Security classes have been implemented at the framework level, classes for RSA, AES, JWT and Security have been implemented, 2 filters have been implemented through middleware to validate Bearer JWT input and JWT Authorization.

Author: Sleon4

.env.example

@@ -0,0 +1,26 @@
+SERVER_URL="---"
+SERVER_URL_AUD="---"
+SERVER_TOKEN_TIME_EXP=0
+
+DB_HOST="---"
+DB_NAME="---"
+DB_USER="---"
+DB_PASSWORD="---"
+DB_CHARSET="---"
+
+MAIL_DEBUG=0
+MAIL_HOST="---"
+MAIL_PORT=0
+MAIL_EMAIL="---"
+MAIL_PASSWORD="---"
+MAIL_USER_NAME="---"
+
+RSA_PATH="---"
+RSA_PRIVATE_KEY_BITS=0
+RSA_DEFAULT_MD="---"
+
+JWT_DEFAULT_MD="---"
+
+AES_METHOD="---"
+AES_KEY="---"
+AES_IV="---"

.gitignore

@@ -1,4 +1,5 @@
 /vendor/
 /public/
 .env
-/app/Server/Secret/
+composer.lock
+/app/Server/

README.md

@@ -26,6 +26,16 @@ composer require lion-framework/lion-route
 composer require lion-framework/lion-mailer
 ```
 
+##### [PHRoute](https://github.com/mrjgreen/phroute)
+```powershell
+composer require phroute/phroute
+```
+
+##### [PHP-JWT](https://github.com/firebase/php-jwt)
+```powershell
+composer require firebase/php-jwt
+```
+
 ##### [Valitron](https://github.com/vlucas/valitron)
 ```powershell
 composer require vlucas/valitron
@@ -36,11 +46,6 @@ composer require vlucas/valitron
 composer require vlucas/phpdotenv
 ```
 
-##### [PHRoute](https://github.com/mrjgreen/phroute)
-```powershell
-composer require phroute/phroute
-```
-
 ##### [PHPMailer](https://github.com/PHPMailer/PHPMailer)
 ```powershell
 composer require phpmailer/phpmailer
@@ -51,7 +56,17 @@ composer require phpmailer/phpmailer
 composer require phpoffice/phpspreadsheet
 ```
 
+##### [PHPWord](https://github.com/PHPOffice/PHPWord)
+```powershell
+composer require phpoffice/phpword
+```
+
 ##### [Dompdf](https://github.com/dompdf/dompdf)
 ```powershell
 composer require dompdf/dompdf
+```
+
+##### [Carbon](https://github.com/briannesbitt/Carbon)
+```powershell
+composer require nesbot/carbon
 ```

app/Http/Controllers/Auth/DocumentTypesController.php

@@ -0,0 +1,29 @@
+<?php
+
+namespace App\Http\Controllers\Auth;
+
+use App\Http\Controllers\Controller;
+use App\Models\Auth\DocumentTypesModel;
+use App\Models\Class\DocumentTypes;
+
+class DocumentTypesController extends Controller {
+
+	private DocumentTypesModel $documentTypesModel;
+
+	public function __construct() {
+		$this->documentTypesModel = new DocumentTypesModel();
+	}
+
+	public function readDocumentTypes(): array {
+		$list = [];
+		foreach ($this->documentTypesModel->readDocumentTypesDB() as $key => $documentType) {
+			$list[$key] = new DocumentTypes(
+				$documentType['iddocument_types'],
+				$documentType['document_types_name']
+			);
+		}
+
+		return $list;
+	}
+
+}

app/Http/Controllers/Auth/LoginController.php

@@ -0,0 +1,41 @@
+<?php
+
+namespace App\Http\Controllers\Auth;
+
+use App\Http\Controllers\Controller;
+use App\Http\Functions\{ Security, AES, JWT, RSA };
+use App\Models\Class\{ Request, Login };
+use App\Models\Auth\LoginModel;
+
+class LoginController extends Controller {
+
+	private LoginModel $loginModel;
+	private Login $login;
+
+	public function __construct() {
+		$this->loginModel = new LoginModel();
+	}
+
+	public function auth(): Request {
+		$aesDec = AES::decode(self::$request, 'AES_KEY', 'AES_IV');
+
+		if (Security::validate((array) $aesDec, Login::getValidate('LoginController', 'auth'))) {
+			$this->login = new Login($aesDec->users_email, $aesDec->users_password);
+			$rsaDecode = RSA::decode((object) $this->loginModel->validateAccount($this->login));
+
+			if (Security::passwordVerify($this->login->getUsersPassword(), $rsaDecode->users_password)) {
+				$idusersDB = $this->loginModel->readUserDataDB($this->login);
+				$idusers = AES::encode((object) $idusersDB, 'AES_KEY', 'AES_IV');
+
+				return new Request('success', 'Autenticación exitosa.', [
+					'jwt' => JWT::encode((array) $idusers, $_ENV['SERVER_TOKEN_TIME_EXP'])
+				]);
+			} else {
+				return new Request('error', "El email/password no son correctos.");
+			}
+		} else {
+			return new Request('error', "Todos los campos deben cumplir sus requerimientos.");
+		}
+	}
+
+}

app/Http/Controllers/Auth/LogoutController.php

@@ -0,0 +1,13 @@
+<?php
+
+namespace App\Http\Controllers\Auth;
+
+use App\Http\Controllers\Controller;
+
+class LogoutController extends Controller {
+
+	public function __construct() {
+
+	}
+
+}

app/Http/Controllers/Auth/RegisterController.php

@@ -0,0 +1,45 @@
+<?php
+
+namespace App\Http\Controllers\Auth;
+
+use App\Http\Controllers\Controller;
+use App\Http\Functions\{ Security, AES, RSA };
+use App\Models\Auth\RegisterModel;
+use App\Models\Class\{ Request, Users, DocumentTypes };
+
+class RegisterController extends Controller {
+
+	private RegisterModel $registerModel;
+
+	public function __construct() {
+		$this->registerModel = new RegisterModel();
+	}
+
+	public function createUser() {
+		$aesDec = AES::decode(self::$request, 'AES_KEY', 'AES_IV');
+		$aesDec->iddocument_types = (int) $aesDec->iddocument_types;
+
+		if (Security::validate((array) $aesDec, Users::getValidate('RegisterController', 'createUser'))) {
+			$rsaEnc = RSA::encode((object) [
+				'users_password' => Security::passwordHash($aesDec->users_password),
+			]);
+
+			$users = new Users(null, $aesDec->users_email, $rsaEnc->users_password, $aesDec->users_name, $aesDec->users_last_name, $aesDec->users_document, new DocumentTypes($aesDec->iddocument_types), $aesDec->users_phone);
+
+			$columns = ['users_email' => $users->getUsersEmail(), 'users_document' => $users->getUsersDocument(), 'users_phone' => $users->getUsersPhone()];
+			foreach ($columns as $key => $column) {
+				$existence = $this->registerModel->validateUserExistenceDB($key, $column);
+				if ($existence['files'] != 0) {
+					return new Request('error', "Ya existe '{$column}' dentro del sistema.");
+					break;
+				}
+			}
+
+			$request_create = $this->registerModel->createUserDB($users);
+			return new Request($request_create['status'], $request_create['message']);
+		} else {
+			return new Request('error', "Todos los campos deben cumplir sus requerimientos.");
+		}
+	}
+
+}

app/Http/Controllers/Authentication/LoginController.php

@@ -2,11 +2,8 @@
 
 namespace App\Http\Controllers;
 
-use Valitron\Validator;
 use LionMailer\Mailer;
-use PHPMailer\PHPMailer\PHPMailer;
-use PHPMailer\PHPMailer\SMTP;
-use App\Http\Functions\Security;
+use PHPMailer\PHPMailer\{ PHPMailer, SMTP };
 
 class Controller {
 
@@ -33,17 +30,9 @@ public static function init(): void {
 		]);
 	}
 
-	public static function content(bool $option = true): void {
-		if ($option) {
-			self::$request = (object) ($_POST + $_FILES + $_GET + $_SESSION + $_ENV);
-		} else {
-			self::$request = (object) json_decode(file_get_contents("php://input"), true);
-		}
-	}
-
-	public static function validate(Validator $validator, array $rules) {
-		$validator->rules($rules);
-		return $validator->validate();
+	public static function content(): void {
+		$content = json_decode(file_get_contents("php://input"), true);
+		self::$request = $content === null ? (object) ($_POST + $_FILES + $_GET) : (object) $content;
 	}
 
 }

app/Http/Controllers/Controller.php

@@ -0,0 +1,18 @@
+<?php
+
+namespace App\Http\Controllers;
+
+use App\Http\Controllers\Controller;
+use App\Models\Class\Request;
+
+class HomeController extends Controller {
+
+	public function __construct() {
+
+	}
+
+	public function index(): Request {
+		return new Request('warning', 'Page not found. [index]');
+	}
+
+}

app/Http/Controllers/HomeController.php

@@ -0,0 +1,20 @@
+<?php
+
+namespace App\Http\Controllers\Users;
+
+use App\Http\Controllers\Controller;
+use App\Models\Class\Request;
+
+class ProfileController extends Controller {
+
+	public function __construct() {
+
+	}
+
+	public function info() {
+		return new Request('success', 'Authorize', [
+			'info' => self::$request
+		]);
+	}
+
+}

app/Http/Controllers/Users/ProfileController.php

@@ -0,0 +1,35 @@
+<?php
+
+namespace App\Http\Functions;
+
+class AES {
+
+	public function __construct() {
+
+	}
+
+	public static function encode(object $files, string $select_key, string $select_iv): object {
+		$data_list = [];
+
+		foreach ($files as $key => $file) {
+			$data_list[$key] = base64_encode(
+				openssl_encrypt($file, $_ENV['AES_METHOD'], md5($_ENV[$select_key]), OPENSSL_RAW_DATA, $_ENV[$select_iv])
+			);
+		}
+
+		return (object) $data_list;
+	}
+
+	public static function decode(object $files, string $select_key, string $select_iv): object {
+		$data_list = [];
+
+		foreach ($files as $key => $file) {
+			$data_list[$key] = openssl_decrypt(
+				base64_decode($file), $_ENV['AES_METHOD'], md5($_ENV[$select_key]), OPENSSL_RAW_DATA, $_ENV[$select_iv]
+			);
+		}
+
+		return (object) $data_list;
+	}
+
+}

app/Http/Functions/AES.php

@@ -2,21 +2,17 @@
 
 namespace App\Http\Functions;
 
-use PhpOffice\PhpSpreadsheet\Spreadsheet;
+use PhpOffice\PhpSpreadsheet\{ Spreadsheet, IOFactory };
+use PhpOffice\PhpSpreadsheet\Worksheet\{ Worksheet, Drawing };
+use PhpOffice\PhpSpreadsheet\Style\{ Fill, Color };
 use PhpOffice\PhpSpreadsheet\Writer\Xlsx;
-use PhpOffice\PhpSpreadsheet\IOFactory;
 use PhpOffice\PhpSpreadsheet\Reader\Xls;
-use PhpOffice\PhpSpreadsheet\Worksheet\Worksheet;
-use PhpOffice\PhpSpreadsheet\Style\Fill;
-use PhpOffice\PhpSpreadsheet\Style\Color;
-use PhpOffice\PhpSpreadsheet\Worksheet\Drawing;
 use App\Http\Functions\Files;
 
-
 class Excel {
 
-	private static Spreadsheet $spreadsheet;
-	private static Worksheet $worksheet;
+	private static ?Spreadsheet $spreadsheet = null;
+	private static ?Worksheet $worksheet = null;
 	private static array $list_push = [];
 
 	public function __construct() {