5 місяців тому · cb5ebd5061
--- a/README.md
+++ b/README.md
@@ -1,12 +1,12 @@
 
				 # setup
			
 
				 
			
 
				-1. run ```./setup```
			
 
				+1. run ```./bin/setup```
			
 
				 
			
 
				-2. run ```compose install```
			
 
				+2. run ```composer install```
			
 
				 
			
 
				 3. run ```php -S localhost:8000 -t public```
			
 
				 
			
 
				-4. on another terminal run ```curl -X POST http://localhost:8000/register -H "Content-Type: application/json" -d '{"username":"du","password":"du123456"}'```
			
 
				+4. on another terminal run ```curl -X POST http://localhost:8000/register -H "Content-Type: application/json" -d '{"username":"du","email":"teste@email.com", "password":"du123456", "company_id":1, "role_id":1}'```
			
 
				 
			
 
				 5. on the other terminal run ```./bin/testgetjwt```
			
 
				 
			
--- a/bin/setup
+++ b/bin/setup
@@ -3,42 +3,15 @@
 
				 # Nome do arquivo do banco de dados
			
 
				 DB_FILE="test.db"
			
 
				 
			
 
				+cat migrations/migrations_v1.sql | sqlite3 "$DB_FILE"
			
 
				+
			
 
				 # Executa comandos SQL no SQLite
			
 
				 sqlite3 "$DB_FILE" <<EOF
			
 
				--- Cria tabela 'user' se não existir, com coluna 'user_password'
			
 
				-CREATE TABLE IF NOT EXISTS user (
			
 
				-    user_id INTEGER PRIMARY KEY AUTOINCREMENT,
			
 
				-    user_name TEXT NOT NULL,
			
 
				-    user_flag TEXT NOT NULL,
			
 
				-    user_password TEXT NOT NULL  -- Nova coluna para senha hasheada
			
 
				-);
			
 
				-
			
 
				--- Cria tabela 'api_key' se não existir
			
 
				-CREATE TABLE IF NOT EXISTS api_key (
			
 
				-    api_key_id INTEGER PRIMARY KEY AUTOINCREMENT,
			
 
				-    user_id INTEGER NOT NULL,
			
 
				-    api_key_user TEXT NOT NULL,
			
 
				-    api_key_secret TEXT NOT NULL,
			
 
				-    FOREIGN KEY (user_id) REFERENCES user(user_id)
			
 
				-);
			
 
				-
			
 
				--- Insere usuário de exemplo ('admin') com senha hasheada se não existir
			
 
				--- Hash de 'pass' (gere com user_password_hash em PHP e substitua)
			
 
				-INSERT OR IGNORE INTO user (user_name, user_flag, user_password) VALUES ('admin', 'a', '\$2y\$10\$K.0XhB3kXjZfZfZfZfZfZfZfZfZfZfZfZfZfZfZfZfZfZfZfZfZ');
			
 
				 
			
 
				--- Insere chave API para o usuário 'admin' se não existir
			
 
				-INSERT OR IGNORE INTO api_key (user_id, api_key_user, api_key_secret)
			
 
				-SELECT user_id, 'myapikey', 'myapisecret' FROM user WHERE user_name = 'admin';
			
 
				+INSERT OR IGNORE INTO company (company_name, company_flag) VALUES ('Ferlin', 'a');
			
 
				 
			
 
				--- Opcional: Insere mais um usuário de teste com senha hasheada
			
 
				--- Hash de 'testpass' (substitua pelo real)
			
 
				-INSERT OR IGNORE INTO user (user_name, user_flag, user_password) VALUES ('testuser', 'a', '\$2y\$10\$AnotherHashHereForTestPass');
			
 
				-INSERT OR IGNORE INTO api_key (user_id, api_key_user, api_key_secret)
			
 
				-SELECT user_id, 'testapikey', 'testapisecret' FROM user WHERE user_name = 'testuser';
			
 
				+INSERT OR IGNORE INTO role (role_name, role_permission, role_flag, company_id) VALUES ('admin', 'all', 'a', 1);
			
 
				 
			
 
				--- Exibe os dados inseridos para verificação (sem mostrar hash real por segurança)
			
 
				-SELECT user_id, user_name, user_flag FROM user;
			
 
				-SELECT * FROM api_key;
			
 
				 EOF
			
 
				 
			
 
				 echo "Banco de dados '$DB_FILE' criado e populado com sucesso! Senhas estão hasheadas."
			
--- a/bin/testhmac
+++ b/bin/testhmac
@@ -2,9 +2,9 @@
 
				 
			
 
				 # Configurações da API e dados do usuário (do test.db)
			
 
				 API_URL="http://localhost:8000/hmachelloworld"  # Ajuste a porta se necessário (ex: 8080)
			
 
				-API_USER="admin"
			
 
				-API_KEY="myapikey"
			
 
				-API_SECRET="myapisecret"
			
 
				+API_USER="du"
			
 
				+API_KEY="1d747c12b371babd86d560a57937d3e7"
			
 
				+API_SECRET="684d02af140a99edd4ce0bdeb568f4efb256d38f92112b7c4dee3089ec74c3f1"
			
 
				 
			
 
				 # Gera nonce (timestamp atual em segundos)
			
 
				 NONCE=$(date +%s)
			
--- a/controllers/RegisterController.php
+++ b/controllers/RegisterController.php
@@ -11,8 +11,12 @@ class RegisterController
 
				     public function __invoke(ServerRequestInterface $request)
			
 
				     {
			
 
				         $body = json_decode((string) $request->getBody(), true);
			
 
				-        $username = $body['username'] ?? '';
			
 
				-        $password = $body['password'] ?? '';
			
 
				+        $username = $body['username'];
			
 
				+        $password = $body['password'];
			
 
				+        $email = $body['email'];
			
 
				+        $company_id = (int) $body['company_id'];
			
 
				+        $role_id = (int) $body['role_id'];
			
 
				+
			
 
				 
			
 
				         if (empty($username) || empty($password)) {
			
 
				             return ResponseLib::sendFail("Missing username or password", [], "E_VALIDATE")->withStatus(400);
			
@@ -24,7 +28,7 @@ class RegisterController
 
				         }
			
 
				 
			
 
				         $userModel = new UserModel();
			
 
				-        $userData = $userModel->createUser($username, $password);
			
 
				+        $userData = $userModel->createUser($username, $email, $password, $company_id, $role_id);
			
 
				 
			
 
				         if (!$userData) {
			
 
				             return ResponseLib::sendFail("Username already exists or creation failed", [], "E_VALIDATE")->withStatus(400);
			
--- a/migrations/migrations_v1.sql
+++ b/migrations/migrations_v1.sql
@@ -1,16 +1,115 @@
 
				-PRAGMA foreign_keys=ON;
			
 
				-
			
 
				-CREATE TABLE user (
			
 
				-    user_id INTEGER PRIMARY KEY AUTOINCREMENT,
			
 
				-    user_name TEXT NOT NULL,
			
 
				-    user_flag TEXT NOT NULL,
			
 
				-    user_password TEXT NOT NULL  -- Nova coluna para senha hasheada
			
 
				-);
			
 
				-
			
 
				-CREATE TABLE api_key (
			
 
				-    api_key_id INTEGER PRIMARY KEY AUTOINCREMENT,
			
 
				-    user_id INTEGER NOT NULL,
			
 
				-    api_key_user TEXT NOT NULL,
			
 
				-    api_key_secret TEXT NOT NULL,
			
 
				-    FOREIGN KEY (user_id) REFERENCES user(user_id)
			
 
				+CREATE TABLE "company" (

			
 
				+    "company_id" INTEGER PRIMARY KEY AUTOINCREMENT,

			
 
				+    "company_name" TEXT NOT NULL,

			
 
				+    "company_flag" TEXT NOT NULL

			
 
				+);

			
 
				+

			
 
				+CREATE TABLE "role" (

			
 
				+    "role_id" INTEGER PRIMARY KEY AUTOINCREMENT,

			
 
				+    "company_id" INTEGER NOT NULL,

			
 
				+    "role_name" TEXT NOT NULL,

			
 
				+    "role_permission" TEXT NOT NULL,

			
 
				+    "role_flag" TEXT NOT NULL,

			
 
				+    FOREIGN KEY ("company_id") REFERENCES "company" ("company_id")

			
 
				+);

			
 
				+

			
 
				+CREATE TABLE "status" (

			
 
				+    "status_id" INTEGER PRIMARY KEY AUTOINCREMENT,

			
 
				+    "status_status" TEXT NOT NULL

			
 
				+);

			
 
				+

			
 
				+CREATE TABLE "user" (

			
 
				+    "user_id" INTEGER PRIMARY KEY AUTOINCREMENT,

			
 
				+    "user_name" TEXT NOT NULL,

			
 
				+    "user_email" TEXT NOT NULL UNIQUE,

			
 
				+    "user_password" TEXT NOT NULL,

			
 
				+    "company_id" INTEGER NOT NULL,

			
 
				+    "role_id" INTEGER NOT NULL,

			
 
				+    "user_flag" TEXT NOT NULL,

			
 
				+    FOREIGN KEY ("company_id") REFERENCES "company" ("company_id"),

			
 
				+    FOREIGN KEY ("role_id") REFERENCES "role" ("role_id")

			
 
				+);

			
 
				+

			
 
				+CREATE TABLE "table" (

			
 
				+    "table_id" INTEGER PRIMARY KEY AUTOINCREMENT,

			
 
				+    "company_id" INTEGER NOT NULL,

			
 
				+    "table_number" TEXT NOT NULL,

			
 
				+    "status_id" INTEGER NOT NULL,

			
 
				+    "table_flag" TEXT NOT NULL,

			
 
				+    FOREIGN KEY ("status_id") REFERENCES "status" ("status_id"),

			
 
				+    FOREIGN KEY ("company_id") REFERENCES "company" ("company_id")

			
 
				+);

			
 
				+

			
 
				+CREATE TABLE "category" (

			
 
				+    "category_id" INTEGER PRIMARY KEY AUTOINCREMENT,

			
 
				+    "company_id" INTEGER NOT NULL,

			
 
				+    "category_name" TEXT NOT NULL,

			
 
				+    "category_is_kitchen" BOOLEAN NOT NULL,

			
 
				+    "category_flag" TEXT NOT NULL,

			
 
				+    FOREIGN KEY ("company_id") REFERENCES "company" ("company_id")

			
 
				+);

			
 
				+

			
 
				+CREATE TABLE "product" (

			
 
				+    "product_id" INTEGER PRIMARY KEY AUTOINCREMENT,

			
 
				+    "company_id" INTEGER NOT NULL,

			
 
				+    "category_id" INTEGER NOT NULL,

			
 
				+    "product_name" TEXT NOT NULL,

			
 
				+    "product_price" TEXT NOT NULL,

			
 
				+    "product_flag" TEXT NOT NULL,    

			
 
				+    FOREIGN KEY ("category_id") REFERENCES "category" ("category_id"),

			
 
				+    FOREIGN KEY ("company_id") REFERENCES "company" ("company_id")

			
 
				+);

			
 
				+

			
 
				+CREATE TABLE "order" (

			
 
				+    "order_id" INTEGER PRIMARY KEY AUTOINCREMENT,

			
 
				+    "table_id" INTEGER NOT NULL,

			
 
				+    "user_id" INTEGER NOT NULL,

			
 
				+    "company_id" INTEGER NOT NULL,

			
 
				+    "order_name" TEXT NOT NULL,

			
 
				+    "order_phone" TEXT NOT NULL,

			
 
				+    "status_id" INTEGER NOT NULL,

			
 
				+    "order_created_at" TEXT NOT NULL,

			
 
				+    "order_flag" TEXT NOT NULL,

			
 
				+    FOREIGN KEY ("table_id") REFERENCES "table" ("table_id"),

			
 
				+    FOREIGN KEY ("user_id") REFERENCES "user" ("user_id"),

			
 
				+    FOREIGN KEY ("company_id") REFERENCES "company" ("company_id"),

			
 
				+    FOREIGN KEY ("status_id") REFERENCES "status" ("status_id")

			
 
				+);

			
 
				+

			
 
				+CREATE TABLE "order_item" (

			
 
				+    "order_item_id" INTEGER PRIMARY KEY AUTOINCREMENT,

			
 
				+    "order_id" INTEGER NOT NULL,

			
 
				+    "product_id" INTEGER NOT NULL,

			
 
				+    FOREIGN KEY ("order_id") REFERENCES "order" ("order_id"),

			
 
				+    FOREIGN KEY ("product_id") REFERENCES "product" ("product_id")

			
 
				+);

			
 
				+

			
 
				+CREATE TABLE "sale" (

			
 
				+    "sale_id" INTEGER PRIMARY KEY AUTOINCREMENT,

			
 
				+    "company_id" INTEGER NOT NULL,

			
 
				+    "order_id" INTEGER NOT NULL,

			
 
				+    "product_id" INTEGER NOT NULL,

			
 
				+    "sale_total" TEXT NOT NULL,

			
 
				+    "sale_created_at" TEXT NOT NULL,

			
 
				+    "sale_flag" TEXT NOT NULL,

			
 
				+    FOREIGN KEY ("order_id") REFERENCES "order" ("order_id"),

			
 
				+    FOREIGN KEY ("product_id") REFERENCES "product" ("product_id"),

			
 
				+    FOREIGN KEY ("company_id") REFERENCES "company" ("company_id")

			
 
				+);

			
 
				+

			
 
				+CREATE TABLE "fee" (

			
 
				+    "fee_id" INTEGER PRIMARY KEY AUTOINCREMENT,

			
 
				+    "company_id" INTEGER NOT NULL,

			
 
				+    "fee_fixed" TEXT NOT NULL,

			
 
				+    "fee_perc" TEXT NOT NULL,

			
 
				+    "fee_flag" TEXT NOT NULL,

			
 
				+    FOREIGN KEY ("company_id") REFERENCES "company" ("company_id")

			
 
				+);

			
 
				+

			
 
				+CREATE TABLE api_key (

			
 
				+    api_key_id INTEGER PRIMARY KEY AUTOINCREMENT,

			
 
				+    user_id INTEGER NOT NULL,

			
 
				+    api_key_user TEXT NOT NULL,

			
 
				+    api_key_secret TEXT NOT NULL,

			
 
				+    FOREIGN KEY (user_id) REFERENCES user(user_id)

			
 
				 );
			
--- a/models/UserModel.php
+++ b/models/UserModel.php
@@ -44,7 +44,7 @@ class UserModel
 
				      * @param string $flag Default 'a' para ativo
			
 
				      * @return array|bool Dados do usuário criado (incluindo api_key) ou false em erro
			
 
				      */
			
 
				-    public function createUser(string $username, string $password, string $flag = 'a')
			
 
				+    public function createUser(string $username, string $email, string $password, int $company_id, int $role_id, string $flag = 'a')
			
 
				     {
			
 
				         // Verifica se username já existe
			
 
				         $stmt = $this->pdo->prepare("SELECT user_id FROM user WHERE user_name = :username");
			
@@ -56,8 +56,8 @@ class UserModel
 
				         $hash = password_hash($password, PASSWORD_DEFAULT);
			
 
				 
			
 
				         // Insere usuário
			
 
				-        $stmt = $this->pdo->prepare("INSERT INTO user (user_name, user_flag, user_password) VALUES (:username, :flag, :hash)");
			
 
				-        if (!$stmt->execute(['username' => $username, 'flag' => $flag, 'hash' => $hash])) {
			
 
				+        $stmt = $this->pdo->prepare("INSERT INTO user (user_name, user_email, user_flag, user_password, company_id, role_id) VALUES (:username, :email, :flag, :hash, :company_id, :role_id)");
			
 
				+        if (!$stmt->execute(['username' => $username, 'email' => $email, 'flag' => $flag, 'hash' => $hash, 'company_id' => $company_id, 'role_id' => $role_id])) {
			
 
				             return false;
			
 
				         }