Corrects CORS setup to allow login cookie to be set

api/bootstrap.php

@@ -30,4 +30,10 @@ function env(string $key): mixed {
 defined('YII_DEBUG') or define('YII_DEBUG', filter_var(env('YII_DEBUG') ?? false, FILTER_VALIDATE_BOOLEAN));
 defined('YII_ENV') or define('YII_ENV', env('YII_ENV') ?? 'prod');
 
+if (YII_ENV === 'dev') {
+    ini_set('display_errors', '1');
+    ini_set('display_startup_errors', '1');
+    error_reporting(E_ALL);
+}
+
 require __DIR__ . '/vendor/yiisoft/yii2/Yii.php';

api/commands/PokemonImportController.php

@@ -46,8 +46,13 @@ public function actionFetch(): int
             foreach ($data['results'] as $pokemon) {
                 try {
                     $species = new PokemonSpecies();
+                    $url = $pokemon['url'];
+                    $imageId = basename($url);
+
                     $species->name = $pokemon['name'];
-                    $species->url = $pokemon['url'];
+                    $species->url = $url;
+                    $species->image =  'https://raw.githubusercontent.com/PokeAPI/sprites/master/sprites/pokemon/other/dream-world/' . $imageId . '.svg';
+
                     if (!$species->save()) {
                         $this->stderr($pokemon['name'] . " (FAILED): " . json_encode($species->errors, JSON_THROW_ON_ERROR) . "\n");
                     } else {

api/config/web.php

@@ -1,5 +1,7 @@
 <?php
 
+use yii\web\JsonParser;
+
 use yii\debug\Module;
 use yii\rest\UrlRule;
 use yii\log\FileTarget;
@@ -18,16 +20,22 @@
         '@npm'   => '@vendor/npm-asset',
     ],
     'components' => [
+        'response' => [
+            'format' => \yii\web\Response::FORMAT_JSON,
+        ],
         'request' => [
             // !!! insert a secret key in the following (if it is empty) - this is required by cookie validation
             'cookieValidationKey' => 'my-secret-key',
+            'enableCsrfCookie' => false,
+            'enableCsrfValidation' => false,
+            'parsers' => ['application/json' => JsonParser::class],
         ],
         'cache' => [
             'class' => FileCache::class,
         ],
         'user' => [
             'identityClass' => User::class,
-            'enableAutoLogin' => true,
+            'loginUrl' => null,
         ],
         'mailer' => [
             'class' => \yii\symfonymailer\Mailer::class,
@@ -40,8 +48,19 @@
             'targets' => [
                 [
                     'class' => FileTarget::class,
+                    'logFile' => '@runtime/logs/error.log',
                     'levels' => ['error', 'warning'],
                 ],
+                [
+                    'class' => FileTarget::class,
+                    'logFile' => '@runtime/logs/info.log',
+                    'levels' => ['info'],
+                ],
+                [
+                    'class' => FileTarget::class,
+                    'logFile' => '@runtime/logs/debug.log',
+                    'levels' => ['trace'],
+                ],
             ],
         ],
         'db' => $db,

api/controllers/AuthController.php

@@ -0,0 +1,88 @@
+<?php
+
+namespace app\controllers;
+
+use app\models\forms\LoginForm;
+use app\models\User;
+use app\rest\Controller;
+use Yii;
+use yii\base\InvalidConfigException;
+use yii\helpers\ArrayHelper;
+use yii\web\BadRequestHttpException;
+use yii\web\ServerErrorHttpException;
+
+/**
+ * Controller for handling authentication operations (login, logout).
+ */
+class AuthController extends Controller
+{
+    /**
+     * Creates a new user session for the user, and logs them in to
+     * the application.
+     *
+     * @return ?LoginForm Return form if it fails validation, otherwise null
+     * @throws InvalidConfigException Body param parser not setup
+     * @throws ServerErrorHttpException Failed to login user | User no longer exists
+     * @throws BadRequestHttpException Request body is malformed
+     */
+    public function actionLogin(): ?LoginForm
+    {
+        $loginForm = new LoginForm();
+        $isCorrectBody = $loginForm->load(Yii::$app->request->getBodyParams(), '');
+
+        if (!$isCorrectBody)
+        {
+            throw new BadRequestHttpException('Request body is malformed');
+        }
+
+        $isValid = $loginForm->validate();
+
+        if (!$isValid)
+        {
+            return $loginForm;
+        }
+
+        $user = User::find()->where([
+            'username' => $loginForm->username
+        ])->one();
+
+        if (!$user)
+        {
+            throw new ServerErrorHttpException('User no longer exists');
+        }
+
+        $isLoggedIn = Yii::$app->user->login($user);
+
+        if (!$isLoggedIn)
+        {
+            throw new ServerErrorHttpException('Failed to login user');
+        }
+
+        return null;
+    }
+
+    public function behaviors(): array
+    {
+        return ArrayHelper::merge(parent::behaviors(), [
+            'authenticator' => [
+                'except' => ['login']
+            ]
+        ]);
+    }
+
+    /**
+     * Destroys a user session, and logs the user out of the application.
+     *
+     * @return null
+     * @throws ServerErrorHttpException Failed to log out user
+     */
+    public function actionLogout(): null
+    {
+        $isLoggedOut = Yii::$app->user->logout();
+        if (!$isLoggedOut)
+        {
+            throw new ServerErrorHttpException('Failed to log out user');
+        }
+        return null;
+    }
+}

api/controllers/BoxesController.php

@@ -18,4 +18,15 @@ class BoxesController extends ActiveController
      * @var string The model class associated with this controller.
      */
     public $modelClass = Box::class;
+
+    /**
+     * Returns the total number of boxes belonging to this user
+     *
+     * @param int $userId
+     * @return int
+     */
+    public function actionUsersCount(int $userId): int
+    {
+        return $this->modelClass::find()->where(['user_id' => $userId])->count();
+    }
 }

api/controllers/CategoriesController.php

@@ -3,6 +3,7 @@
 namespace app\controllers;
 
 use app\models\Category;
+use app\models\Team;
 use app\rest\ActiveController;
 
 /**
@@ -18,4 +19,38 @@ class CategoriesController extends ActiveController
      * @var string The model class associated with this controller.
      */
     public $modelClass = Category::class;
+    public string $teamClass = Team::class;
+
+    /**
+     * Returns the total number of categories belonging to this user
+     *
+     * @param int $userId
+     * @return int
+     */
+    public function actionUsersCount(int $userId): int // todo: move this to UsersController
+    {
+        return $this->modelClass::find()->where(['user_id' => $userId])->count();
+    }
+
+    /**
+     * Returns the total number of teams in this category
+     *
+     * @param int $categoryId
+     * @return int
+     */
+    public function actionTeamsCount(int $categoryId): int
+    {
+        return $this->teamClass::find()->where(['category_id' => $categoryId])->count();
+    }
+
+    /**
+     * Returns the teams in this category
+     *
+     * @param int $categoryId
+     * @return array
+     */
+    public function actionTeamsIndex(int $categoryId): array
+    {
+        return $this->teamClass::find()->where(['category_id' => $categoryId])->all();
+    }
 }

api/controllers/HealthController.php

@@ -3,8 +3,10 @@
 namespace app\controllers;
 
 use Yii;
+use yii\filters\AccessControl;
 use yii\filters\Cors;
 use app\rest\Controller;
+use yii\helpers\ArrayHelper;
 use yii\web\Response;
 
 /**
@@ -14,6 +16,22 @@
  */
 class HealthController extends Controller
 {
+    // todo: make a second version that doesnt require login
+    public function behaviors(): array
+    {
+        return ArrayHelper::merge(parent::behaviors(), [
+            'access' => [
+                'class' => AccessControl::class,
+                'rules' => [
+                    [
+                        'roles' => ['@'],
+                        'allow' => true,
+                    ],
+                ],
+            ],
+        ]);
+    }
+
     /**
      * Simple server health check.
      *

api/controllers/PokemonInstancesController.php

@@ -3,7 +3,7 @@
 namespace app\controllers;
 
 use app\models\PokemonInstance;
-use yii\rest\ActiveController;
+use app\rest\ActiveController;
 
 /**
  * Class PokemonInstancesController
@@ -12,7 +12,7 @@
  *
  * @see PokemonInstance
  */
-class PokemonInstancesController extends activeController
+class PokemonInstancesController extends ActiveController
 {
     /**
      * @var string The model class associated with this controller.

api/controllers/PokemonSpeciesController.php

@@ -3,7 +3,8 @@
 namespace app\controllers;
 
 use app\models\PokemonSpecies;
-use yii\rest\ActiveController;
+use app\rest\ActiveController;
+use yii\helpers\ArrayHelper;
 
 /**
  * Class PokemonSpeciesController
@@ -18,4 +19,23 @@ class PokemonSpeciesController extends ActiveController
      * @var string The model class associated with this controller.
      */
     public $modelClass = PokemonSpecies::class;
+
+    /**
+     * {@inheritdoc}
+     */
+    public function actions(): array
+    {
+        return ArrayHelper::merge(parent::actions(), [
+            'index' => [
+                'pagination' => [
+                    'pageSizeLimit' => [1,10000],
+                ]
+            ]
+        ]);
+    }
+
+    public function actionCount(): int
+    {
+        return $this->modelClass::find()->count();
+    }
 }

api/controllers/TeamsController.php

@@ -2,9 +2,12 @@
 
 namespace app\controllers;
 
+use app\models\PokemonInstance;
+use app\models\PokemonSpecies;
 use app\models\Team;
 use app\rest\ActiveController;
 use Yii;
+use yii\db\ActiveQuery;
 
 /**
  * Class TeamsController
@@ -19,4 +22,41 @@ class TeamsController extends ActiveController
      * @var string The model class associated with this controller.
      */
     public $modelClass = Team::class;
+    public string $pokemonInstanceClass = PokemonInstance::class;
+    public string $pokemonSpeciesClass = PokemonSpecies::class;
+
+    /**
+     * Returns the total number of teams belonging to a user
+     *
+     * @param int $userId
+     * @return int
+     */
+    public function actionUsersCount(int $userId): int // todo: move this to UsersController
+    {
+        return $this->modelClass::find()->where(['user_id' => $userId])->count();
+    }
+
+    /**
+     * Returns the teams within a category
+     *
+     * @param int $categoryId
+     * @return array
+     */
+    public function actionCategoryView(int $categoryId): array
+    {
+        return $this->modelClass::find()->where(['category_id' => $categoryId])->all();
+    }
+
+    /**
+     * Returns the pokemon instances + species within a team
+     *
+     * @param int $teamId
+     * @return array
+     */
+    public function actionPokemonIndex(int $teamId): array // todo: fix me
+    {
+        $instances = $this->pokemonInstanceClass::find()->where(['team_id' => $teamId])->all();
+        $species = array_map(fn($instance) => $this->pokemonSpeciesClass::find()->where(['id' => $instance->pokemon_species_id])->one(), $instances);
+        return ['instances' => $instances, 'species' => $species];
+    }
 }

api/controllers/UsersController.php

@@ -2,6 +2,7 @@
 
 namespace app\controllers;
 
+use app\models\forms\SignupForm;
 use app\rest\ActiveController;
 use app\models\User;
 
@@ -18,4 +19,13 @@ class UsersController extends ActiveController
      * @var string The model class associated with this controller.
      */
     public $modelClass = User::class;
+
+    public function actions(): array
+    {
+        $actions = parent::actions();
+
+        $actions['create']['modelClass'] = SignupForm::class;
+
+        return $actions;
+    }
 }