From 9c2e6690070294bb80bcb656cd70c01f8f4c5616 Mon Sep 17 00:00:00 2001
From: Alexander Jason <alexanderjason526@gmail.com>
Date: Fri, 17 Nov 2023 09:37:01 +0700
Subject: [PATCH] feat: add controller to authorize check collection

---
 app/controllers/PremiumController.php | 46 +++++++++++++++++++++++----
 1 file changed, 40 insertions(+), 6 deletions(-)

diff --git a/app/controllers/PremiumController.php b/app/controllers/PremiumController.php
index a3cda80..95dcbbc 100644
--- a/app/controllers/PremiumController.php
+++ b/app/controllers/PremiumController.php
@@ -10,16 +10,50 @@ class PremiumController extends Controller implements ControllerInterface
     // TODO: PARAMS ROUTING
     public function index()
     {
+        if (!isset($_SESSION['username'])) {
+            http_response_code(301);
+            header("Location: /user/login", true, 301);
+            exit;
+        }
         $premiumView = $this->view('premium', 'PremiumView');
         $premiumView->render();
     }
-    public function detail()
-    {
-        $premiumView = $this->view('premium', 'CollectionDetailView');
-        $premiumView->render();
+    public function detail($params = null){
+        if (!isset($_SESSION['username'])) {
+            http_response_code(301);
+            header("Location: /user/login", true, 301);
+            exit;
+        }
+        try {
+            switch ($_SERVER['REQUEST_METHOD']) {
+                case 'GET':
+                    $collectionId = (int)$params;
+                    // User
+                    if(isset($_SESSION['username'])){
+                        $userData = $this->model('UserModel');
+                        $user = $userData->getUserByUsername($_SESSION['username']);
+                        $username = $user['username'];
+                        $nav = ['username'=>$username];
+                    }else{
+                        $nav = ['username'=>null];
+                    }
+                    $premiumView = $this->view('premium', 'CollectionDetailView', array_merge($nav, ['collectionId'=>$collectionId]));
+                    $premiumView->render();
+                    break;
+                default:
+                    throw new RequestException('Method Not Allowed', 405);
+            }
+        } catch (Exception $e) {
+             http_response_code($e->getCode());
+             exit;
+        }          
     }
-    public function book()
-    {
+    public function book($params=null){
+        if (!isset($_SESSION['username'])) {
+            http_response_code(301);
+            header("Location: /user/login", true, 301);
+            exit;
+        }
         $premiumView = $this->view('premium', 'PremiumBookDetailView');
         $premiumView->render();
     }
-- 
GitLab