Updated Task",
"schedule": "weekly",
"custom_days": ["mon"]
}
```
#### Delete Recurring Task
**Endpoint:** `DELETE /api/v1/recurring-tasks/{id}`
#### Add Category to Recurring Task
**Endpoint:** `POST /api/v1/recurring-tasks/{id}/categories`
**Request Body:**
```json
{
"category_id": "cat-id-1"
}
```
#### Remove Category from Recurring Task
**Endpoint:** `DELETE /api/v1/recurring-tasks/{id}/categories/{categoryId}`
### Activity Logs
#### Get Activity Logs
**Endpoint:** `GET /api/v1/activity-logs?limit=50`
**Response:**
```json
{
"success": true,
"message": "Activity logs retrieved successfully",
"data": [
{
"id": "log-id-1",
"user_id": "user-id",
"action": "todo_created",
"entity_type": "todo",
"entity_id": "todo-id-1",
"details": {
"title": "New Task"
},
"ip_address": "127.0.0.1",
"user_agent": "Mozilla/5.0...",
"created_at": "2025-01-01 12:00:00"
}
]
}
```
#### Get Activity Log
**Endpoint:** `GET /api/v1/activity-logs/{id}`
### User Themes
#### Get User Themes
**Endpoint:** `GET /api/v1/user/themes`
**Response:**
```json
{
"success": true,
"message": "User themes retrieved successfully",
"data": [
{
"id": "ut-id-1",
"user_id": "user-id",
"theme_id": "theme-id-1",
"is_active": true,
"custom_settings": {"primary_color": "#3B82F6"},
"created_at": "2025-01-01 00:00:00"
}
]
}
```
#### Create User Theme
**Endpoint:** `POST /api/v1/user/themes`
**Request Body:**
```json
{
"theme_id": "theme-id-1",
"is_active": true,
"custom_settings": {
"primary_color": "#3B82F6",
"font_size": "medium"
}
}
```
#### Update User Theme
**Endpoint:** `PUT /api/v1/user/themes/{id}`
**Request Body:**
```json
{
"is_active": false,
"custom_settings": {
"primary_color": "#EC4899"
}
}
```
#### Delete User Theme
**Endpoint:** `DELETE /api/v1/user/themes/{id}`
## Error Responses
All error responses follow this format:
```json
{
"success": false,
"message": "Error message",
"errors": {
"field": "Validation error message"
}
}
```
### Common HTTP Status Codes
- `200 OK` - Request successful
- `201 Created` - Resource created successfully
- `400 Bad Request` - Invalid request data
- `401 Unauthorized` - Missing or invalid API key
- `403 Forbidden` - Insufficient permissions
- `404 Not Found` - Resource not found
- `409 Conflict` - Resource already exists
- `422 Unprocessable Entity` - Validation failed
- `500 Internal Server Error` - Server error
## Rate Limiting
Currently, there is no rate limiting implemented. Consider adding rate limiting for production use.
## CORS
If you need to enable CORS for frontend applications, configure it in `app/Config/Filters.php`.
## Example Usage
### cURL Examples
**Register a New User:**
```bash
curl -X POST http://localhost:8080/api/v1/auth/register \
-H "Content-Type: application/json" \
-d '{
"email": "newuser@example.com",
"password": "securepassword",
"name": "New User"
}'
```
**Login:**
```bash
curl -X POST http://localhost:8080/api/v1/auth/login \
-H "Content-Type: application/json" \
-d '{
"email": "user@example.com",
"password": "password123"
}'
```
**Create API Key (additional key):**
```bash
curl -X POST http://localhost:8080/api/v1/auth/api-key \
-H "Content-Type: application/json" \
-d '{
"email": "demo@example.com",
"password": "password123",
"name": "My App Key"
}'
```
**Get Todos (with API key):**
```bash
curl -X GET http://localhost:8080/api/v1/todos \
-H "X-API-Key: todo_your_api_key_here"
```
**Create Todo:**
```bash
curl -X POST http://localhost:8080/api/v1/todos \
-H "X-API-Key: todo_your_api_key_here" \
-H "Content-Type: application/json" \
-d '{
"title": "New Task",
"status": "open"
}'
```
### JavaScript/Fetch Examples
**Register a New User:**
```javascript
fetch('http://localhost:8080/api/v1/auth/register', {
method: 'POST',
headers: {
'Content-Type': 'application/json',
},
body: JSON.stringify({
email: 'newuser@example.com',
password: 'securepassword',
name: 'New User'
})
})
.then(response => response.json())
.then(data => {
console.log('API Key:', data.data.api_key);
console.log('User:', data.data.user);
});
```
**Login:**
```javascript
fetch('http://localhost:8080/api/v1/auth/login', {
method: 'POST',
headers: {
'Content-Type': 'application/json',
},
body: JSON.stringify({
email: 'user@example.com',
password: 'password123'
})
})
.then(response => response.json())
.then(data => {
if (data.data.api_key) {
console.log('New API Key:', data.data.api_key);
} else {
console.log('Using existing key with prefix:', data.data.api_key_prefix);
}
});
```
**Create API Key (additional key):**
```javascript
fetch('http://localhost:8080/api/v1/auth/api-key', {
method: 'POST',
headers: {
'Content-Type': 'application/json',
},
body: JSON.stringify({
email: 'demo@example.com',
password: 'password123',
name: 'My App Key'
})
})
.then(response => response.json())
.then(data => console.log(data));
```
**Get Todos:**
```javascript
fetch('http://localhost:8080/api/v1/todos', {
headers: {
'X-API-Key': 'todo_your_api_key_here'
}
})
.then(response => response.json())
.then(data => console.log(data));
```
**Create Todo:**
```javascript
fetch('http://localhost:8080/api/v1/todos', {
method: 'POST',
headers: {
'X-API-Key': 'todo_your_api_key_here',
'Content-Type': 'application/json'
},
body: JSON.stringify({
title: 'New Task',
status: 'open'
})
})
.then(response => response.json())
.then(data => console.log(data));
```
## Testing
To test the API, you can use tools like:
- Postman
- Insomnia
- cURL
- HTTPie
## Versioning
The API is versioned using the URL path. The current version is `v1`. Future versions will be numbered incrementally (v2, v3, etc.).
## Support
For issues or questions, please refer to the project documentation or contact the development team.

2
app/Config/App.php
View File

@@ -16,7 +16,7 @@ class App extends BaseConfig
*
* E.g., http://example.com/
*/
public string $baseURL = 'http://localhost:8080/';
public string $baseURL = 'http://localhost/Todo-App-Backend/public/';
/**
* Allowed Hostnames in the Site URL other than the hostname in the baseURL.

8
app/Config/Cors.php
View File

@@ -34,7 +34,7 @@ class Cors extends BaseConfig
* - ['http://localhost:8080']
* - ['https://www.example.com']
*/
'allowedOrigins' => [],
'allowedOrigins' => ['http://localhost:5173', 'http://127.0.0.1:5173', 'http://localhost'],
/**
* Origin regex patterns for the `Access-Control-Allow-Origin` header.
@@ -57,7 +57,7 @@ class Cors extends BaseConfig
*
* @see https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials
*/
'supportsCredentials' => false,
'supportsCredentials' => true,
/**
* Set headers to allow.
@@ -68,7 +68,7 @@ class Cors extends BaseConfig
*
* @see https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Headers
*/
'allowedHeaders' => [],
'allowedHeaders' => ['Content-Type', 'Authorization', 'X-API-Key', 'Accept', 'Fetch'],
/**
* Set headers to expose.
@@ -93,7 +93,7 @@ class Cors extends BaseConfig
*
* @see https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Methods
*/
'allowedMethods' => [],
'allowedMethods' => ['GET', 'POST', 'PUT', 'DELETE', 'OPTIONS', 'FETCH'],
/**
* Set how many seconds the results of a preflight request can be cached.

2
app/Config/Filters.php
View File

@@ -34,6 +34,7 @@ class Filters extends BaseFilters
'forcehttps' => ForceHTTPS::class,
'pagecache' => PageCache::class,
'performance' => PerformanceMetrics::class,
'apiauth' => \App\Filters\ApiAuthFilter::class,
];
/**
@@ -72,6 +73,7 @@ class Filters extends BaseFilters
*/
public array $globals = [
'before' => [
'cors',
// 'honeypot',
// 'csrf',
// 'invalidchars',

100
app/Config/Routes.php
View File

@@ -6,3 +6,103 @@ use CodeIgniter\Router\RouteCollection;
* @var RouteCollection $routes
*/
$routes->get('/', 'Home::index');
$routes->get('/themes', 'ThemeStore::index');
$routes->post('/themes/upload', 'ThemeStore::upload');
$routes->get('/themes/preview/(:segment)', 'ThemeStore::preview/$1');
// ============================================================================
// API Routes - Version 1.0
// ============================================================================
// Catch-all CORS preflight handler for all API routes
$routes->options('api/v1/(:any)', function () {
$response = service('response');
return $response->setStatusCode(200)
->setHeader('Access-Control-Allow-Origin', '*')
->setHeader('Access-Control-Allow-Methods', 'GET, POST, PUT, DELETE, OPTIONS')
->setHeader('Access-Control-Allow-Headers', 'Content-Type, Authorization, X-API-Key');
});
// Public endpoints (no authentication required)
$routes->group('api/v1', ['namespace' => 'App\Controllers\Api\V1', 'filter' => 'cors'], function ($routes) {
// Authentication
$routes->options('auth/register', 'AuthController::options');
$routes->post('auth/register', 'AuthController::register');
$routes->options('auth/login', 'AuthController::options');
$routes->post('auth/login', 'AuthController::login');
$routes->options('auth/api-key', 'AuthController::options');
$routes->post('auth/api-key', 'AuthController::createApiKey');
// Marketplace - Public access
$routes->get('marketplace/themes', 'MarketplaceController::index');
$routes->get('marketplace/themes/(:num)', 'MarketplaceController::show/$1');
});
// Protected endpoints (API key authentication required)
$routes->group('api/v1', ['namespace' => 'App\Controllers\Api\V1', 'filter' => ['cors', 'apiauth']], function ($routes) {
// User endpoints
$routes->get('user/profile', 'UserController::profile');
$routes->put('user/profile', 'UserController::updateProfile');
$routes->get('user/api-keys', 'UserController::listApiKeys');
$routes->post('user/api-keys', 'UserController::createApiKey');
$routes->delete('user/api-keys/(:segment)', 'UserController::revokeApiKey/$1');
// Categories
$routes->get('categories', 'CategoryController::index');
$routes->post('categories', 'CategoryController::create');
$routes->get('categories/(:segment)', 'CategoryController::show/$1');
$routes->put('categories/(:segment)', 'CategoryController::update/$1');
$routes->delete('categories/(:segment)', 'CategoryController::delete/$1');
// Projects
$routes->get('projects', 'ProjectController::index');
$routes->post('projects', 'ProjectController::create');
$routes->get('projects/(:segment)', 'ProjectController::show/$1');
$routes->put('projects/(:segment)', 'ProjectController::update/$1');
$routes->delete('projects/(:segment)', 'ProjectController::delete/$1');
// Todos
$routes->get('todos', 'TodoController::index');
$routes->post('todos', 'TodoController::create');
$routes->get('todos/(:segment)', 'TodoController::show/$1');
$routes->put('todos/(:segment)', 'TodoController::update/$1');
$routes->delete('todos/(:segment)', 'TodoController::delete/$1');
$routes->post('todos/(:segment)/categories', 'TodoController::addCategory/$1');
$routes->delete('todos/(:segment)/categories/(:segment)', 'TodoController::removeCategory/$1/$2');
// Recurring Tasks
$routes->get('recurring-tasks', 'RecurringTaskController::index');
$routes->post('recurring-tasks', 'RecurringTaskController::create');
$routes->get('recurring-tasks/(:segment)', 'RecurringTaskController::show/$1');
$routes->put('recurring-tasks/(:segment)', 'RecurringTaskController::update/$1');
$routes->delete('recurring-tasks/(:segment)', 'RecurringTaskController::delete/$1');
$routes->post('recurring-tasks/(:segment)/categories', 'RecurringTaskController::addCategory/$1');
$routes->delete('recurring-tasks/(:segment)/categories/(:segment)', 'RecurringTaskController::removeCategory/$1/$2');
// Activity Logs
$routes->get('activity-logs', 'ActivityLogController::index');
$routes->get('activity-logs/(:segment)', 'ActivityLogController::show/$1');
// User Themes
$routes->get('user/themes', 'UserThemeController::index');
$routes->post('user/themes', 'UserThemeController::create');
$routes->put('user/themes/(:segment)', 'UserThemeController::update/$1');
$routes->delete('user/themes/(:segment)', 'UserThemeController::delete/$1');
});
$routes->get('/themes', 'ThemeStore::index');
$routes->options('/themes', static function () {
header('Access-Control-Allow-Origin: http://localhost:5173');
header('Access-Control-Allow-Methods: GET, OPTIONS');
header('Access-Control-Allow-Headers: Content-Type, Accept, Fetch');
header('Access-Control-Allow-Credentials: true');
return response()->setStatusCode(204);
});
$routes->post('/themes/upload', 'ThemeStore::upload');
$routes->options('/themes/upload', static function () {
header('Access-Control-Allow-Origin: http://localhost:5173');
header('Access-Control-Allow-Methods: POST, OPTIONS');
header('Access-Control-Allow-Headers: Content-Type, Accept, Fetch');
header('Access-Control-Allow-Credentials: true');
return response()->setStatusCode(204);
});
$routes->get('/themes/preview/(:segment)', 'ThemeStore::preview/$1');

88
app/Controllers/Api/BaseController.php Normal file
View File

@@ -0,0 +1,88 @@
<?php
namespace App\Controllers\Api;
use CodeIgniter\RESTful\ResourceController;
class BaseController extends ResourceController
{
/**
* Get the authenticated user from the request
*/
protected function getUser(): ?array
{
return $this->request->user ?? null;
}
/**
* Get the authenticated user ID
*/
protected function getUserId(): ?string
{
$user = $this->getUser();
return $user['id'] ?? null;
}
/**
* Success response
*/
protected function successResponse($data = null, string $message = 'Success', int $statusCode = 200)
{
return $this->response
->setStatusCode($statusCode)
->setHeader('Access-Control-Allow-Origin', '*')
->setHeader('Access-Control-Allow-Methods', 'GET, POST, PUT, DELETE, OPTIONS')
->setHeader('Access-Control-Allow-Headers', 'Content-Type, Authorization, X-API-Key')
->setJSON([
'success' => true,
'message' => $message,
'data' => $data,
]);
}
/**
* Error response
*/
protected function errorResponse(string $message, int $statusCode = 400, $errors = null)
{
$response = [
'success' => false,
'message' => $message,
];
if ($errors !== null) {
$response['errors'] = $errors;
}
return $this->response
->setStatusCode($statusCode)
->setHeader('Access-Control-Allow-Origin', '*')
->setHeader('Access-Control-Allow-Methods', 'GET, POST, PUT, DELETE, OPTIONS')
->setHeader('Access-Control-Allow-Headers', 'Content-Type, Authorization, X-API-Key')
->setJSON($response);
}
/**
* Validate request data
*/
protected function validateRequest(array $rules): bool
{
$validation = \Config\Services::validation();
// Handle both old format (string) and new format (array with rules/errors)
foreach ($rules as $field => $rule) {
if (is_array($rule) && isset($rule['rules'])) {
$validation->setRules([$field => $rule['rules']], $rule['errors'] ?? []);
} else {
$validation->setRule($field, $field, $rule);
}
}
if (!$validation->withRequest($this->request)->run()) {
$this->errorResponse('Validation failed', 422, $validation->getErrors());
return false;
}
return true;
}
}

45
app/Controllers/Api/V1/ActivityLogController.php Normal file
View File

@@ -0,0 +1,45 @@
<?php
namespace App\Controllers\Api\V1;
use App\Controllers\Api\BaseController;
use App\Models\ActivityLogModel;
class ActivityLogController extends BaseController
{
protected $activityLogModel;
public function __construct()
{
$this->activityLogModel = new ActivityLogModel();
}
/**
* Get activity logs for the authenticated user
* GET /api/v1/activity-logs
*/
public function index()
{
$userId = $this->getUserId();
$limit = (int)($this->request->getVar('limit') ?? 50);
$logs = $this->activityLogModel->getByUser($userId, $limit);
return $this->successResponse($logs, 'Activity logs retrieved successfully');
}
/**
* Get a specific activity log
* GET /api/v1/activity-logs/{id}
*/
public function show($id = null)
{
$userId = $this->getUserId();
$log = $this->activityLogModel->where('id', $id)->where('user_id', $userId)->first();
if (!$log) {
return $this->errorResponse('Activity log not found', 404);
}
return $this->successResponse($log, 'Activity log retrieved successfully');
}
}

238
app/Controllers/Api/V1/AuthController.php Normal file
View File

@@ -0,0 +1,238 @@
<?php
namespace App\Controllers\Api\V1;
use App\Controllers\Api\BaseController;
use App\Models\UserModel;
use App\Models\ApiAuthKeyModel;
class AuthController extends BaseController
{
protected $userModel;
protected $apiAuthKeyModel;
public function __construct()
{
$this->userModel = new UserModel();
$this->apiAuthKeyModel = new ApiAuthKeyModel();
}
/**
* Handle CORS preflight requests
* OPTIONS /api/v1/auth/*
*/
public function options()
{
return $this->response
->setStatusCode(200)
->setHeader('Access-Control-Allow-Origin', '*')
->setHeader('Access-Control-Allow-Methods', 'GET, POST, PUT, DELETE, OPTIONS')
->setHeader('Access-Control-Allow-Headers', 'Content-Type, Authorization, X-API-Key');
}
/**
* Register a new user
* POST /api/v1/auth/register
*/
public function register()
{
$json = $this->request->getJSON(true);
$rules = [
'email' => [
'rules' => 'required|valid_email|is_unique[users.email]',
'errors' => [
'required' => 'Email is required',
'valid_email' => 'Please provide a valid email address',
'is_unique' => 'This email is already registered'
]
],
'password' => [
'rules' => 'required|min_length[8]',
'errors' => [
'required' => 'Password is required',
'min_length' => 'Password must be at least 8 characters long'
]
],
'name' => [
'rules' => 'required|max_length[255]',
'errors' => [
'required' => 'Name is required',
'max_length' => 'Name must not exceed 255 characters'
]
],
];
if (!$this->validateRequest($rules)) {
return;
}
try {
// Generate UUID for user
$userId = $this->generateUuid();
// Create user
$userData = [
'id' => $userId,
'email' => $json['email'],
'password_hash' => password_hash($json['password'], PASSWORD_BCRYPT),
'name' => $json['name'],
'avatar_url' => $json['avatar_url'] ?? null,
'settings' => isset($json['settings']) && $json['settings'] ? json_encode($json['settings']) : json_encode(['theme' => 'light']),
'created_at' => date('Y-m-d H:i:s'),
'updated_at' => date('Y-m-d H:i:s'),
];
$this->userModel->insert($userData);
// Create API key for the new user
$apiKey = $this->apiAuthKeyModel->createKey(
$userId,
'Default API Key',
['read', 'write'],
null
);
// Remove sensitive data from response
unset($userData['password_hash']);
return $this->successResponse([
'user' => $userData,
'api_key' => $apiKey['key'],
'key_prefix' => $apiKey['prefix'],
], 'User registered successfully', 201);
} catch (\CodeIgniter\Database\Exceptions\DatabaseException $e) {
return $this->errorResponse('Database error: ' . $e->getMessage(), 500);
} catch (\Exception $e) {
return $this->errorResponse('An error occurred: ' . $e->getMessage(), 500);
}
}
/**
* Login user and return API key
* POST /api/v1/auth/login
*/
public function login()
{
$json = $this->request->getJSON(true);
$rules = [
'email' => 'required|valid_email',
'password' => 'required',
];
if (!$this->validateRequest($rules)) {
return;
}
try {
// Authenticate user
$user = $this->userModel->where('email', $json['email'])->first();
if (!$user || !password_verify($json['password'], $user['password_hash'])) {
return $this->errorResponse('Invalid email or password', 401);
}
// Check if user has an existing active API key
$existingKey = $this->apiAuthKeyModel
->where('user_id', $user['id'])
->where('is_active', true)
->first();
if ($existingKey) {
// Return existing key
return $this->successResponse([
'user' => [
'id' => $user['id'],
'email' => $user['email'],
'name' => $user['name'],
],
'api_key_prefix' => $existingKey['key_prefix'],
'message' => 'Using existing API key',
], 'Login successful');
}
// Create new API key
$apiKey = $this->apiAuthKeyModel->createKey(
$user['id'],
'Login API Key',
['read', 'write'],
null
);
return $this->successResponse([
'user' => [
'id' => $user['id'],
'email' => $user['email'],
'name' => $user['name'],
],
'api_key' => $apiKey['key'],
'key_prefix' => $apiKey['prefix'],
], 'Login successful');
} catch (\CodeIgniter\Database\Exceptions\DatabaseException $e) {
return $this->errorResponse('Database error: ' . $e->getMessage(), 500);
} catch (\Exception $e) {
return $this->errorResponse('An error occurred: ' . $e->getMessage(), 500);
}
}
/**
* Create an API key using email and password (legacy endpoint)
* POST /api/v1/auth/api-key
*/
public function createApiKey()
{
$json = $this->request->getJSON(true);
$rules = [
'email' => 'required|valid_email',
'password' => 'required|min_length[6]',
];
if (!$this->validateRequest($rules)) {
return;
}
// Authenticate user
$user = $this->userModel->where('email', $json['email'])->first();
if (!$user || !password_verify($json['password'], $user['password_hash'])) {
return $this->errorResponse('Invalid email or password', 401);
}
// Create API key
$name = $json['name'] ?? 'API Key';
$scopes = $json['scopes'] ?? ['read', 'write'];
$expiresAt = $json['expires_at'] ?? null;
$apiKey = $this->apiAuthKeyModel->createKey(
$user['id'],
$name,
$scopes,
$expiresAt
);
return $this->successResponse([
'key' => $apiKey['key'],
'prefix' => $apiKey['prefix'],
'name' => $apiKey['name'],
'scopes' => $apiKey['scopes'],
'expires_at' => $apiKey['expires_at'],
], 'API key created successfully');
}
/**
* Generate UUID
*/
private function generateUuid(): string
{
return sprintf(
'%04x%04x-%04x-%04x-%04x-%04x%04x%04x',
mt_rand(0, 0xffff), mt_rand(0, 0xffff),
mt_rand(0, 0xffff),
mt_rand(0, 0x0fff) | 0x4000,
mt_rand(0, 0x3fff) | 0x8000,
mt_rand(0, 0xffff), mt_rand(0, 0xffff), mt_rand(0, 0xffff)
);
}
}

157
app/Controllers/Api/V1/CategoryController.php Normal file
View File

@@ -0,0 +1,157 @@
<?php
namespace App\Controllers\Api\V1;
use App\Controllers\Api\BaseController;
use App\Models\CategoryModel;
class CategoryController extends BaseController
{
protected $categoryModel;
public function __construct()
{
$this->categoryModel = new CategoryModel();
}
/**
* Get all categories for the authenticated user
* GET /api/v1/categories
*/
public function index()
{
$userId = $this->getUserId();
$categories = $this->categoryModel->where('user_id', $userId)->findAll();
return $this->successResponse($categories, 'Categories retrieved successfully');
}
/**
* Create a new category
* POST /api/v1/categories
*/
public function create()
{
$userId = $this->getUserId();
$json = $this->request->getJSON(true);
$rules = [
'name' => 'required|max_length[255]',
'color' => 'required|max_length[7]',
];
if (!$this->validateRequest($rules)) {
return;
}
// Check for duplicate name per user
$existing = $this->categoryModel
->where('user_id', $userId)
->where('name', $json['name'])
->first();
if ($existing) {
return $this->errorResponse('A category with this name already exists.', 409);
}
$data = [
'id' => $this->generateUuid(),
'user_id' => $userId,
'name' => $json['name'],
'color' => $json['color'],
'favorite' => $json['favorite'] ?? false,
];
$this->categoryModel->insert($data);
$category = $this->categoryModel->find($data['id']);
return $this->successResponse($category, 'Category created successfully', 201);
}
/**
* Get a specific category
* GET /api/v1/categories/{id}
*/
public function show($id = null)
{
$userId = $this->getUserId();
$category = $this->categoryModel->where('id', $id)->where('user_id', $userId)->first();
if (!$category) {
return $this->errorResponse('Category not found', 404);
}
return $this->successResponse($category, 'Category retrieved successfully');
}
/**
* Update a category
* PUT /api/v1/categories/{id}
*/
public function update($id = null)
{
$userId = $this->getUserId();
$category = $this->categoryModel->where('id', $id)->where('user_id', $userId)->first();
if (!$category) {
return $this->errorResponse('Category not found', 404);
}
$json = $this->request->getJSON(true);
// Check for duplicate name on rename (excluding current category)
if (!empty($json['name']) && strtolower($json['name']) !== strtolower($category['name'])) {
$existing = $this->categoryModel
->where('user_id', $userId)
->where('name', $json['name'])
->where('id !=', $id)
->first();
if ($existing) {
return $this->errorResponse('A category with this name already exists.', 409);
}
}
$allowedFields = ['name', 'color', 'favorite'];
$updateData = array_intersect_key($json, array_flip($allowedFields));
if (empty($updateData)) {
return $this->errorResponse('No valid fields to update');
}
$this->categoryModel->update($id, $updateData);
$category = $this->categoryModel->find($id);
return $this->successResponse($category, 'Category updated successfully');
}
/**
* Delete a category
* DELETE /api/v1/categories/{id}
*/
public function delete($id = null)
{
$userId = $this->getUserId();
$category = $this->categoryModel->where('id', $id)->where('user_id', $userId)->first();
if (!$category) {
return $this->errorResponse('Category not found', 404);
}
$this->categoryModel->delete($id);
return $this->successResponse(null, 'Category deleted successfully');
}
private function generateUuid(): string
{
return sprintf(
'%04x%04x-%04x-%04x-%04x-%04x%04x%04x',
mt_rand(0, 0xffff), mt_rand(0, 0xffff),
mt_rand(0, 0xffff),
mt_rand(0, 0x0fff) | 0x4000,
mt_rand(0, 0x3fff) | 0x8000,
mt_rand(0, 0xffff), mt_rand(0, 0xffff), mt_rand(0, 0xffff)
);
}
}

42
app/Controllers/Api/V1/MarketplaceController.php Normal file
View File

@@ -0,0 +1,42 @@
<?php
namespace App\Controllers\Api\V1;
use App\Controllers\Api\BaseController;
use App\Models\MarketplaceThemeModel;
class MarketplaceController extends BaseController
{
protected $marketplaceThemeModel;
public function __construct()
{
$this->marketplaceThemeModel = new MarketplaceThemeModel();
}
/**
* Get all marketplace themes
* GET /api/v1/marketplace/themes
*/
public function index()
{
$themes = $this->marketplaceThemeModel->getPublished();
return $this->successResponse($themes, 'Marketplace themes retrieved successfully');
}
/**
* Get a specific marketplace theme
* GET /api/v1/marketplace/themes/{id}
*/
public function show($id = null)
{
$theme = $this->marketplaceThemeModel->find($id);
if (!$theme) {
return $this->errorResponse('Theme not found', 404);
}
return $this->successResponse($theme, 'Theme retrieved successfully');
}
}

133
app/Controllers/Api/V1/ProjectController.php Normal file
View File

@@ -0,0 +1,133 @@
<?php
namespace App\Controllers\Api\V1;
use App\Controllers\Api\BaseController;
use App\Models\ProjectModel;
class ProjectController extends BaseController
{
protected $projectModel;
public function __construct()
{
$this->projectModel = new ProjectModel();
}
/**
* Get all projects for the authenticated user
* GET /api/v1/projects
*/
public function index()
{
$userId = $this->getUserId();
$projects = $this->projectModel->where('user_id', $userId)->findAll();
return $this->successResponse($projects, 'Projects retrieved successfully');
}
/**
* Create a new project
* POST /api/v1/projects
*/
public function create()
{
$userId = $this->getUserId();
$json = $this->request->getJSON(true);
$rules = [
'name' => 'required|max_length[255]',
'color' => 'required|max_length[7]',
];
if (!$this->validateRequest($rules)) {
return;
}
$data = [
'id' => $this->generateUuid(),
'user_id' => $userId,
'name' => $json['name'],
'description' => $json['description'] ?? null,
'color' => $json['color'],
];
$this->projectModel->insert($data);
$project = $this->projectModel->find($data['id']);
return $this->successResponse($project, 'Project created successfully', 201);
}
/**
* Get a specific project
* GET /api/v1/projects/{id}
*/
public function show($id = null)
{
$userId = $this->getUserId();
$project = $this->projectModel->where('id', $id)->where('user_id', $userId)->first();
if (!$project) {
return $this->errorResponse('Project not found', 404);
}
return $this->successResponse($project, 'Project retrieved successfully');
}
/**
* Update a project
* PUT /api/v1/projects/{id}
*/
public function update($id = null)
{
$userId = $this->getUserId();
$project = $this->projectModel->where('id', $id)->where('user_id', $userId)->first();
if (!$project) {
return $this->errorResponse('Project not found', 404);
}
$json = $this->request->getJSON(true);
$allowedFields = ['name', 'description', 'color'];
$updateData = array_intersect_key($json, array_flip($allowedFields));
if (empty($updateData)) {
return $this->errorResponse('No valid fields to update');
}
$this->projectModel->update($id, $updateData);
$project = $this->projectModel->find($id);
return $this->successResponse($project, 'Project updated successfully');
}
/**
* Delete a project
* DELETE /api/v1/projects/{id}
*/
public function delete($id = null)
{
$userId = $this->getUserId();
$project = $this->projectModel->where('id', $id)->where('user_id', $userId)->first();
if (!$project) {
return $this->errorResponse('Project not found', 404);
}
$this->projectModel->delete($id);
return $this->successResponse(null, 'Project deleted successfully');
}
private function generateUuid(): string
{
return sprintf(
'%04x%04x-%04x-%04x-%04x-%04x%04x%04x',
mt_rand(0, 0xffff), mt_rand(0, 0xffff),
mt_rand(0, 0xffff),
mt_rand(0, 0x0fff) | 0x4000,
mt_rand(0, 0x3fff) | 0x8000,
mt_rand(0, 0xffff), mt_rand(0, 0xffff), mt_rand(0, 0xffff)
);
}
}

202
app/Controllers/Api/V1/RecurringTaskController.php Normal file
View File

@@ -0,0 +1,202 @@
<?php
namespace App\Controllers\Api\V1;
use App\Controllers\Api\BaseController;
use App\Models\RecurringTaskModel;
use App\Models\RecurringTaskCategoryModel;
class RecurringTaskController extends BaseController
{
protected $recurringTaskModel;
protected $recurringTaskCategoryModel;
public function __construct()
{
$this->recurringTaskModel = new RecurringTaskModel();
$this->recurringTaskCategoryModel = new RecurringTaskCategoryModel();
}
/**
* Get all recurring tasks for the authenticated user
* GET /api/v1/recurring-tasks
*/
public function index()
{
$userId = $this->getUserId();
$tasks = $this->recurringTaskModel->getByUserWithCategories($userId);
return $this->successResponse($tasks, 'Recurring tasks retrieved successfully');
}
/**
* Create a new recurring task
* POST /api/v1/recurring-tasks
*/
public function create()
{
$userId = $this->getUserId();
$json = $this->request->getJSON(true);
$rules = [
'title' => 'required|max_length[255]',
'schedule' => 'required|in_list[daily,weekly,monthly,custom]',
];
if (!$this->validateRequest($rules)) {
return;
}
$data = [
'id' => $this->generateUuid(),
'user_id' => $userId,
'title' => $json['title'],
'description' => $json['description'] ?? null,
'schedule' => $json['schedule'],
'custom_days' => $json['custom_days'] ? json_encode($json['custom_days']) : json_encode([]),
'favorite' => $json['favorite'] ?? false,
];
$this->recurringTaskModel->insert($data);
$task = $this->recurringTaskModel->getByUserWithCategories($userId, $data['id']);
return $this->successResponse($task, 'Recurring task created successfully', 201);
}
/**
* Get a specific recurring task
* GET /api/v1/recurring-tasks/{id}
*/
public function show($id = null)
{
$userId = $this->getUserId();
$task = $this->recurringTaskModel->getByUserWithCategories($userId, $id);
if (!$task) {
return $this->errorResponse('Recurring task not found', 404);
}
return $this->successResponse($task, 'Recurring task retrieved successfully');
}
/**
* Update a recurring task
* PUT /api/v1/recurring-tasks/{id}
*/
public function update($id = null)
{
$userId = $this->getUserId();
$task = $this->recurringTaskModel->where('id', $id)->where('user_id', $userId)->first();
if (!$task) {
return $this->errorResponse('Recurring task not found', 404);
}
$json = $this->request->getJSON(true);
$allowedFields = ['title', 'description', 'schedule', 'custom_days', 'favorite'];
$updateData = array_intersect_key($json, array_flip($allowedFields));
if (isset($updateData['custom_days'])) {
$updateData['custom_days'] = json_encode($updateData['custom_days']);
}
if (empty($updateData)) {
return $this->errorResponse('No valid fields to update');
}
$this->recurringTaskModel->update($id, $updateData);
$task = $this->recurringTaskModel->getByUserWithCategories($userId, $id);
return $this->successResponse($task, 'Recurring task updated successfully');
}
/**
* Delete a recurring task
* DELETE /api/v1/recurring-tasks/{id}
*/
public function delete($id = null)
{
$userId = $this->getUserId();
$task = $this->recurringTaskModel->where('id', $id)->where('user_id', $userId)->first();
if (!$task) {
return $this->errorResponse('Recurring task not found', 404);
}
$this->recurringTaskModel->delete($id);
return $this->successResponse(null, 'Recurring task deleted successfully');
}
/**
* Add a category to a recurring task
* POST /api/v1/recurring-tasks/{id}/categories
*/
public function addCategory($taskId = null)
{
$userId = $this->getUserId();
$json = $this->request->getJSON(true);
$rules = ['category_id' => 'required'];
if (!$this->validateRequest($rules)) {
return;
}
// Verify task belongs to user
$task = $this->recurringTaskModel->where('id', $taskId)->where('user_id', $userId)->first();
if (!$task) {
return $this->errorResponse('Recurring task not found', 404);
}
// Check if link already exists
$existing = $this->recurringTaskCategoryModel
->where('recurring_task_id', $taskId)
->where('category_id', $json['category_id'])
->first();
if ($existing) {
return $this->errorResponse('Category already linked to this task', 409);
}
$this->recurringTaskCategoryModel->insert([
'recurring_task_id' => $taskId,
'category_id' => $json['category_id'],
]);
return $this->successResponse(null, 'Category added to recurring task successfully', 201);
}
/**
* Remove a category from a recurring task
* DELETE /api/v1/recurring-tasks/{id}/categories/{categoryId}
*/
public function removeCategory($taskId = null, $categoryId = null)
{
$userId = $this->getUserId();
// Verify task belongs to user
$task = $this->recurringTaskModel->where('id', $taskId)->where('user_id', $userId)->first();
if (!$task) {
return $this->errorResponse('Recurring task not found', 404);
}
$this->recurringTaskCategoryModel
->where('recurring_task_id', $taskId)
->where('category_id', $categoryId)
->delete();
return $this->successResponse(null, 'Category removed from recurring task successfully');
}
private function generateUuid(): string
{
return sprintf(
'%04x%04x-%04x-%04x-%04x-%04x%04x%04x',
mt_rand(0, 0xffff), mt_rand(0, 0xffff),
mt_rand(0, 0xffff),
mt_rand(0, 0x0fff) | 0x4000,
mt_rand(0, 0x3fff) | 0x8000,
mt_rand(0, 0xffff), mt_rand(0, 0xffff), mt_rand(0, 0xffff)
);
}
}

297
app/Controllers/Api/V1/TodoController.php Normal file
View File

@@ -0,0 +1,297 @@
<?php
namespace App\Controllers\Api\V1;
use App\Controllers\Api\BaseController;
use App\Models\TodoModel;
use App\Models\TodoCategoryModel;
class TodoController extends BaseController
{
protected $todoModel;
protected $todoCategoryModel;
public function __construct()
{
$this->todoModel = new TodoModel();
$this->todoCategoryModel = new TodoCategoryModel();
}
/**
* Get all todos for the authenticated user
* GET /api/v1/todos
*/
public function index()
{
$userId = $this->getUserId();
$todos = $this->todoModel->getByUserWithCategories($userId);
return $this->successResponse($todos, 'Todos retrieved successfully');
}
/**
* Create a new todo
* POST /api/v1/todos
*/
public function create()
{
$userId = $this->getUserId();
$json = $this->request->getJSON(true);
$rules = [
'title' => 'required|max_length[255]',
'status' => 'permit_empty|in_list[open,in_progress,completed,archived]',
];
if (!$this->validateRequest($rules)) {
return;
}
$data = [
'id' => $this->generateUuid(),
'user_id' => $userId,
'title' => $json['title'],
'description' => $json['description'] ?? null,
'status' => $json['status'] ?? 'open',
'due_date' => $json['due_date'] ?? null,
'due_time' => $json['due_time'] ?? null,
'sync_enabled' => $json['sync_enabled'] ?? true,
'reminder_enabled' => $json['reminder_enabled'] ?? false,
'recurring_enabled' => $json['recurring_enabled'] ?? false,
'project_id' => $json['project_id'] ?? null,
];
$this->todoModel->insert($data);
// Link category if provided
if (!empty($json['category_id'])) {
$this->linkCategory($data['id'], $json['category_id']);
}
// Manually log the activity
try {
$activityLogModel = new \App\Models\ActivityLogModel();
$activityLogModel->logActivity([
'user_id' => $userId,
'action' => 'todo_created',
'entity_type' => 'todo',
'entity_id' => $data['id'],
'details' => json_encode(['action' => 'created', 'title' => $data['title']]),
'ip_address' => $this->request->getIPAddress(),
'user_agent' => $this->request->getUserAgent()->getAgentString(),
]);
} catch (\Exception $e) {
log_message('error', 'Failed to log activity: ' . $e->getMessage());
}
$todos = $this->todoModel->getByUserWithCategories($userId, $data['id']);
return $this->successResponse($todos[0] ?? null, 'Todo created successfully', 201);
}
/**
* Get a specific todo
* GET /api/v1/todos/{id}
*/
public function show($id = null)
{
$userId = $this->getUserId();
$todos = $this->todoModel->getByUserWithCategories($userId, $id);
if (empty($todos)) {
return $this->errorResponse('Todo not found', 404);
}
return $this->successResponse($todos[0], 'Todo retrieved successfully');
}
/**
* Update a todo
* PUT /api/v1/todos/{id}
*/
public function update($id = null)
{
$userId = $this->getUserId();
$todo = $this->todoModel->where('id', $id)->where('user_id', $userId)->first();
if (!$todo) {
return $this->errorResponse('Todo not found', 404);
}
$json = $this->request->getJSON(true);
// Handle category update separately (not a column in todos table)
$hasCategoryUpdate = array_key_exists('category_id', $json);
if ($hasCategoryUpdate) {
$categoryId = $json['category_id'];
// Remove all existing category links
$this->todoCategoryModel->where('todo_id', $id)->delete();
// Link the new category
if (!empty($categoryId)) {
$this->linkCategory($id, $categoryId);
}
}
// Update todo fields
$allowedFields = ['title', 'description', 'status', 'due_date', 'due_time', 'sync_enabled', 'reminder_enabled', 'recurring_enabled', 'project_id'];
$updateData = array_intersect_key($json, array_flip($allowedFields));
if (!empty($updateData)) {
$this->todoModel->update($id, $updateData);
}
// Manually log the activity
try {
$activityLogModel = new \App\Models\ActivityLogModel();
$activityLogModel->logActivity([
'user_id' => $userId,
'action' => 'todo_updated',
'entity_type' => 'todo',
'entity_id' => $id,
'details' => json_encode(['action' => 'updated', 'title' => $todo['title'] ?? 'Unknown']),
'ip_address' => $this->request->getIPAddress(),
'user_agent' => $this->request->getUserAgent()->getAgentString(),
]);
} catch (\Exception $e) {
log_message('error', 'Failed to log activity: ' . $e->getMessage());
}
$updated = $this->todoModel->getByUserWithCategories($userId, $id);
return $this->successResponse($updated[0] ?? null, 'Todo updated successfully');
}
/**
* Delete a todo
* DELETE /api/v1/todos/{id}
*/
public function delete($id = null)
{
$userId = $this->getUserId();
$todo = $this->todoModel->where('id', $id)->where('user_id', $userId)->first();
if (!$todo) {
return $this->errorResponse('Todo not found', 404);
}
$this->todoModel->delete($id);
// Manually log the activity
try {
$activityLogModel = new \App\Models\ActivityLogModel();
$activityLogModel->logActivity([
'user_id' => $userId,
'action' => 'todo_deleted',
'entity_type' => 'todo',
'entity_id' => $id,
'details' => json_encode(['action' => 'deleted', 'title' => $todo['title'] ?? 'Unknown']),
'ip_address' => $this->request->getIPAddress(),
'user_agent' => $this->request->getUserAgent()->getAgentString(),
]);
} catch (\Exception $e) {
log_message('error', 'Failed to log activity: ' . $e->getMessage());
}
return $this->successResponse(null, 'Todo deleted successfully');
}
/**
* Add a category to a todo
* POST /api/v1/todos/{id}/categories
*/
public function addCategory($todoId = null)
{
$userId = $this->getUserId();
$json = $this->request->getJSON(true);
$rules = ['category_id' => 'required'];
if (!$this->validateRequest($rules)) {
return;
}
// Verify todo belongs to user
$todo = $this->todoModel->where('id', $todoId)->where('user_id', $userId)->first();
if (!$todo) {
return $this->errorResponse('Todo not found', 404);
}
// Check if link already exists
$existing = $this->todoCategoryModel
->where('todo_id', $todoId)
->where('category_id', $json['category_id'])
->first();
if ($existing) {
return $this->errorResponse('Category already linked to this todo', 409);
}
$this->todoCategoryModel->insert([
'todo_id' => $todoId,
'category_id' => $json['category_id'],
]);
return $this->successResponse(null, 'Category added to todo successfully', 201);
}
/**
* Remove a category from a todo
* DELETE /api/v1/todos/{id}/categories/{categoryId}
*/
public function removeCategory($todoId = null, $categoryId = null)
{
$userId = $this->getUserId();
// Verify todo belongs to user
$todo = $this->todoModel->where('id', $todoId)->where('user_id', $userId)->first();
if (!$todo) {
return $this->errorResponse('Todo not found', 404);
}
$this->todoCategoryModel
->where('todo_id', $todoId)
->where('category_id', $categoryId)
->delete();
return $this->successResponse(null, 'Category removed from todo successfully');
}
/**
* Link a category to a todo
*/
private function linkCategory(string $todoId, string $categoryId): void
{
$userId = $this->getUserId();
// Verify category belongs to user
$categoryModel = new \App\Models\CategoryModel();
$category = $categoryModel->where('id', $categoryId)->where('user_id', $userId)->first();
if (!$category) {
return;
}
// Check if link already exists
$existing = $this->todoCategoryModel
->where('todo_id', $todoId)
->where('category_id', $categoryId)
->first();
if (!$existing) {
$this->todoCategoryModel->insert([
'todo_id' => $todoId,
'category_id' => $categoryId,
]);
}
}
private function generateUuid(): string
{
return sprintf(
'%04x%04x-%04x-%04x-%04x-%04x%04x%04x',
mt_rand(0, 0xffff), mt_rand(0, 0xffff),
mt_rand(0, 0xffff),
mt_rand(0, 0x0fff) | 0x4000,
mt_rand(0, 0x3fff) | 0x8000,
mt_rand(0, 0xffff), mt_rand(0, 0xffff), mt_rand(0, 0xffff)
);
}
}

126
app/Controllers/Api/V1/UserController.php Normal file
View File

@@ -0,0 +1,126 @@
<?php
namespace App\Controllers\Api\V1;
use App\Controllers\Api\BaseController;
use App\Models\UserModel;
use App\Models\ApiAuthKeyModel;
class UserController extends BaseController
{
protected $userModel;
protected $apiAuthKeyModel;
public function __construct()
{
$this->userModel = new UserModel();
$this->apiAuthKeyModel = new ApiAuthKeyModel();
}
/**
* Get user profile
* GET /api/v1/user/profile
*/
public function profile()
{
$userId = $this->getUserId();
$user = $this->userModel->find($userId);
if (!$user) {
return $this->errorResponse('User not found', 404);
}
// Remove sensitive data
unset($user['password_hash']);
return $this->successResponse($user, 'Profile retrieved successfully');
}
/**
* Update user profile
* PUT /api/v1/user/profile
*/
public function updateProfile()
{
$userId = $this->getUserId();
$json = $this->request->getJSON(true);
$allowedFields = ['name', 'avatar_url', 'settings'];
$updateData = array_intersect_key($json, array_flip($allowedFields));
if (empty($updateData)) {
return $this->errorResponse('No valid fields to update');
}
$this->userModel->update($userId, $updateData);
$user = $this->userModel->find($userId);
unset($user['password_hash']);
return $this->successResponse($user, 'Profile updated successfully');
}
/**
* List user's API keys
* GET /api/v1/user/api-keys
*/
public function listApiKeys()
{
$userId = $this->getUserId();
$apiKeys = $this->apiAuthKeyModel->getByUser($userId);
// Remove sensitive data
foreach ($apiKeys as &$key) {
unset($key['key_hash']);
}
return $this->successResponse($apiKeys, 'API keys retrieved successfully');
}
/**
* Create a new API key
* POST /api/v1/user/api-keys
*/
public function createApiKey()
{
$userId = $this->getUserId();
$json = $this->request->getJSON(true);
$name = $json['name'] ?? 'API Key';
$scopes = $json['scopes'] ?? ['read', 'write'];
$expiresAt = $json['expires_at'] ?? null;
$apiKey = $this->apiAuthKeyModel->createKey(
$userId,
$name,
$scopes,
$expiresAt
);
return $this->successResponse([
'id' => $apiKey['id'],
'key' => $apiKey['key'],
'prefix' => $apiKey['prefix'],
'name' => $apiKey['name'],
'scopes' => $apiKey['scopes'],
'expires_at' => $apiKey['expires_at'],
], 'API key created successfully');
}
/**
* Revoke an API key
* DELETE /api/v1/user/api-keys/{id}
*/
public function revokeApiKey($id)
{
$userId = $this->getUserId();
$apiKey = $this->apiAuthKeyModel->find($id);
if (!$apiKey || $apiKey['user_id'] !== $userId) {
return $this->errorResponse('API key not found', 404);
}
$this->apiAuthKeyModel->revokeKey($id);
return $this->successResponse(null, 'API key revoked successfully');
}
}

120
app/Controllers/Api/V1/UserThemeController.php Normal file
View File

@@ -0,0 +1,120 @@
<?php
namespace App\Controllers\Api\V1;
use App\Controllers\Api\BaseController;
use App\Models\UserThemeModel;
class UserThemeController extends BaseController
{
protected $userThemeModel;
public function __construct()
{
$this->userThemeModel = new UserThemeModel();
}
/**
* Get all themes for the authenticated user
* GET /api/v1/user/themes
*/
public function index()
{
$userId = $this->getUserId();
$themes = $this->userThemeModel->getByUser($userId);
return $this->successResponse($themes, 'User themes retrieved successfully');
}
/**
* Create a new user theme
* POST /api/v1/user/themes
*/
public function create()
{
$userId = $this->getUserId();
$json = $this->request->getJSON(true);
$rules = [
'theme_id' => 'required',
];
if (!$this->validateRequest($rules)) {
return;
}
$data = [
'id' => $this->generateUuid(),
'user_id' => $userId,
'theme_id' => $json['theme_id'],
'is_active' => $json['is_active'] ?? false,
'custom_settings' => $json['custom_settings'] ? json_encode($json['custom_settings']) : null,
];
$this->userThemeModel->insert($data);
$theme = $this->userThemeModel->find($data['id']);
return $this->successResponse($theme, 'User theme created successfully', 201);
}
/**
* Update a user theme
* PUT /api/v1/user/themes/{id}
*/
public function update($id = null)
{
$userId = $this->getUserId();
$theme = $this->userThemeModel->where('id', $id)->where('user_id', $userId)->first();
if (!$theme) {
return $this->errorResponse('User theme not found', 404);
}
$json = $this->request->getJSON(true);
$allowedFields = ['is_active', 'custom_settings'];
$updateData = array_intersect_key($json, array_flip($allowedFields));
if (isset($updateData['custom_settings'])) {
$updateData['custom_settings'] = json_encode($updateData['custom_settings']);
}
if (empty($updateData)) {
return $this->errorResponse('No valid fields to update');
}
$this->userThemeModel->update($id, $updateData);
$theme = $this->userThemeModel->find($id);
return $this->successResponse($theme, 'User theme updated successfully');
}
/**
* Delete a user theme
* DELETE /api/v1/user/themes/{id}
*/
public function delete($id = null)
{
$userId = $this->getUserId();
$theme = $this->userThemeModel->where('id', $id)->where('user_id', $userId)->first();
if (!$theme) {
return $this->errorResponse('User theme not found', 404);
}
$this->userThemeModel->delete($id);
return $this->successResponse(null, 'User theme deleted successfully');
}
private function generateUuid(): string
{
return sprintf(
'%04x%04x-%04x-%04x-%04x-%04x%04x%04x',
mt_rand(0, 0xffff), mt_rand(0, 0xffff),
mt_rand(0, 0xffff),
mt_rand(0, 0x0fff) | 0x4000,
mt_rand(0, 0x3fff) | 0x8000,
mt_rand(0, 0xffff), mt_rand(0, 0xffff), mt_rand(0, 0xffff)
);
}
}

266
app/Controllers/ThemeStore.php Normal file
View File

@@ -0,0 +1,266 @@
<?php
namespace App\Controllers;
use App\Models\MarketplaceThemeModel;
use App\Models\UserThemeModel;
use CodeIgniter\HTTP\Response;
class ThemeStore extends BaseController
{
public function index()
{
$model = new MarketplaceThemeModel();
$themes = $model->where('is_published', 1)->findAll();
foreach ($themes as &$theme) {
$meta = json_decode($theme['metadata'] ?? '{}', true);
$theme['colors'] = $meta['colors'] ?? [];
$theme['tags'] = $meta['tags'] ?? [];
$theme['vars'] = $meta['vars'] ?? [];
// Provide a preview array compatible with the frontend
$theme['preview'] = !empty($theme['colors']) ? array_values($theme['colors']) : ['#ffffff', '#f0f0f0', '#007acc'];
}
if ($this->request->isAJAX() || $this->request->hasHeader('Fetch') || str_contains($this->request->getHeaderLine('Accept'), 'application/json')) {
header('Access-Control-Allow-Origin: http://localhost:5173');
header('Access-Control-Allow-Credentials: true');
return $this->response->setJSON($themes);
}
return view('theme_store', [
'themes' => $themes,
'flash_success' => session()->getFlashdata('success'),
'flash_error' => session()->getFlashdata('error'),
]);
}
public function upload(): Response
{
header('Access-Control-Allow-Origin: http://localhost:5173');
header('Access-Control-Allow-Credentials: true');
$file = $this->request->getFile('theme_css');
$displayName = trim($this->request->getPost('display_name') ?? '');
$description = trim($this->request->getPost('description') ?? '');
if ($displayName === '') {
if ($this->request->isAJAX() || $this->request->hasHeader('Fetch')) {
return $this->response->setStatusCode(400)->setJSON(['error' => 'Display name is required.']);
}
return redirect()->to('themes')->with('error', 'Display name is required.');
}
if (! $file || ! $file->isValid() || $file->hasMoved()) {
if ($this->request->isAJAX() || $this->request->hasHeader('Fetch')) {
return $this->response->setStatusCode(400)->setJSON(['error' => 'Please upload a valid CSS file.']);
}
return redirect()->to('themes')->with('error', 'Please upload a valid CSS file.');
}
if (strtolower($file->getExtension()) !== 'css') {
if ($this->request->isAJAX() || $this->request->hasHeader('Fetch')) {
return $this->response->setStatusCode(400)->setJSON(['error' => 'Only .css files are allowed.']);
}
return redirect()->to('themes')->with('error', 'Only .css files are allowed.');
}
$slug = strtolower(preg_replace('/[^a-z0-9]+/i', '-', $displayName));
$slug = trim($slug, '-');
$filename = $slug . '-' . substr(bin2hex(random_bytes(3)), 0, 6) . '.css';
$file->move(FCPATH . 'themes', $filename, true);
// Extract CSS variables and colors from the uploaded file
$cssContent = file_get_contents(FCPATH . 'themes/' . $filename);
preg_match_all('/(--[a-zA-Z0-9-]+)\s*:\s*([^;]+);/', $cssContent, $matches);
$vars = [];
if (!empty($matches[1])) {
foreach ($matches[1] as $index => $key) {
$vars[$key] = trim($matches[2][$index]);
}
}
// Try to generate 3-color preview based on standard variables
$colors = [];
if (isset($vars['--bg'])) $colors['bg'] = $vars['--bg'];
if (isset($vars['--surface'])) $colors['surface'] = $vars['--surface'];
if (isset($vars['--accent'])) $colors['accent'] = $vars['--accent'];
$model = new MarketplaceThemeModel();
$model->insert([
'id' => $this->uuid4(),
'name' => $slug,
'display_name' => $displayName,
'description' => $description ?: 'Custom community theme.',
'author' => 'Community',
'version' => '1.0.0',
'thumbnail_url' => null,
'download_url' => '/themes/' . $filename,
'price' => 0,
'is_published' => true,
'metadata' => json_encode([
'tags' => ['custom', 'community'],
'colors' => $colors,
'vars' => $vars
]),
'created_at' => date('Y-m-d H:i:s'),
'updated_at' => date('Y-m-d H:i:s'),
]);
if ($this->request->isAJAX() || $this->request->hasHeader('Fetch')) {
return $this->response->setJSON([
'success' => true,
'message' => '"' . esc($displayName) . '" uploaded successfully!'
]);
}
return redirect()->to('themes')->with('success', '"' . esc($displayName) . '" uploaded successfully!');
}
public function preview(string $id): Response
{
$model = new MarketplaceThemeModel();
$theme = $model->find($id);
if (! $theme) {
return $this->response->setStatusCode(404)->setBody('<p style="font-family:sans-serif;padding:2rem">Theme not found.</p>');
}
$distIndex = '/home/came/Nextcloud/arch-work/Projects/Todo-App/dist/index.html';
if (! file_exists($distIndex)) {
return $this->response->setBody(
'<html><body style="font-family:sans-serif;display:flex;align-items:center;justify-content:center;height:100vh;margin:0;background:#0f0f17;color:#94a3b8">'
. '<div style="text-align:center"><p>Todo app dist not found.</p></div></body></html>'
);
}
$todoHtml = file_get_contents($distIndex);
// Rewrite asset paths from /assets/ to the public symlink so Apache serves them
$assetBase = rtrim(base_url('todo-preview'), '/');
$todoHtml = str_replace('="/assets/', '="' . $assetBase . '/assets/', $todoHtml);
// Build CSS variable overrides from the stored vars map
$meta = json_decode($theme['metadata'] ?? '{}', true);
$vars = $meta['vars'] ?? [];
$cssVars = ":root {\n";
foreach ($vars as $prop => $value) {
$cssVars .= " {$prop}: {$value};\n";
}
$cssVars .= "}\n";
// Also inject any raw CSS from the downloaded file (for custom/uploaded themes)
$cssPath = FCPATH . ltrim($theme['download_url'], '/');
$rawCss = file_exists($cssPath) ? file_get_contents($cssPath) : '';
$styleTag = "<style>\n/* Theme Store: {$theme['display_name']} */\n{$cssVars}\n{$rawCss}\n</style>";
$todoHtml = str_replace('</head>', $styleTag . "\n</head>", $todoHtml);
return $this->response
->setHeader('Content-Type', 'text/html; charset=utf-8')
->setBody($todoHtml);
}
public function install(string $id): Response
{
$model = new MarketplaceThemeModel();
$theme = $model->find($id);
if (! $theme) {
return $this->response->setStatusCode(404)->setJSON(['error' => 'Theme not found in the marketplace.']);
}
// Using session user_id or a default placeholder since standard auth might be configured separately
$userId = session()->get('user_id') ?? 'default-user-id';
$userThemeModel = new UserThemeModel();
if (! $userThemeModel->isInstalled($userId, $id)) {
$userThemeModel->installTheme($userId, $id);
}
return $this->response->setJSON([
'success' => true,
'message' => '"' . esc($theme['display_name']) . '" has been installed to your account.'
]);
}
public function activate(string $id): Response
{
$userId = session()->get('user_id') ?? 'default-user-id';
$userThemeModel = new UserThemeModel();
if (! $userThemeModel->isInstalled($userId, $id)) {
return $this->response->setStatusCode(400)->setJSON(['error' => 'Theme must be installed before it can be activated.']);
}
$userThemeModel->setActiveTheme($userId, $id);
return $this->response->setJSON(['success' => true, 'message' => 'Theme activated successfully.']);
}
public function uninstall(string $id): Response
{
$userId = session()->get('user_id') ?? 'default-user-id';
$userThemeModel = new UserThemeModel();
$userThemeModel->uninstallTheme($userId, $id);
return $this->response->setJSON(['success' => true, 'message' => 'Theme successfully uninstalled.']);
}
public function myThemes(): Response
{
$userId = session()->get('user_id') ?? 'default-user-id';
$userThemeModel = new UserThemeModel();
return $this->response->setJSON(['success' => true, 'data' => $userThemeModel->getUserThemes($userId)]);
}
public function serveCss(string $filename): Response
{
// Ensure it's just a file name (prevent directory traversal)
$filename = basename($filename);
$cssPath = FCPATH . 'themes/' . $filename;
// If the file actually exists on disk (e.g. newly uploaded themes)
if (file_exists($cssPath)) {
$css = file_get_contents($cssPath);
return $this->response->setContentType('text/css')->setBody($css);
}
// Generate dynamically for seeded themes that don't have a physical file
$model = new MarketplaceThemeModel();
$name = preg_replace('/\.css$/i', '', $filename);
$theme = $model->where('name', $name)->first();
if (! $theme) {
throw \CodeIgniter\Exceptions\PageNotFoundException::forPageNotFound();
}
$meta = json_decode($theme['metadata'] ?? '{}', true);
$vars = $meta['vars'] ?? [];
$css = "/* Theme: {$theme['display_name']} */\n:root {\n";
foreach ($vars as $prop => $value) {
$css .= " {$prop}: {$value};\n";
}
$css .= "}\n";
return $this->response->setContentType('text/css')->setBody($css);
}
private function uuid4(): string
{
$data = random_bytes(16);
$data[6] = chr(ord($data[6]) & 0x0f | 0x40);
$data[8] = chr(ord($data[8]) & 0x3f | 0x80);
return vsprintf('%s%s-%s-%s-%s-%s%s%s', str_split(bin2hex($data), 4));
}
}

81
app/Database/Migrations/2025-01-01-000015_CreateApiAuthKeysTable.php Normal file
View File

@@ -0,0 +1,81 @@
<?php
namespace App\Database\Migrations;
use CodeIgniter\Database\Migration;
class CreateApiAuthKeysTable extends Migration
{
public function up()
{
$this->forge->addField([
'id' => [
'type' => 'CHAR',
'constraint' => 36,
'null' => false,
],
'user_id' => [
'type' => 'CHAR',
'constraint' => 36,
'null' => false,
],
'key_hash' => [
'type' => 'VARCHAR',
'constraint' => 255,
'null' => false,
'comment' => 'SHA-256 hash of the API key',
],
'key_prefix' => [
'type' => 'VARCHAR',
'constraint' => 20,
'null' => false,
'comment' => 'First 8 characters for identification',
],
'name' => [
'type' => 'VARCHAR',
'constraint' => 255,
'null' => true,
'comment' => 'User-friendly name for the key',
],
'scopes' => [
'type' => 'JSON',
'null' => true,
'comment' => 'Array of allowed scopes (e.g., ["read", "write"])',
],
'expires_at' => [
'type' => 'DATETIME',
'null' => true,
'comment' => 'Optional expiration date',
],
'last_used_at' => [
'type' => 'DATETIME',
'null' => true,
],
'last_used_ip' => [
'type' => 'VARCHAR',
'constraint' => 45,
'null' => true,
'comment' => 'IPv4 or IPv6 address',
],
'is_active' => [
'type' => 'BOOLEAN',
'default' => true,
],
'created_at' => [
'type' => 'DATETIME',
'null' => true,
],
]);
$this->forge->addKey('id', true);
$this->forge->addKey('user_id');
$this->forge->addKey('key_hash');
$this->forge->addKey('is_active');
$this->forge->addForeignKey('user_id', 'users', 'id', 'CASCADE', 'CASCADE');
$this->forge->createTable('api_auth_keys');
}
public function down()
{
$this->forge->dropTable('api_auth_keys');
}
}

298
app/Database/Seeds/MarketplaceThemesSeeder.php
View File

@@ -8,34 +8,296 @@ class MarketplaceThemesSeeder extends Seeder
{
public function run()
{
$this->db->query('SET FOREIGN_KEY_CHECKS=0');
$this->db->table('marketplace_themes')->truncate();
$this->db->query('SET FOREIGN_KEY_CHECKS=1');
$data = [
[
'id' => '550e8400-e29b-41d4-a716-446655440010',
'name' => 'default-light',
'display_name' => 'Default Light',
'description' => 'Clean and simple light theme',
'author' => 'System',
'version' => '1.0.0',
'id' => '550e8400-e29b-41d4-a716-446655440010',
'name' => 'ocean-breeze',
'display_name' => 'Ocean Breeze',
'description' => 'A refreshing light theme inspired by the open sea. Soft teals and ocean blues create a calm, productive workspace that\'s easy on the eyes during long work sessions.',
'author' => 'ThemeForge',
'version' => '1.2.0',
'thumbnail_url' => null,
'download_url' => '/themes/default-light.zip',
'price' => 0,
'download_url' => '/themes/ocean-breeze.css',
'price' => 0,
'is_published' => true,
'metadata' => json_encode(['tags' => ['light', 'clean']]),
'metadata' => json_encode([
'tags' => ['light', 'blue', 'calm', 'minimal'],
'colors' => [
'Primary' => '#0077B6',
'Secondary' => '#00B4D8',
'Background' => '#E0F4FF',
'Surface' => '#FFFFFF',
'Text' => '#1A2B3C',
'Accent' => '#48CAE4',
],
'vars' => [
'--bg' => '#E0F4FF',
'--surface' => '#FFFFFF',
'--surface-strong' => '#FFFFFF',
'--surface-muted' => '#F0F9FF',
'--border' => '#BAE0F2',
'--line' => '#90C8E0',
'--text' => '#1A2B3C',
'--text-muted' => '#4A6B7A',
'--text-strong' => '#0D1B26',
'--accent' => '#0077B6',
'--accent-text' => '#FFFFFF',
'--accent-soft' => '#CCE9F5',
'--sidebar-bg' => '#FFFFFF',
'--sidebar-border' => '#BAE0F2',
'--sidebar-text' => '#1A2B3C',
'--sidebar-text-muted' => '#4A6B7A',
'--input-bg' => '#FFFFFF',
'--input-border' => '#BAE0F2',
'--modal-bg' => '#FFFFFF',
'--chip' => '#C8E8F0',
'--success' => '#D4F0E4',
],
]),
'created_at' => date('Y-m-d H:i:s'),
'updated_at' => date('Y-m-d H:i:s'),
],
[
'id' => '550e8400-e29b-41d4-a716-446655440011',
'name' => 'default-dark',
'display_name' => 'Default Dark',
'description' => 'Dark theme for night owls',
'author' => 'System',
'version' => '1.0.0',
'id' => '550e8400-e29b-41d4-a716-446655440011',
'name' => 'midnight-void',
'display_name' => 'Midnight Void',
'description' => 'Deep space dark theme for night owls and late-night coders. Rich dark purples and blues with vibrant neon accents give this theme a premium, modern feel.',
'author' => 'ThemeForge',
'version' => '2.0.1',
'thumbnail_url' => null,
'download_url' => '/themes/default-dark.zip',
'price' => 0,
'download_url' => '/themes/midnight-void.css',
'price' => 0,
'is_published' => true,
'metadata' => json_encode(['tags' => ['dark', 'night']]),
'metadata' => json_encode([
'tags' => ['dark', 'purple', 'neon', 'night'],
'colors' => [
'Primary' => '#7C3AED',
'Secondary' => '#A78BFA',
'Background' => '#0D0D1A',
'Surface' => '#1A1A2E',
'Text' => '#E2E8F0',
'Accent' => '#F472B6',
],
'vars' => [
'--bg' => '#0D0D1A',
'--surface' => '#1A1A2E',
'--surface-strong' => '#222234',
'--surface-muted' => '#121220',
'--border' => '#2A2A44',
'--line' => '#333350',
'--text' => '#E2E8F0',
'--text-muted' => '#94A3B8',
'--text-strong' => '#F1F5F9',
'--accent' => '#7C3AED',
'--accent-text' => '#FFFFFF',
'--accent-soft' => '#2D1A5E',
'--sidebar-bg' => '#16162A',
'--sidebar-border' => '#2A2A44',
'--sidebar-text' => '#E2E8F0',
'--sidebar-text-muted' => '#94A3B8',
'--input-bg' => '#0D0D1A',
'--input-border' => '#2A2A44',
'--modal-bg' => '#1A1A2E',
'--chip' => '#2A2A44',
'--success' => '#0D2A1A',
],
]),
'created_at' => date('Y-m-d H:i:s'),
'updated_at' => date('Y-m-d H:i:s'),
],
[
'id' => '550e8400-e29b-41d4-a716-446655440012',
'name' => 'forest-grove',
'display_name' => 'Forest Grove',
'description' => 'Earthy greens and warm neutrals bring the tranquility of a woodland retreat to your workspace. A grounding, nature-inspired theme designed for focused productivity.',
'author' => 'NaturePalette',
'version' => '1.0.5',
'thumbnail_url' => null,
'download_url' => '/themes/forest-grove.css',
'price' => 0,
'is_published' => true,
'metadata' => json_encode([
'tags' => ['light', 'green', 'earthy', 'nature'],
'colors' => [
'Primary' => '#2D6A4F',
'Secondary' => '#52B788',
'Background' => '#F0F7EE',
'Surface' => '#FFFFFF',
'Text' => '#1B2E22',
'Accent' => '#B7E4C7',
],
'vars' => [
'--bg' => '#F0F7EE',
'--surface' => '#FFFFFF',
'--surface-strong' => '#FFFFFF',
'--surface-muted' => '#F5FAF4',
'--border' => '#C0DACB',
'--line' => '#A0C4B0',
'--text' => '#1B2E22',
'--text-muted' => '#527A62',
'--text-strong' => '#0D1F14',
'--accent' => '#2D6A4F',
'--accent-text' => '#FFFFFF',
'--accent-soft' => '#C0E8D4',
'--sidebar-bg' => '#FFFFFF',
'--sidebar-border' => '#C0DACB',
'--sidebar-text' => '#1B2E22',
'--sidebar-text-muted' => '#527A62',
'--input-bg' => '#FFFFFF',
'--input-border' => '#C0DACB',
'--modal-bg' => '#FFFFFF',
'--chip' => '#B8E0C8',
'--success' => '#CCF0DC',
],
]),
'created_at' => date('Y-m-d H:i:s'),
'updated_at' => date('Y-m-d H:i:s'),
],
[
'id' => '550e8400-e29b-41d4-a716-446655440013',
'name' => 'sunset-ember',
'display_name' => 'Sunset Ember',
'description' => 'Warm oranges, deep reds, and golden highlights capture the magic of a perfect sunset. This vibrant theme adds energy and warmth to every interaction.',
'author' => 'ChromaCraft',
'version' => '1.1.2',
'thumbnail_url' => null,
'download_url' => '/themes/sunset-ember.css',
'price' => 0,
'is_published' => true,
'metadata' => json_encode([
'tags' => ['warm', 'orange', 'vibrant', 'sunset'],
'colors' => [
'Primary' => '#D62828',
'Secondary' => '#F77F00',
'Background' => '#FFF5E4',
'Surface' => '#FFFFFF',
'Text' => '#2D1B00',
'Accent' => '#FCBF49',
],
'vars' => [
'--bg' => '#FFF5E4',
'--surface' => '#FFFFFF',
'--surface-strong' => '#FFFFFF',
'--surface-muted' => '#FFF8F0',
'--border' => '#F0D0A8',
'--line' => '#E0B880',
'--text' => '#2D1B00',
'--text-muted' => '#8A6040',
'--text-strong' => '#1A0A00',
'--accent' => '#D62828',
'--accent-text' => '#FFFFFF',
'--accent-soft' => '#FFE0CC',
'--sidebar-bg' => '#FFFFFF',
'--sidebar-border' => '#F0D0A8',
'--sidebar-text' => '#2D1B00',
'--sidebar-text-muted' => '#8A6040',
'--input-bg' => '#FFFFFF',
'--input-border' => '#F0D0A8',
'--modal-bg' => '#FFFFFF',
'--chip' => '#F8D8B0',
'--success' => '#DDFADC',
],
]),
'created_at' => date('Y-m-d H:i:s'),
'updated_at' => date('Y-m-d H:i:s'),
],
[
'id' => '550e8400-e29b-41d4-a716-446655440014',
'name' => 'arctic-frost',
'display_name' => 'Arctic Frost',
'description' => 'Ultra-clean whites and icy blues inspired by frozen tundras. A minimalist theme that maximises clarity and focus with crisp contrast and breathable spacing.',
'author' => 'MinimalStudio',
'version' => '3.0.0',
'thumbnail_url' => null,
'download_url' => '/themes/arctic-frost.css',
'price' => 0,
'is_published' => true,
'metadata' => json_encode([
'tags' => ['light', 'minimal', 'clean', 'ice'],
'colors' => [
'Primary' => '#2176AE',
'Secondary' => '#57C4E5',
'Background' => '#F8FBFF',
'Surface' => '#FFFFFF',
'Text' => '#1C2B3A',
'Accent' => '#A8DADC',
],
'vars' => [
'--bg' => '#F8FBFF',
'--surface' => '#FFFFFF',
'--surface-strong' => '#FFFFFF',
'--surface-muted' => '#F0F5FC',
'--border' => '#C0D4E8',
'--line' => '#A0BCDA',
'--text' => '#1C2B3A',
'--text-muted' => '#4E6478',
'--text-strong' => '#0D1B2A',
'--accent' => '#2176AE',
'--accent-text' => '#FFFFFF',
'--accent-soft' => '#CCE0F0',
'--sidebar-bg' => '#FFFFFF',
'--sidebar-border' => '#C0D4E8',
'--sidebar-text' => '#1C2B3A',
'--sidebar-text-muted' => '#4E6478',
'--input-bg' => '#FFFFFF',
'--input-border' => '#C0D4E8',
'--modal-bg' => '#FFFFFF',
'--chip' => '#B8D4E8',
'--success' => '#D4F0E4',
],
]),
'created_at' => date('Y-m-d H:i:s'),
'updated_at' => date('Y-m-d H:i:s'),
],
[
'id' => '550e8400-e29b-41d4-a716-446655440015',
'name' => 'obsidian-rose',
'display_name' => 'Obsidian Rose',
'description' => 'A sophisticated dark theme blending deep charcoal blacks with rose gold accents. Elegant and bold, this theme is built for those who want style without sacrificing readability.',
'author' => 'ChromaCraft',
'version' => '1.3.0',
'thumbnail_url' => null,
'download_url' => '/themes/obsidian-rose.css',
'price' => 0,
'is_published' => true,
'metadata' => json_encode([
'tags' => ['dark', 'elegant', 'rose', 'premium'],
'colors' => [
'Primary' => '#C9184A',
'Secondary' => '#FF4D6D',
'Background' => '#0A0A0F',
'Surface' => '#1C1C28',
'Text' => '#F1E3E4',
'Accent' => '#B5838D',
],
'vars' => [
'--bg' => '#0A0A0F',
'--surface' => '#1C1C28',
'--surface-strong' => '#242430',
'--surface-muted' => '#14141E',
'--border' => '#2A2A38',
'--line' => '#383848',
'--text' => '#F1E3E4',
'--text-muted' => '#B5939A',
'--text-strong' => '#FAF0F1',
'--accent' => '#C9184A',
'--accent-text' => '#FFFFFF',
'--accent-soft' => '#3D0A1A',
'--sidebar-bg' => '#161620',
'--sidebar-border' => '#2A2A38',
'--sidebar-text' => '#F1E3E4',
'--sidebar-text-muted' => '#B5939A',
'--input-bg' => '#0A0A0F',
'--input-border' => '#2A2A38',
'--modal-bg' => '#1C1C28',
'--chip' => '#2A2030',
'--success' => '#0A2016',
],
]),
'created_at' => date('Y-m-d H:i:s'),
'updated_at' => date('Y-m-d H:i:s'),
],

33
app/Database/Seeds/SampleDataSeeder.php
View File

@@ -309,5 +309,38 @@ class SampleDataSeeder extends Seeder
if (!empty($recurringTaskCategories)) {
$this->db->table('recurring_task_categories')->insertBatch($recurringTaskCategories);
}
// Create an API key for the demo user
$existingApiKey = $this->db->table('api_auth_keys')
->where('user_id', $userId)
->where('name', 'Demo API Key')
->get()
->getRowArray();
if (!$existingApiKey) {
$apiKey = 'todo_' . bin2hex(random_bytes(32));
$keyHash = hash('sha256', $apiKey);
$keyPrefix = substr($apiKey, 0, 8);
$this->db->table('api_auth_keys')->insert([
'id' => $generateUuid(),
'user_id' => $userId,
'key_hash' => $keyHash,
'key_prefix' => $keyPrefix,
'name' => 'Demo API Key',
'scopes' => json_encode(['read', 'write']),
'expires_at' => null,
'is_active' => true,
'created_at' => date('Y-m-d H:i:s'),
]);
echo "\n========================================\n";
echo "DEMO API KEY CREATED:\n";
echo "========================================\n";
echo "API Key: {$apiKey}\n";
echo "Prefix: {$keyPrefix}\n";
echo "Use this key in the X-API-Key header\n";
echo "========================================\n\n";
}
}
}

100
app/Filters/ApiAuthFilter.php Normal file
View File

@@ -0,0 +1,100 @@
<?php
namespace App\Filters;
use CodeIgniter\Filters\FilterInterface;
use CodeIgniter\HTTP\RequestInterface;
use CodeIgniter\HTTP\ResponseInterface;
class ApiAuthFilter implements FilterInterface
{
/**
* Do whatever processing this filter needs to do.
* By default it should not return anything during
* normal execution. However, when an abnormal state
* is found, it should return an instance of
* CodeIgniter\HTTP\Response. If it does, script
* execution will end and that Response will be
* sent back to the client, allowing for error pages,
* redirects, etc.
*
* @param RequestInterface $request
* @param array|null $arguments
*
* @return mixed
*/
public function before(RequestInterface $request, $arguments = null)
{
$apiKey = $request->getHeaderLine('X-API-Key');
if (empty($apiKey)) {
return $this->unauthorized('API key is required');
}
$apiAuthKeyModel = new \App\Models\ApiAuthKeyModel();
$result = $apiAuthKeyModel->validateKey($apiKey);
if (!$result) {
return $this->unauthorized('Invalid or expired API key');
}
// Store the authenticated user in the request
$request->user = $result['user'];
$request->authKey = $result['auth_key'];
// Check scopes if required
if (!empty($arguments)) {
$requiredScopes = $arguments;
$keyScopes = $result['auth_key']['scopes'] ? json_decode($result['auth_key']['scopes'], true) : [];
if (empty($keyScopes)) {
// No scopes defined, allow all
return;
}
foreach ($requiredScopes as $scope) {
if (!in_array($scope, $keyScopes)) {
return $this->forbidden('Insufficient permissions. Required scope: ' . $scope);
}
}
}
}
/**
* We don't need to do anything here.
*
* @param RequestInterface $request
* @param ResponseInterface $response
* @param array|null $arguments
*
* @return mixed
*/
public function after(RequestInterface $request, ResponseInterface $response, $arguments = null)
{
// Do nothing
}
/**
* Return unauthorized response
*/
private function unauthorized(string $message): ResponseInterface
{
$response = \Config\Services::response();
return $response->setStatusCode(401)->setJSON([
'error' => 'Unauthorized',
'message' => $message,
]);
}
/**
* Return forbidden response
*/
private function forbidden(string $message): ResponseInterface
{
$response = \Config\Services::response();
return $response->setStatusCode(403)->setJSON([
'error' => 'Forbidden',
'message' => $message,
]);
}
}

14
app/Models/ActivityLogModel.php
View File

@@ -25,7 +25,7 @@ class ActivityLogModel extends Model
protected $useTimestamps = true;
protected $createdField = 'created_at';
protected $updatedField = null;
protected $updatedField = '';
protected $validationRules = [
'action' => 'required|max_length[255]',
@@ -34,9 +34,6 @@ class ActivityLogModel extends Model
// Log an activity
public function logActivity($data)
{
// Disable events to prevent any recursive logging
$this->skipEvents();
if (!isset($data['id'])) {
$data['id'] = $this->generateUuid();
}
@@ -44,12 +41,9 @@ class ActivityLogModel extends Model
$data['created_at'] = date('Y-m-d H:i:s');
}
$result = $this->insert($data);
// Re-enable events
$this->skipEvents(false);
return $result;
// Use builder directly to avoid triggering events
$builder = $this->db->table($this->table);
return $builder->insert($data);
}
// Get logs by user

2
app/Models/AiMessageModel.php
View File

@@ -22,7 +22,7 @@ class AiMessageModel extends Model
protected $useTimestamps = true;
protected $createdField = 'created_at';
protected $updatedField = null;
protected $updatedField = '';
protected $validationRules = [
'chat_id' => 'required',

2
app/Models/AiProviderModel.php
View File

@@ -22,7 +22,7 @@ class AiProviderModel extends Model
protected $useTimestamps = true;
protected $createdField = 'created_at';
protected $updatedField = null;
protected $updatedField = '';
protected $validationRules = [
'name' => 'required|max_length[100]|is_unique[ai_providers.name]',

164
app/Models/ApiAuthKeyModel.php Normal file
View File

@@ -0,0 +1,164 @@
<?php
namespace App\Models;
use CodeIgniter\Model;
class ApiAuthKeyModel extends Model
{
protected $table = 'api_auth_keys';
protected $primaryKey = 'id';
protected $useAutoIncrement = false;
protected $returnType = 'array';
protected $useSoftDeletes = false;
protected $allowedFields = [
'id',
'user_id',
'key_hash',
'key_prefix',
'name',
'scopes',
'expires_at',
'last_used_at',
'last_used_ip',
'is_active',
'created_at',
];
protected $useTimestamps = false;
protected $createdField = 'created_at';
protected $updatedField = '';
protected $validationRules = [
'user_id' => 'required',
'key_hash' => 'required',
'key_prefix' => 'required|max_length[20]',
];
/**
* Generate a new API key
*/
public function generateKey(): string
{
return 'todo_' . bin2hex(random_bytes(32));
}
/**
* Create a new API key for a user
*/
public function createKey(string $userId, ?string $name = null, ?array $scopes = null, ?string $expiresAt = null): array
{
$key = $this->generateKey();
$keyHash = hash('sha256', $key);
$keyPrefix = substr($key, 0, 8);
$data = [
'id' => $this->generateUuid(),
'user_id' => $userId,
'key_hash' => $keyHash,
'key_prefix' => $keyPrefix,
'name' => $name,
'scopes' => $scopes ? json_encode($scopes) : null,
'expires_at' => $expiresAt,
'is_active' => true,
'created_at' => date('Y-m-d H:i:s'),
];
$this->insert($data);
return [
'id' => $data['id'],
'key' => $key,
'prefix' => $keyPrefix,
'name' => $name,
'scopes' => $scopes,
'expires_at' => $expiresAt,
];
}
/**
* Validate an API key and return the associated user
*/
public function validateKey(string $key): ?array
{
$keyHash = hash('sha256', $key);
$authKey = $this->where('key_hash', $keyHash)
->where('is_active', true)
->first();
if (!$authKey) {
return null;
}
// Check if key has expired
if ($authKey['expires_at'] && strtotime($authKey['expires_at']) < time()) {
return null;
}
// Update last used information
$this->update($authKey['id'], [
'last_used_at' => date('Y-m-d H:i:s'),
'last_used_ip' => $this->getClientIp(),
]);
// Get the user
$userModel = new UserModel();
$user = $userModel->find($authKey['user_id']);
if (!$user) {
return null;
}
return [
'user' => $user,
'auth_key' => $authKey,
];
}
/**
* Get all API keys for a user
*/
public function getByUser(string $userId): array
{
return $this->where('user_id', $userId)
->orderBy('created_at', 'DESC')
->findAll();
}
/**
* Revoke an API key
*/
public function revokeKey(string $keyId): bool
{
return $this->update($keyId, ['is_active' => false]);
}
/**
* Get client IP address
*/
private function getClientIp(): ?string
{
try {
$request = \Config\Services::request();
return $request->getIPAddress();
} catch (\Exception $e) {
return null;
}
}
/**
* Generate UUID
*/
private function generateUuid(): string
{
return sprintf(
'%04x%04x-%04x-%04x-%04x-%04x%04x%04x',
mt_rand(0, 0xffff), mt_rand(0, 0xffff),
mt_rand(0, 0xffff),
mt_rand(0, 0x0fff) | 0x4000,
mt_rand(0, 0x3fff) | 0x8000,
mt_rand(0, 0xffff), mt_rand(0, 0xffff), mt_rand(0, 0xffff)
);
}
}

9
app/Models/CategoryModel.php
View File

@@ -6,8 +6,6 @@ use CodeIgniter\Model;
class CategoryModel extends Model
{
use LoggableTrait;
protected $table = 'categories';
protected $primaryKey = 'id';
protected $useAutoIncrement = false;
@@ -24,15 +22,10 @@ class CategoryModel extends Model
protected $useTimestamps = true;
protected $createdField = 'created_at';
protected $updatedField = null;
protected $updatedField = '';
protected $validationRules = [
'user_id' => 'required',
'name' => 'required|max_length[255]',
];
protected function getEntityType(): string
{
return 'category';
}
}

2
app/Models/LoggableTrait.php
View File

@@ -134,7 +134,7 @@ trait LoggableTrait
{
try {
$request = \Config\Services::request();
return $request->getUserAgent()->toString();
return $request->getUserAgent()->getAgentString();
} catch (\Exception $e) {
return 'CLI/Script';
}

9
app/Models/ProjectModel.php
View File

@@ -6,8 +6,6 @@ use CodeIgniter\Model;
class ProjectModel extends Model
{
use LoggableTrait;
protected $table = 'projects';
protected $primaryKey = 'id';
protected $useAutoIncrement = false;
@@ -24,15 +22,10 @@ class ProjectModel extends Model
protected $useTimestamps = true;
protected $createdField = 'created_at';
protected $updatedField = null;
protected $updatedField = '';
protected $validationRules = [
'user_id' => 'required',
'name' => 'required|max_length[255]',
];
protected function getEntityType(): string
{
return 'project';
}
}

7
app/Models/RecurringTaskModel.php
View File

@@ -6,8 +6,6 @@ use CodeIgniter\Model;
class RecurringTaskModel extends Model
{
use LoggableTrait;
protected $table = 'recurring_tasks';
protected $primaryKey = 'id';
protected $useAutoIncrement = false;
@@ -35,11 +33,6 @@ class RecurringTaskModel extends Model
'schedule' => 'required|in_list[daily,weekly,monthly,custom]',
];
protected function getEntityType(): string
{
return 'recurring_task';
}
// Get recurring tasks with categories
public function getWithCategories($taskId = null)
{

33
app/Models/TodoModel.php
View File

@@ -6,8 +6,6 @@ use CodeIgniter\Model;
class TodoModel extends Model
{
use LoggableTrait;
protected $table = 'todos';
protected $primaryKey = 'id';
protected $useAutoIncrement = false;
@@ -39,11 +37,6 @@ class TodoModel extends Model
'status' => 'permit_empty|in_list[open,in_progress,completed,archived]',
];
protected function getEntityType(): string
{
return 'todo';
}
// Get todos with categories
public function getWithCategories($todoId = null)
{
@@ -59,15 +52,23 @@ class TodoModel extends Model
return $builder->get()->getResultArray();
}
// Get todos by user with categories
public function getByUserWithCategories($userId)
// Get todos by user with categories (optionally filtered by todo id)
public function getByUserWithCategories($userId, $todoId = null)
{
return $this->select('todos.*, GROUP_CONCAT(categories.name) as category_names')
->join('todo_categories', 'todos.id = todo_categories.todo_id', 'left')
->join('categories', 'todo_categories.category_id = categories.id', 'left')
->where('todos.user_id', $userId)
->groupBy('todos.id')
->get()
->getResultArray();
$builder = $this->select('
todos.*,
GROUP_CONCAT(DISTINCT categories.id SEPARATOR \',\') as category_ids,
GROUP_CONCAT(DISTINCT categories.name SEPARATOR \', \') as category_names
')
->join('todo_categories', 'todos.id = todo_categories.todo_id', 'left')
->join('categories', 'todo_categories.category_id = categories.id', 'left')
->where('todos.user_id', $userId)
->groupBy('todos.id');
if ($todoId) {
$builder->where('todos.id', $todoId);
}
return $builder->get()->getResultArray();
}
}

7
app/Models/UserModel.php
View File

@@ -6,8 +6,6 @@ use CodeIgniter\Model;
class UserModel extends Model
{
use LoggableTrait;
protected $table = 'users';
protected $primaryKey = 'id';
protected $useAutoIncrement = false;
@@ -40,9 +38,4 @@ class UserModel extends Model
'is_unique' => 'This email is already registered',
],
];
protected function getEntityType(): string
{
return 'user';
}
}

861
app/Views/theme_store.php Normal file
View File

@@ -0,0 +1,861 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Theme Store</title>
<style>
*, *::before, *::after { box-sizing: border-box; margin: 0; padding: 0; }
body {
font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, sans-serif;
background: #0f0f17;
color: #e2e8f0;
min-height: 100vh;
}
/* ── Header ── */
header {
background: linear-gradient(135deg, #1a1a2e 0%, #16213e 50%, #0f3460 100%);
padding: 60px 24px 50px;
text-align: center;
border-bottom: 1px solid rgba(255,255,255,0.06);
position: relative;
overflow: hidden;
}
header::before {
content: '';
position: absolute;
inset: 0;
background: radial-gradient(ellipse at 50% 0%, rgba(124,58,237,0.15) 0%, transparent 70%);
pointer-events: none;
}
header h1 {
font-size: clamp(2rem, 5vw, 3.2rem);
font-weight: 800;
letter-spacing: -0.03em;
background: linear-gradient(135deg, #a78bfa, #60a5fa, #f472b6);
-webkit-background-clip: text;
-webkit-text-fill-color: transparent;
background-clip: text;
position: relative;
}
header p {
margin-top: 12px;
color: #94a3b8;
font-size: 1.1rem;
position: relative;
}
.header-row {
display: flex;
align-items: center;
justify-content: center;
gap: 14px;
margin-top: 20px;
position: relative;
flex-wrap: wrap;
}
.header-badge {
background: rgba(124,58,237,0.2);
border: 1px solid rgba(124,58,237,0.4);
color: #a78bfa;
padding: 4px 14px;
border-radius: 100px;
font-size: 0.8rem;
font-weight: 600;
letter-spacing: 0.05em;
text-transform: uppercase;
}
.btn-upload-header {
background: linear-gradient(135deg, #7c3aed, #6d28d9);
color: #fff;
border: none;
padding: 8px 20px;
border-radius: 100px;
font-size: 0.85rem;
font-weight: 600;
cursor: pointer;
display: flex;
align-items: center;
gap: 6px;
transition: opacity 0.15s, transform 0.15s;
}
.btn-upload-header:hover { opacity: 0.88; transform: translateY(-1px); }
/* ── Flash messages ── */
.flash {
max-width: 680px;
margin: 24px auto 0;
padding: 12px 18px;
border-radius: 10px;
font-size: 0.9rem;
font-weight: 500;
display: flex;
align-items: center;
gap: 10px;
}
.flash-success { background: rgba(52,211,153,0.12); border: 1px solid rgba(52,211,153,0.3); color: #34d399; }
.flash-error { background: rgba(248,113,113,0.12); border: 1px solid rgba(248,113,113,0.3); color: #f87171; }
/* ── Grid ── */
.grid-wrapper {
max-width: 1200px;
margin: 0 auto;
padding: 48px 24px 80px;
}
.grid {
display: grid;
grid-template-columns: repeat(auto-fill, minmax(320px, 1fr));
gap: 28px;
}
/* ── Card ── */
.card {
background: #1a1a2e;
border: 1px solid rgba(255,255,255,0.07);
border-radius: 16px;
overflow: hidden;
transition: transform 0.2s ease, box-shadow 0.2s ease, border-color 0.2s ease;
}
.card:hover {
transform: translateY(-4px);
box-shadow: 0 20px 48px rgba(0,0,0,0.5);
border-color: rgba(167,139,250,0.3);
}
.card-preview {
height: 90px;
display: flex;
overflow: hidden;
}
.card-preview .swatch { flex: 1; transition: flex 0.3s ease; }
.card:hover .card-preview .swatch { flex: 1.4; }
.card-body { padding: 22px; }
.card-meta {
display: flex;
align-items: center;
justify-content: space-between;
margin-bottom: 8px;
}
.card-name { font-size: 1.15rem; font-weight: 700; color: #f1f5f9; }
.card-version {
font-size: 0.75rem; color: #64748b;
background: rgba(255,255,255,0.05);
padding: 2px 8px; border-radius: 100px;
}
.card-author { font-size: 0.8rem; color: #94a3b8; margin-bottom: 10px; }
.card-desc {
font-size: 0.88rem; color: #94a3b8; line-height: 1.55;
margin-bottom: 14px;
display: -webkit-box; -webkit-line-clamp: 2; -webkit-box-orient: vertical; overflow: hidden;
}
.card-tags { display: flex; flex-wrap: wrap; gap: 6px; margin-bottom: 18px; }
.tag {
background: rgba(167,139,250,0.1);
border: 1px solid rgba(167,139,250,0.25);
color: #a78bfa;
font-size: 0.72rem; padding: 2px 9px; border-radius: 100px; font-weight: 500;
}
.card-actions { display: flex; gap: 10px; }
.btn {
flex: 1; padding: 10px 0; border-radius: 8px; border: none;
cursor: pointer; font-size: 0.85rem; font-weight: 600;
transition: opacity 0.15s, transform 0.15s;
}
.btn:hover { opacity: 0.88; transform: translateY(-1px); }
.btn-download {
background: linear-gradient(135deg, #22c55e, #16a34a);
color: #fff; text-decoration: none;
display: flex; align-items: center; justify-content: center; gap: 6px;
}
.btn-details {
background: rgba(255,255,255,0.06);
border: 1px solid rgba(255,255,255,0.1);
color: #e2e8f0;
}
.btn-details:hover { background: rgba(255,255,255,0.1); }
/* ── Backdrop shared ── */
.modal-backdrop {
display: none;
position: fixed; inset: 0;
background: rgba(0,0,0,0.8);
backdrop-filter: blur(6px);
z-index: 1000;
align-items: center;
justify-content: center;
padding: 24px;
}
.modal-backdrop.open { display: flex; }
/* ── Details Modal ── */
.details-modal {
background: #1a1a2e;
border: 1px solid rgba(255,255,255,0.1);
border-radius: 20px;
width: 95vw;
max-width: 1100px;
height: 88vh;
display: flex;
flex-direction: column;
animation: popIn 0.22s cubic-bezier(0.34,1.56,0.64,1);
overflow: hidden;
}
@keyframes popIn {
from { opacity: 0; transform: scale(0.92) translateY(20px); }
to { opacity: 1; transform: scale(1) translateY(0); }
}
/* colour stripe at top */
.modal-preview-stripe {
height: 80px;
display: flex;
flex-shrink: 0;
}
.modal-preview-stripe .swatch { flex: 1; }
/* tab bar */
.modal-tabs {
display: flex;
border-bottom: 1px solid rgba(255,255,255,0.08);
background: rgba(255,255,255,0.02);
flex-shrink: 0;
padding: 0 24px;
}
.modal-tab {
padding: 12px 20px;
font-size: 0.88rem;
font-weight: 600;
color: #64748b;
cursor: pointer;
border-bottom: 2px solid transparent;
transition: color 0.15s, border-color 0.15s;
background: none;
border-top: none; border-left: none; border-right: none;
display: flex; align-items: center; gap: 7px;
margin-bottom: -1px;
}
.modal-tab:hover { color: #94a3b8; }
.modal-tab.active { color: #a78bfa; border-bottom-color: #7c3aed; }
/* tab panels */
.modal-body {
flex: 1;
overflow: hidden;
position: relative;
}
.tab-panel {
display: none;
height: 100%;
overflow-y: auto;
}
.tab-panel.active { display: block; }
/* details panel */
.details-panel { padding: 28px; }
.modal-header {
display: flex;
justify-content: space-between;
align-items: flex-start;
margin-bottom: 6px;
}
.modal-title { font-size: 1.4rem; font-weight: 800; color: #f1f5f9; }
.modal-close {
background: rgba(255,255,255,0.06);
border: 1px solid rgba(255,255,255,0.1);
color: #94a3b8;
border-radius: 8px; width: 34px; height: 34px;
cursor: pointer; font-size: 1.1rem;
display: flex; align-items: center; justify-content: center;
transition: background 0.15s; flex-shrink: 0;
}
.modal-close:hover { background: rgba(255,255,255,0.12); color: #fff; }
.modal-meta { font-size: 0.82rem; color: #64748b; margin-bottom: 16px; }
.modal-desc { font-size: 0.92rem; color: #94a3b8; line-height: 1.65; margin-bottom: 22px; }
.section-label {
font-size: 0.75rem; font-weight: 700;
text-transform: uppercase; letter-spacing: 0.08em;
color: #64748b; margin-bottom: 10px;
}
.colors-grid {
display: grid;
grid-template-columns: repeat(auto-fill, minmax(110px, 1fr));
gap: 10px;
margin-bottom: 22px;
}
.color-chip { border-radius: 10px; overflow: hidden; border: 1px solid rgba(255,255,255,0.07); }
.color-chip-swatch { height: 48px; }
.color-chip-info { padding: 6px 8px; background: rgba(255,255,255,0.03); }
.color-chip-name { font-size: 0.7rem; color: #94a3b8; display: block; }
.color-chip-hex { font-size: 0.75rem; font-weight: 600; color: #e2e8f0; font-family: 'SF Mono', monospace; }
.modal-tags { display: flex; flex-wrap: wrap; gap: 6px; margin-bottom: 24px; }
.modal-actions { display: flex; gap: 10px; }
.btn-download-lg {
flex: 1; padding: 13px; font-size: 0.95rem; border-radius: 10px;
background: linear-gradient(135deg, #22c55e, #16a34a);
color: #fff; font-weight: 700; text-decoration: none;
display: flex; align-items: center; justify-content: center; gap: 8px;
border: none; cursor: pointer;
transition: opacity 0.15s, transform 0.15s;
}
.btn-download-lg:hover { opacity: 0.88; transform: translateY(-1px); }
/* preview panel */
.preview-panel {
padding: 0;
height: 100%;
display: none;
flex-direction: column;
}
.preview-panel.active { display: flex; }
.preview-toolbar {
padding: 10px 16px;
background: rgba(255,255,255,0.03);
border-bottom: 1px solid rgba(255,255,255,0.06);
display: flex;
align-items: center;
gap: 10px;
flex-shrink: 0;
}
.preview-dot { width: 10px; height: 10px; border-radius: 50%; }
.preview-url {
flex: 1;
background: rgba(255,255,255,0.05);
border: 1px solid rgba(255,255,255,0.08);
border-radius: 6px;
padding: 4px 12px;
font-size: 0.78rem;
color: #64748b;
font-family: monospace;
}
.preview-iframe-wrap {
flex: 1;
overflow: hidden;
position: relative;
}
.preview-iframe-wrap iframe {
width: 100%;
height: 100%;
border: none;
display: block;
}
.preview-loading {
position: absolute;
inset: 0;
display: flex;
flex-direction: column;
align-items: center;
justify-content: center;
background: #0f0f17;
color: #94a3b8;
gap: 14px;
font-size: 0.9rem;
}
.spinner {
width: 32px; height: 32px;
border: 3px solid rgba(167,139,250,0.2);
border-top-color: #7c3aed;
border-radius: 50%;
animation: spin 0.8s linear infinite;
}
@keyframes spin { to { transform: rotate(360deg); } }
/* ── Upload Modal ── */
.upload-modal {
background: #1a1a2e;
border: 1px solid rgba(255,255,255,0.1);
border-radius: 20px;
width: 100%;
max-width: 480px;
animation: popIn 0.22s cubic-bezier(0.34,1.56,0.64,1);
overflow: hidden;
}
.upload-header {
padding: 24px 28px 0;
display: flex;
justify-content: space-between;
align-items: center;
margin-bottom: 20px;
}
.upload-title { font-size: 1.25rem; font-weight: 700; color: #f1f5f9; }
.upload-body { padding: 0 28px 28px; }
.field { margin-bottom: 18px; }
.field label {
display: block;
font-size: 0.8rem;
font-weight: 600;
color: #94a3b8;
margin-bottom: 6px;
text-transform: uppercase;
letter-spacing: 0.05em;
}
.field input[type="text"],
.field textarea {
width: 100%;
background: rgba(255,255,255,0.05);
border: 1px solid rgba(255,255,255,0.1);
border-radius: 8px;
padding: 10px 14px;
color: #e2e8f0;
font-size: 0.9rem;
font-family: inherit;
outline: none;
transition: border-color 0.15s;
}
.field input[type="text"]:focus,
.field textarea:focus {
border-color: rgba(124,58,237,0.5);
}
.field textarea { resize: vertical; min-height: 80px; }
.file-drop {
border: 2px dashed rgba(124,58,237,0.3);
border-radius: 10px;
padding: 24px;
text-align: center;
cursor: pointer;
transition: border-color 0.15s, background 0.15s;
position: relative;
color: #64748b;
font-size: 0.88rem;
}
.file-drop:hover,
.file-drop.drag-over {
border-color: rgba(124,58,237,0.7);
background: rgba(124,58,237,0.05);
}
.file-drop input[type="file"] {
position: absolute; inset: 0; opacity: 0; cursor: pointer; width: 100%; height: 100%;
}
.file-drop-icon { font-size: 1.8rem; margin-bottom: 8px; display: block; }
.file-drop strong { color: #a78bfa; }
.file-name-preview {
margin-top: 8px;
font-size: 0.8rem;
color: #34d399;
display: none;
}
.btn-submit {
width: 100%;
padding: 13px;
background: linear-gradient(135deg, #7c3aed, #6d28d9);
color: #fff;
border: none;
border-radius: 10px;
font-size: 0.95rem;
font-weight: 700;
cursor: pointer;
transition: opacity 0.15s, transform 0.15s;
}
.btn-submit:hover { opacity: 0.88; transform: translateY(-1px); }
/* ── Footer ── */
footer {
text-align: center;
padding: 32px 24px;
color: #334155;
font-size: 0.82rem;
border-top: 1px solid rgba(255,255,255,0.04);
}
::-webkit-scrollbar { width: 6px; }
::-webkit-scrollbar-track { background: transparent; }
::-webkit-scrollbar-thumb { background: rgba(167,139,250,0.3); border-radius: 3px; }
</style>
</head>
<body>
<header>
<h1>Theme Store</h1>
<p>Beautiful, ready-to-use themes for your application</p>
<div class="header-row">
<span class="header-badge"><?= count($themes) ?> free themes</span>
<button class="btn-upload-header" onclick="openUploadModal()">
<span>&#x2B;</span> Upload Theme
</button>
</div>
</header>
<?php if ($flash_success): ?>
<div style="max-width:1200px;margin:0 auto;padding:0 24px">
<div class="flash flash-success">&#10003; <?= esc($flash_success) ?></div>
</div>
<?php elseif ($flash_error): ?>
<div style="max-width:1200px;margin:0 auto;padding:0 24px">
<div class="flash flash-error">&#9888; <?= esc($flash_error) ?></div>
</div>
<?php endif; ?>
<div class="grid-wrapper">
<div class="grid">
<?php foreach ($themes as $theme): ?>
<div class="card">
<div class="card-preview">
<?php foreach (array_values($theme['colors']) as $hex): ?>
<div class="swatch" style="background:<?= esc($hex) ?>"></div>
<?php endforeach; ?>
<?php if (empty($theme['colors'])): ?>
<div class="swatch" style="background:linear-gradient(135deg,#7c3aed,#f472b6)"></div>
<?php endif; ?>
</div>
<div class="card-body">
<div class="card-meta">
<span class="card-name"><?= esc($theme['display_name']) ?></span>
<span class="card-version">v<?= esc($theme['version']) ?></span>
</div>
<div class="card-author">by <?= esc($theme['author']) ?></div>
<p class="card-desc"><?= esc($theme['description']) ?></p>
<div class="card-tags">
<?php foreach ($theme['tags'] as $tag): ?>
<span class="tag"><?= esc($tag) ?></span>
<?php endforeach; ?>
</div>
<div class="card-actions">
<button class="btn btn-download" onclick="installTheme(<?= htmlspecialchars(json_encode([
'id' => $theme['id'],
'display_name' => $theme['display_name'],
'description' => $theme['description'],
'author' => $theme['author'],
'version' => $theme['version'],
'download_url' => $theme['download_url'],
'colors' => $theme['colors'],
'tags' => $theme['tags'],
'vars' => $theme['vars'],
]), ENT_QUOTES, 'UTF-8') ?>)">
&#8659; Install Theme
</button>
<button class="btn btn-details"
onclick="openDetailsModal(<?= htmlspecialchars(json_encode([
'id' => $theme['id'],
'display_name' => $theme['display_name'],
'description' => $theme['description'],
'author' => $theme['author'],
'version' => $theme['version'],
'download_url' => $theme['download_url'],
'colors' => $theme['colors'],
'tags' => $theme['tags'],
'vars' => $theme['vars'],
]), ENT_QUOTES, 'UTF-8') ?>)">
Details
</button>
</div>
</div>
</div>
<?php endforeach; ?>
</div>
</div>
<!-- ── Details Modal ── -->
<div class="modal-backdrop" id="details-backdrop" onclick="closeDetailsOnBackdrop(event)">
<div class="details-modal" id="details-modal">
<div class="modal-preview-stripe" id="dm-stripe"></div>
<div class="modal-tabs">
<button class="modal-tab active" id="tab-details" onclick="switchTab('details')">
&#9998; Details
</button>
<button class="modal-tab" id="tab-preview" onclick="switchTab('preview')">
&#9654; Live Preview
</button>
</div>
<div class="modal-body">
<!-- Details panel -->
<div class="tab-panel active" id="panel-details">
<div class="details-panel">
<div class="modal-header">
<span class="modal-title" id="dm-title"></span>
<button class="modal-close" onclick="closeDetailsModal()">&#x2715;</button>
</div>
<div class="modal-meta" id="dm-meta"></div>
<p class="modal-desc" id="dm-desc"></p>
<div id="dm-colors-section">
<div class="section-label">Colour Palette</div>
<div class="colors-grid" id="dm-colors"></div>
</div>
<div class="section-label" style="margin-bottom:10px">Tags</div>
<div class="modal-tags" id="dm-tags"></div>
<div class="modal-actions">
<button class="btn-download-lg" id="dm-download" onclick="installCurrentTheme()">
&#8659; Install Theme
</button>
</div>
</div>
</div>
<!-- Preview panel -->
<div class="tab-panel" id="panel-preview" style="height:100%">
<div class="preview-panel" id="preview-panel-inner">
<div class="preview-toolbar">
<div class="preview-dot" style="background:#ff5f57"></div>
<div class="preview-dot" style="background:#febc2e"></div>
<div class="preview-dot" style="background:#28c840"></div>
<div class="preview-url" id="preview-url">localhost:5173 — with theme applied</div>
</div>
<div class="preview-iframe-wrap">
<div class="preview-loading" id="preview-loading">
<div class="spinner"></div>
<span>Loading preview&hellip;</span>
</div>
<iframe id="preview-iframe" title="Theme Preview" onload="iframeLoaded()"></iframe>
</div>
</div>
</div>
</div><!-- .modal-body -->
</div>
</div>
<!-- ── Upload Modal ── -->
<div class="modal-backdrop" id="upload-backdrop" onclick="closeUploadOnBackdrop(event)">
<div class="upload-modal">
<div class="upload-header">
<span class="upload-title">Upload Custom Theme</span>
<button class="modal-close" onclick="closeUploadModal()">&#x2715;</button>
</div>
<div class="upload-body">
<form method="post" action="<?= site_url('themes/upload') ?>" enctype="multipart/form-data">
<div class="field">
<label>Display Name *</label>
<input type="text" name="display_name" placeholder="e.g. Neon Sunset" required>
</div>
<div class="field">
<label>Description</label>
<textarea name="description" placeholder="Describe your theme's mood and colours…"></textarea>
</div>
<div class="field">
<label>CSS File *</label>
<div class="file-drop" id="file-drop">
<input type="file" name="theme_css" accept=".css" required onchange="previewFileName(this)">
<span class="file-drop-icon">&#128190;</span>
<div>Drop your <strong>.css</strong> file here<br>or <strong>click to browse</strong></div>
<div class="file-name-preview" id="file-name-preview"></div>
</div>
</div>
<button type="submit" class="btn-submit">&#x2191; Upload Theme</button>
</form>
</div>
</div>
</div>
<footer>
&copy; <?= date('Y') ?> Theme Store &mdash; All themes are free to use
</footer>
<script>
let currentThemeId = null;
let currentThemeVars = {};
let currentThemeData = null;
let previewLoaded = false;
/* ── Theme Installation ── */
function installTheme(theme) {
// Convert theme data to match Todo-App format
const themeData = {
name: theme.display_name,
description: theme.description,
preview: Object.values(theme.colors || {}).length ? Object.values(theme.colors) : ['#ffffff', '#f0f0f0', '#007acc'],
vars: theme.vars || {},
source: 'theme-store'
};
console.log('Installing theme:', themeData);
// Send install message to parent Todo-App
if (window.parent && window.parent !== window) {
window.parent.postMessage({
type: 'THEME_DOWNLOAD_REQUEST',
data: themeData
}, '*');
// Show success feedback
showInstallFeedback(theme.display_name);
} else {
// Fallback: redirect to the frontend with the theme data
const installUrl = "http://localhost:5173/#theme-install:" + encodeURIComponent(JSON.stringify(themeData));
window.location.href = installUrl;
}
}
function installCurrentTheme() {
if (currentThemeData) {
installTheme(currentThemeData);
}
}
function showInstallFeedback(themeName) {
// Create a temporary success message
const feedback = document.createElement('div');
feedback.className = 'install-feedback';
feedback.innerHTML = `✅ "${themeName}" is being installed...`;
feedback.style.cssText = `
position: fixed;
top: 20px;
right: 20px;
background: linear-gradient(135deg, #22c55e, #16a34a);
color: white;
padding: 12px 20px;
border-radius: 8px;
font-weight: 600;
z-index: 10000;
box-shadow: 0 4px 12px rgba(34, 197, 94, 0.3);
animation: slideIn 0.3s ease-out;
`;
document.body.appendChild(feedback);
// Remove after 3 seconds
setTimeout(() => {
feedback.style.animation = 'slideOut 0.3s ease-out';
setTimeout(() => {
document.body.removeChild(feedback);
}, 300);
}, 3000);
}
// Add animations
const style = document.createElement('style');
style.textContent = `
@keyframes slideIn {
from { transform: translateX(100%); opacity: 0; }
to { transform: translateX(0); opacity: 1; }
}
@keyframes slideOut {
from { transform: translateX(0); opacity: 1; }
to { transform: translateX(100%); opacity: 0; }
}
`;
document.head.appendChild(style);
/* ── Details modal ── */
function openDetailsModal(theme) {
currentThemeId = theme.id;
currentThemeVars = theme.vars || {};
currentThemeData = theme; // Store full theme data for installation
previewLoaded = false;
const colors = theme.colors || {};
const tags = theme.tags || [];
document.getElementById('dm-title').textContent = theme.display_name;
document.getElementById('dm-meta').textContent = 'by ' + theme.author + ' · v' + theme.version;
document.getElementById('dm-desc').textContent = theme.description;
document.getElementById('preview-url').textContent = 'localhost — ' + theme.display_name + ' applied';
// stripe
const stripe = document.getElementById('dm-stripe');
const colorValues = Object.values(colors);
stripe.innerHTML = colorValues.length
? colorValues.map(c => `<div class="swatch" style="background:${c}"></div>`).join('')
: '<div class="swatch" style="background:linear-gradient(135deg,#7c3aed,#f472b6)"></div>';
// colour chips
const colorsSection = document.getElementById('dm-colors-section');
const grid = document.getElementById('dm-colors');
if (Object.keys(colors).length) {
colorsSection.style.display = '';
grid.innerHTML = Object.entries(colors).map(([name, hex]) => `
<div class="color-chip">
<div class="color-chip-swatch" style="background:${hex}"></div>
<div class="color-chip-info">
<span class="color-chip-name">${name}</span>
<span class="color-chip-hex">${hex}</span>
</div>
</div>`).join('');
} else {
colorsSection.style.display = 'none';
}
// tags
document.getElementById('dm-tags').innerHTML =
tags.length ? tags.map(t => `<span class="tag">${t}</span>`).join('') : '<span style="color:#475569;font-size:0.82rem">No tags</span>';
// reset to details tab
switchTab('details');
document.getElementById('details-backdrop').classList.add('open');
document.body.style.overflow = 'hidden';
}
function closeDetailsModal() {
document.getElementById('details-backdrop').classList.remove('open');
document.getElementById('preview-iframe').src = '';
document.getElementById('preview-loading').style.display = 'flex';
currentThemeVars = {};
previewLoaded = false;
document.body.style.overflow = '';
}
function closeDetailsOnBackdrop(e) {
if (e.target === document.getElementById('details-backdrop')) closeDetailsModal();
}
/* ── Tabs ── */
function switchTab(name) {
document.querySelectorAll('.modal-tab').forEach(t => t.classList.remove('active'));
document.querySelectorAll('.tab-panel').forEach(p => p.classList.remove('active'));
document.getElementById('tab-' + name).classList.add('active');
document.getElementById('panel-' + name).classList.add('active');
if (name === 'preview') {
document.getElementById('preview-panel-inner').classList.add('active');
if (!previewLoaded && currentThemeId) {
document.getElementById('preview-loading').style.display = 'flex';
const themeData = {
name: currentThemeData.display_name,
vars: currentThemeVars
};
const encoded = btoa(JSON.stringify(themeData));
document.getElementById('preview-iframe').src = 'http://localhost:5173/?__theme_preview=' + encoded + '&__preview_mode=true';
}
} else {
document.getElementById('preview-panel-inner').classList.remove('active');
}
}
function iframeLoaded() {
previewLoaded = true;
document.getElementById('preview-loading').style.display = 'none';
}
/* ── Upload modal ── */
function openUploadModal() {
document.getElementById('upload-backdrop').classList.add('open');
document.body.style.overflow = 'hidden';
}
function closeUploadModal() {
document.getElementById('upload-backdrop').classList.remove('open');
document.body.style.overflow = '';
}
function closeUploadOnBackdrop(e) {
if (e.target === document.getElementById('upload-backdrop')) closeUploadModal();
}
function previewFileName(input) {
const el = document.getElementById('file-name-preview');
if (input.files && input.files[0]) {
el.textContent = '✓ ' + input.files[0].name;
el.style.display = 'block';
}
}
// Drag-over styling
const drop = document.getElementById('file-drop');
drop.addEventListener('dragover', () => drop.classList.add('drag-over'));
drop.addEventListener('dragleave', () => drop.classList.remove('drag-over'));
drop.addEventListener('drop', () => drop.classList.remove('drag-over'));
document.addEventListener('keydown', e => { if (e.key === 'Escape') { closeDetailsModal(); closeUploadModal(); } });
</script>
</body>
</html>

12
env.example
View File

@@ -30,13 +30,13 @@
# DATABASE
#--------------------------------------------------------------------
# database.default.hostname = localhost
# database.default.database = ci4
# database.default.username = root
# database.default.password = root
# database.default.DBDriver = MySQLi
database.default.hostname = localhost
database.default.database = ci4
database.default.username = root
database.default.password = root
database.default.DBDriver = MySQLi
# database.default.DBPrefix =
# database.default.port = 3306
database.default.port = 3306
# If you use MySQLi as tests, first update the values of Config\Database::$tests.
# database.tests.hostname = localhost

1
public/.htaccess
View File

@@ -30,7 +30,6 @@ Options -Indexes
# such as an image or css document, if this isn't true it sends the
# request to the front controller, index.php
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^([\s\S]*)$ index.php/$1 [L,NC,QSA]
# Ensure Authorization header is passed along

122
public/example_login.html Normal file
View File

@@ -0,0 +1,122 @@
<!DOCTYPE html>
<html>
<head>
<title>Login & Register</title>
</head>
<body>
<h1>Login</h1>
<form id="loginForm">
<div>
<label for="loginEmail">Email:</label>
<input type="email" id="loginEmail" name="email" required>
</div>
<br>
<div>
<label for="loginPassword">Password:</label>
<input type="password" id="loginPassword" name="password" required>
</div>
<br>
<button type="submit">Login</button>
</form>
<hr>
<h1>Register</h1>
<form id="registerForm">
<div>
<label for="regEmail">Email:</label>
<input type="email" id="regEmail" name="email" required>
</div>
<br>
<div>
<label for="regPassword">Password:</label>
<input type="password" id="regPassword" name="password" required>
</div>
<br>
<div>
<label for="regName">Name:</label>
<input type="text" id="regName" name="name" required>
</div>
<br>
<button type="submit">Register</button>
</form>
<h2>Response</h2>
<pre id="response"></pre>
<script>
document.getElementById('loginForm').addEventListener('submit', async function(e) {
e.preventDefault();
const email = document.getElementById('loginEmail').value;
const password = document.getElementById('loginPassword').value;
try {
const response = await fetch('http://localhost:8080/api/v1/auth/login', {
method: 'POST',
headers: {
'Content-Type': 'application/json',
},
body: JSON.stringify({
email: email,
password: password
})
});
const data = await response.json();
document.getElementById('response').textContent = JSON.stringify(data, null, 2);
if (data.success && data.data.api_key) {
localStorage.setItem('apiKey', data.data.api_key);
alert('API Key saved to localStorage: ' + data.data.api_key);
}
} catch (error) {
document.getElementById('response').textContent = 'Error: ' + error.message;
}
});
document.getElementById('registerForm').addEventListener('submit', async function(e) {
e.preventDefault();
const email = document.getElementById('regEmail').value;
const password = document.getElementById('regPassword').value;
const name = document.getElementById('regName').value;
try {
const response = await fetch('http://localhost:8080/api/v1/auth/register', {
method: 'POST',
headers: {
'Content-Type': 'application/json',
},
body: JSON.stringify({
email: email,
password: password,
name: name
})
});
const text = await response.text();
let data;
try {
data = JSON.parse(text);
} catch (e) {
data = { error: 'Invalid JSON response', raw: text, status: response.status, statusText: response.statusText };
}
if (!response.ok) {
data = { ...data, httpError: `HTTP ${response.status}: ${response.statusText}` };
}
document.getElementById('response').textContent = JSON.stringify(data, null, 2);
if (data.success && data.data.api_key) {
localStorage.setItem('apiKey', data.data.api_key);
alert('API Key saved to localStorage: ' + data.data.api_key);
}
} catch (error) {
document.getElementById('response').textContent = 'Error: ' + error.message;
}
});
</script>
</body>
</html>

38
public/themes/2341342134-1441f7.css Normal file
View File

File diff suppressed because one or more lines are too long

16
public/themes/arctic-frost.css Normal file
View File

@@ -0,0 +1,16 @@
/* Arctic Frost Theme — MinimalStudio v3.0.0 */
:root {
--color-primary: #2176AE;
--color-secondary: #57C4E5;
--color-background: #F8FBFF;
--color-surface: #FFFFFF;
--color-text: #1C2B3A;
--color-accent: #A8DADC;
}
body { background-color: var(--color-background); color: var(--color-text); font-family: system-ui, sans-serif; }
a, .link { color: var(--color-primary); }
.btn-primary { background: var(--color-primary); color: #fff; border: none; border-radius: 6px; padding: 8px 18px; cursor: pointer; }
.btn-primary:hover { background: var(--color-secondary); }
.card { background: var(--color-surface); border-radius: 10px; box-shadow: 0 1px 6px rgba(33,118,174,0.08); padding: 20px; border: 1px solid #DDE8F0; }
.tag { background: var(--color-accent); color: var(--color-text); border-radius: 4px; padding: 2px 8px; font-size: 0.75rem; }

38
public/themes/dine-mera-3652ad.css Normal file
View File

File diff suppressed because one or more lines are too long

37
public/themes/extract-test-theme-5fae6e.css Normal file
View File

@@ -0,0 +1,37 @@
/* @todo-theme-meta
{
"name": "Extract Test Theme",
"id": "custom-1778676985034",
"group": "Custom",
"preview": [
"#f5f5f5",
"#ffffff",
"#274f69"
],
"hasWallpaper": false
}
*/
:root {
--bg: #f5f5f5;
--surface: #ffffff;
--surface-strong: #ffffff;
--surface-muted: #fafafa;
--border: #d0d0d0;
--line: #b9b9b5;
--text: #1f1f1f;
--text-muted: #686866;
--text-strong: #111111;
--accent: #274f69;
--accent-text: #ffffff;
--accent-soft: #d6e4ec;
--sidebar-bg: #ffffff;
--sidebar-border: #d0d0d0;
--sidebar-text: #222222;
--sidebar-text-muted: #686866;
--input-bg: #ffffff;
--input-border: #cfcfcf;
--modal-bg: #ffffff;
--chip: #d8d8d8;
--success: #dff7e7;
}

16
public/themes/forest-grove.css Normal file
View File

@@ -0,0 +1,16 @@
/* Forest Grove Theme — NaturePalette v1.0.5 */
:root {
--color-primary: #2D6A4F;
--color-secondary: #52B788;
--color-background: #F0F7EE;
--color-surface: #FFFFFF;
--color-text: #1B2E22;
--color-accent: #B7E4C7;
}
body { background-color: var(--color-background); color: var(--color-text); font-family: system-ui, sans-serif; }
a, .link { color: var(--color-primary); }
.btn-primary { background: var(--color-primary); color: #fff; border: none; border-radius: 6px; padding: 8px 18px; cursor: pointer; }
.btn-primary:hover { background: var(--color-secondary); }
.card { background: var(--color-surface); border-radius: 10px; box-shadow: 0 2px 8px rgba(45,106,79,0.12); padding: 20px; }
.tag { background: var(--color-accent); color: var(--color-text); border-radius: 4px; padding: 2px 8px; font-size: 0.75rem; }

38
public/themes/manual-game-update-2-e1a77a.css Normal file
View File

File diff suppressed because one or more lines are too long

38
public/themes/manual-game-update-7cc79d.css Normal file
View File

File diff suppressed because one or more lines are too long

16
public/themes/midnight-void.css Normal file
View File

@@ -0,0 +1,16 @@
/* Midnight Void Theme — ThemeForge v2.0.1 */
:root {
--color-primary: #7C3AED;
--color-secondary: #A78BFA;
--color-background: #0D0D1A;
--color-surface: #1A1A2E;
--color-text: #E2E8F0;
--color-accent: #F472B6;
}
body { background-color: var(--color-background); color: var(--color-text); font-family: system-ui, sans-serif; }
a, .link { color: var(--color-secondary); }
.btn-primary { background: var(--color-primary); color: #fff; border: none; border-radius: 6px; padding: 8px 18px; cursor: pointer; }
.btn-primary:hover { background: var(--color-accent); }
.card { background: var(--color-surface); border-radius: 10px; box-shadow: 0 2px 16px rgba(124,58,237,0.25); padding: 20px; }
.tag { background: var(--color-accent); color: #0D0D1A; border-radius: 4px; padding: 2px 8px; font-size: 0.75rem; }

16
public/themes/obsidian-rose.css Normal file
View File

@@ -0,0 +1,16 @@
/* Obsidian Rose Theme — ChromaCraft v1.3.0 */
:root {
--color-primary: #C9184A;
--color-secondary: #FF4D6D;
--color-background: #0A0A0F;
--color-surface: #1C1C28;
--color-text: #F1E3E4;
--color-accent: #B5838D;
}
body { background-color: var(--color-background); color: var(--color-text); font-family: system-ui, sans-serif; }
a, .link { color: var(--color-secondary); }
.btn-primary { background: var(--color-primary); color: #fff; border: none; border-radius: 6px; padding: 8px 18px; cursor: pointer; }
.btn-primary:hover { background: var(--color-secondary); }
.card { background: var(--color-surface); border-radius: 10px; box-shadow: 0 2px 16px rgba(201,24,74,0.2); padding: 20px; }
.tag { background: var(--color-accent); color: #0A0A0F; border-radius: 4px; padding: 2px 8px; font-size: 0.75rem; }

16
public/themes/ocean-breeze.css Normal file
View File

@@ -0,0 +1,16 @@
/* Ocean Breeze Theme — ThemeForge v1.2.0 */
:root {
--color-primary: #0077B6;
--color-secondary: #00B4D8;
--color-background: #E0F4FF;
--color-surface: #FFFFFF;
--color-text: #1A2B3C;
--color-accent: #48CAE4;
}
body { background-color: var(--color-background); color: var(--color-text); font-family: system-ui, sans-serif; }
a, .link { color: var(--color-primary); }
.btn-primary { background: var(--color-primary); color: #fff; border: none; border-radius: 6px; padding: 8px 18px; cursor: pointer; }
.btn-primary:hover { background: var(--color-secondary); }
.card { background: var(--color-surface); border-radius: 10px; box-shadow: 0 2px 8px rgba(0,119,182,0.1); padding: 20px; }
.tag { background: var(--color-accent); color: var(--color-text); border-radius: 4px; padding: 2px 8px; font-size: 0.75rem; }

37
public/themes/red-extract-theme-a3aabe.css Normal file
View File

@@ -0,0 +1,37 @@
/* @todo-theme-meta
{
"name": "Red Extract Theme",
"id": "custom-1778677606575",
"group": "Custom",
"preview": [
"#f5f5f5",
"#ffffff",
"#274f69"
],
"hasWallpaper": false
}
*/
:root {
--bg: #f5f5f5;
--surface: #ffffff;
--surface-strong: #ffffff;
--surface-muted: #fafafa;
--border: #d0d0d0;
--line: #b9b9b5;
--text: #1f1f1f;
--text-muted: #686866;
--text-strong: #111111;
--accent: #274f69;
--accent-text: #ffffff;
--accent-soft: #d6e4ec;
--sidebar-bg: #ffffff;
--sidebar-border: #d0d0d0;
--sidebar-text: #222222;
--sidebar-text-muted: #686866;
--input-bg: #ffffff;
--input-border: #cfcfcf;
--modal-bg: #ffffff;
--chip: #d8d8d8;
--success: #dff7e7;
}

16
public/themes/sunset-ember.css Normal file
View File

@@ -0,0 +1,16 @@
/* Sunset Ember Theme — ChromaCraft v1.1.2 */
:root {
--color-primary: #D62828;
--color-secondary: #F77F00;
--color-background: #FFF5E4;
--color-surface: #FFFFFF;
--color-text: #2D1B00;
--color-accent: #FCBF49;
}
body { background-color: var(--color-background); color: var(--color-text); font-family: system-ui, sans-serif; }
a, .link { color: var(--color-primary); }
.btn-primary { background: var(--color-secondary); color: #fff; border: none; border-radius: 6px; padding: 8px 18px; cursor: pointer; }
.btn-primary:hover { background: var(--color-primary); }
.card { background: var(--color-surface); border-radius: 10px; box-shadow: 0 2px 8px rgba(214,40,40,0.1); padding: 20px; }
.tag { background: var(--color-accent); color: var(--color-text); border-radius: 4px; padding: 2px 8px; font-size: 0.75rem; }

37
public/themes/test-theme-103fb1.css Normal file
View File

@@ -0,0 +1,37 @@
/* @todo-theme-meta
{
"name": "Test Theme",
"id": "custom-1778671955013",
"group": "Custom",
"preview": [
"#f5f5f5",
"#ffffff",
"#274f69"
],
"hasWallpaper": false
}
*/
:root {
--bg: #f5f5f5;
--surface: #ffffff;
--surface-strong: #ffffff;
--surface-muted: #fafafa;
--border: #d0d0d0;
--line: #b9b9b5;
--text: #1f1f1f;
--text-muted: #686866;
--text-strong: #111111;
--accent: #274f69;
--accent-text: #ffffff;
--accent-soft: #d6e4ec;
--sidebar-bg: #ffffff;
--sidebar-border: #d0d0d0;
--sidebar-text: #222222;
--sidebar-text-muted: #686866;
--input-bg: #ffffff;
--input-border: #cfcfcf;
--modal-bg: #ffffff;
--chip: #d8d8d8;
--success: #dff7e7;
}

37
public/themes/test-theme-6fcabb.css Normal file
View File

@@ -0,0 +1,37 @@
/* @todo-theme-meta
{
"name": "Test Theme",
"id": "custom-1778671955013",
"group": "Custom",
"preview": [
"#f5f5f5",
"#ffffff",
"#274f69"
],
"hasWallpaper": false
}
*/
:root {
--bg: #f5f5f5;
--surface: #ffffff;
--surface-strong: #ffffff;
--surface-muted: #fafafa;
--border: #d0d0d0;
--line: #b9b9b5;
--text: #1f1f1f;
--text-muted: #686866;
--text-strong: #111111;
--accent: #274f69;
--accent-text: #ffffff;
--accent-soft: #d6e4ec;
--sidebar-bg: #ffffff;
--sidebar-border: #d0d0d0;
--sidebar-text: #222222;
--sidebar-text-muted: #686866;
--input-bg: #ffffff;
--input-border: #cfcfcf;
--modal-bg: #ffffff;
--chip: #d8d8d8;
--success: #dff7e7;
}

37
public/themes/themestore-theme-by-came-0da6fd.css Normal file
View File

@@ -0,0 +1,37 @@
/* @todo-theme-meta
{
"name": "THemestore theme by Came",
"id": "custom-1778674717129",
"group": "Custom",
"preview": [
"#17acde",
"#222020",
"#00bbff"
],
"hasWallpaper": false
}
*/
:root {
--bg: #17acde;
--surface: #222020;
--surface-strong: #2bc582;
--surface-muted: #38363a;
--border: #000000;
--line: #ffffff;
--text: #d12e57;
--text-muted: #2f84c1;
--text-strong: #ff0000;
--accent: #00bbff;
--accent-text: #570000;
--accent-soft: #005f85;
--sidebar-bg: #004370;
--sidebar-border: #2a5070;
--sidebar-text: #d8f0ff;
--sidebar-text-muted: #7ab0d0;
--input-bg: #ffffff;
--input-border: #a0cce0;
--modal-bg: #ffffff;
--chip: #b0d8ec;
--success: #d0f0e0;
}

38
public/themes/woiefhwoaeiglwejighfiwk-69eed7.css Normal file
View File

File diff suppressed because one or more lines are too long

1
public/todo-preview Symbolic link
View File

@@ -0,0 +1 @@
/home/came/Nextcloud/arch-work/Projects/Todo-App/dist

0
writable/.htaccess Normal file → Executable file
View File

0
writable/cache/index.html vendored Normal file → Executable file
View File

0
writable/debugbar/index.html Normal file → Executable file
View File

0
writable/index.html Normal file → Executable file
View File

0
writable/logs/index.html Normal file → Executable file
View File

0
writable/session/index.html Normal file → Executable file
View File

0
writable/uploads/index.html Normal file → Executable file
View File