view = $view; $this->auth = $auth; } protected function json(Response $response, $data, int $status = 200): Response { $response->getBody()->write(json_encode($data)); return $response ->withHeader('Content-Type', 'application/json') ->withStatus($status); } protected function jsonResponse(Response $response, $data, int $status = 200): Response { return $this->json($response, $data, $status); } protected function withRedirect(Response $response, string $url): Response { return $response->withStatus(302)->withHeader('Location', $url); } protected function generateCSRFToken(): string { if ($this->auth && method_exists($this->auth, 'generateCSRFToken')) { return $this->auth->generateCSRFToken(); } // Fallback for when auth service is not available if (!isset($_SESSION['csrf_token'])) { $_SESSION['csrf_token'] = bin2hex(random_bytes(32)); } return $_SESSION['csrf_token']; } protected function verifyCSRFToken(string $token): bool { if ($this->auth && method_exists($this->auth, 'verifyCSRFToken')) { return $this->auth->verifyCSRFToken($token); } // Fallback for when auth service is not available return isset($_SESSION['csrf_token']) && $_SESSION['csrf_token'] === $token; } protected function getRoutePath(string $routeName, array $data = [], array $queryParams = []): string { // Simple implementation matching the path_for function in templates $basePath = ''; // Handle common route patterns switch ($routeName) { case 'home': $basePath = '/'; break; case 'games.index': $basePath = '/media/games'; break; case 'games.show': $basePath = '/media/games/' . ($data['game_key'] ?? ''); break; case 'movies.index': $basePath = '/media/movies'; break; case 'tvshows.index': $basePath = '/media/tv-shows'; break; case 'music.index': $basePath = '/media/music'; break; case 'admin.index': $basePath = '/admin'; break; case 'admin.playnite.import': $basePath = '/admin/playnite/import'; break; case 'admin.playnite.upload': $basePath = '/admin/playnite/import'; break; case 'admin.settings': $basePath = '/admin/settings'; break; case 'admin.sources': $basePath = '/admin/sources'; break; case 'admin.sync': $basePath = '/admin/sync/' . ($data['id'] ?? ''); break; case 'auth.login': $basePath = '/login'; break; case 'auth.logout': $basePath = '/logout'; break; case 'movies.show': $basePath = '/media/movies/' . ($data['id'] ?? ''); break; case 'tvshows.show': $basePath = '/media/tv-shows/' . ($data['id'] ?? ''); break; case 'music.show': $basePath = '/media/music/' . ($data['id'] ?? ''); break; case 'adult.index': $basePath = '/media/adult'; break; case 'adult.show': $basePath = '/media/adult/' . ($data['id'] ?? ''); break; case 'actors.index': $basePath = '/media/actors'; break; case 'actors.show': $basePath = '/media/actors/' . ($data['id'] ?? ''); break; case 'search.index': $basePath = '/search'; break; default: $basePath = '/' . str_replace('.', '/', $routeName); } // Add query parameters if (!empty($queryParams)) { $basePath .= '?' . http_build_query($queryParams); } return $basePath; } }