Merge pull request #4 from Expringsoft/prerelease

chore: release 1.0.0

.gitignore

@@ -8,4 +8,11 @@ App/Logs/Warnings/*.log
 App/Logs/Errors/*.log
 
 # Ignore .json test results files in App/Tests/Results
-App/Tests/Results/*.json
+App/Tests/Results/*.json
+
+# Ignore .cache files in App/Cache
+App/Cache/*.cache
+
+# Ignore files stored in Files/ except for .htaccess.
+Files/*
+!Files/.htaccess

.htaccess

@@ -1,39 +1,36 @@
 <IfModule mod_deflate.c>
-AddOutputFilterByType DEFLATE application/javascript
-AddOutputFilterByType DEFLATE application/x-javascript
-AddOutputFilterByType DEFLATE application/json
-AddOutputFilterByType DEFLATE application/x-json
-AddOutputFilterByType DEFLATE application/rss+xml
-AddOutputFilterByType DEFLATE application/vnd.ms-fontobject
-AddOutputFilterByType DEFLATE application/x-font
-AddOutputFilterByType DEFLATE application/x-font-opentype
-AddOutputFilterByType DEFLATE application/x-font-otf
-AddOutputFilterByType DEFLATE application/x-font-truetype
-AddOutputFilterByType DEFLATE application/x-font-ttf
-AddOutputFilterByType DEFLATE application/x-javascript
-AddOutputFilterByType DEFLATE application/xhtml+xml
-AddOutputFilterByType DEFLATE application/xml
-AddOutputFilterByType DEFLATE font/opentype
-AddOutputFilterByType DEFLATE font/otf
-AddOutputFilterByType DEFLATE font/ttf
-AddOutputFilterByType DEFLATE image/svg+xml
-AddOutputFilterByType DEFLATE image/x-icon
-AddOutputFilterByType DEFLATE text/css
-AddOutputFilterByType DEFLATE text/html
-AddOutputFilterByType DEFLATE text/javascript
-AddOutputFilterByType DEFLATE text/plain
-AddOutputFilterByType DEFLATE text/xml
+    AddOutputFilterByType DEFLATE application/javascript
+    AddOutputFilterByType DEFLATE application/x-javascript
+    AddOutputFilterByType DEFLATE application/json
+    AddOutputFilterByType DEFLATE application/x-json
+    AddOutputFilterByType DEFLATE application/rss+xml
+    AddOutputFilterByType DEFLATE application/vnd.ms-fontobject
+    AddOutputFilterByType DEFLATE application/x-font
+    AddOutputFilterByType DEFLATE application/x-font-opentype
+    AddOutputFilterByType DEFLATE application/x-font-otf
+    AddOutputFilterByType DEFLATE application/x-font-truetype
+    AddOutputFilterByType DEFLATE application/x-font-ttf
+    AddOutputFilterByType DEFLATE application/x-javascript
+    AddOutputFilterByType DEFLATE application/xhtml+xml
+    AddOutputFilterByType DEFLATE application/xml
+    AddOutputFilterByType DEFLATE font/opentype
+    AddOutputFilterByType DEFLATE font/otf
+    AddOutputFilterByType DEFLATE font/ttf
+    AddOutputFilterByType DEFLATE image/svg+xml
+    AddOutputFilterByType DEFLATE image/x-icon
+    AddOutputFilterByType DEFLATE text/css
+    AddOutputFilterByType DEFLATE text/html
+    AddOutputFilterByType DEFLATE text/javascript
+    AddOutputFilterByType DEFLATE text/plain
+    AddOutputFilterByType DEFLATE text/xml
 </IfModule>
 
 Options -Indexes
 RewriteEngine On
 
 <IfModule mod_rewrite.c>
-    RewriteCond %{REQUEST_FILENAME} -s [OR]
-    RewriteCond %{REQUEST_FILENAME} -l [OR]
-    RewriteCond %{REQUEST_FILENAME} -d
-    RewriteRule ^(?!(Resources\/)).*$ - [NC,L]
-    RewriteRule ^(?!(Resources\/)).*$ index.php [NC,L]
+    RewriteCond %{REQUEST_URI} !^/Resources/
+    RewriteRule ^.*$ index.php [NC,L]
 
     RewriteCond %{QUERY_STRING} !version=latest
     RewriteRule \.(css|js|json|jpg|jpeg|webp|png|gif|svg|bmp|tiff|jfif|ico|sfw|woff|ttf|otf)$ - [E=SET_CACHE_HEADER:1]
@@ -43,6 +40,26 @@ RewriteEngine On
 </IfModule>
 
 <IfModule mod_headers.c>
+    Header set X-Frame-Options "DENY"
     Header set Cache-Control "max-age=86000, public" env=SET_CACHE_HEADER
     Header set Cache-Control "no-cache" env=NO_CACHE_HEADER
+</IfModule>
+
+<IfModule security2_module>
+    SecRuleEngine On
+    SecRequestBodyAccess On
+    SecResponseBodyAccess On
+    SecRequestBodyLimit 104857600
+    SecRequestBodyNoFilesLimit 1048576
+    SecRequestBodyInMemoryLimit 1048576
+    SecResponseBodyLimit 524288
+    SecResponseBodyLimitAction ProcessPartial
+    IncludeOptional /etc/modsecurity/*.conf
+
+    # OWASP CRS
+    Include /usr/share/modsecurity-crs/*.conf
+    Include /usr/share/modsecurity-crs/rules/*.conf
+
+    # Custom rules
+    SecRule REQUEST_HEADERS:Content-Length "@gt 104857600" "phase:1,deny,status:413,msg:'Payload too large'"
 </IfModule>

App/Controllers/Index/Home.php

@@ -22,4 +22,10 @@ public static function getModuleChannel(): Channels
 	{
 		return self::getParentModule()::getChannel();
 	}
+
+	public function favicon()
+	{
+		$this->setHeader('Content-Type', 'image/x-icon');
+		echo file_get_contents('Resources/Images/favicon.ico');
+	}
 }

App/Core/Application/App.php

@@ -9,8 +9,10 @@
 use App\Core\Server\Logger;
 use App\Core\Server\Router;
 use App\Core\Server\Session;
-use App\Modules\Index\APIs_Module;
-use App\Modules\Index\Index_Module;
+use DirectoryIterator;
+use ReflectionClass;
+use ReflectionException;
+use Exception;
 
 /**
  * The main application class responsible for initializing the application and handling exceptions.
@@ -48,12 +50,77 @@ private function init()
 	}
 
 	/**
-	 * Loads the modules by registering their routes.
+	 * Loads modules from the App/Modules directory.
 	 */
 	private function loadModules()
 	{
-		Index_Module::registerRoutes();
-		APIs_Module::registerRoutes();
+		$this->loadModulesFromDirectory('App/Modules');
+	}
+
+	/**
+	 * Recursively loads modules from a directory and registers their routes.
+	 *
+	 * @param string $directory The directory to load modules from.
+	 */
+	private function loadModulesFromDirectory($directory)
+	{
+		$iterator = new DirectoryIterator($directory);
+		foreach ($iterator as $fileinfo) {
+			if ($fileinfo->isDot()) {
+				continue;
+			}
+			if ($fileinfo->isDir()) {
+				$this->loadModulesFromDirectory($fileinfo->getPathname());
+			} elseif ($fileinfo->isFile() && $fileinfo->getExtension() === 'php') {
+				$this->registerModuleRoutes($fileinfo->getPathname());
+			}
+		}
+	}
+
+	/**
+	 * Registers the routes for a module.
+	 *
+	 * @param string $filePath The file path of the module.
+	 */
+	private function registerModuleRoutes($filePath)
+	{
+		$className = $this->getClassNameFromFilePath($filePath);
+		if (class_exists($className)) {
+			try {
+				$reflectionClass = new ReflectionClass($className);
+				if ($reflectionClass->hasMethod('registerRoutes')) {
+					$reflectionClass->getMethod('registerRoutes')->invoke(null);
+				} else {
+					Logger::LogError(self::class, "Method 'registerRoutes' not found in Module $className");
+				}
+			} catch (ReflectionException $e) {
+				Logger::LogError(self::class, "Reflection error: " . $e->getMessage());
+			} catch (Exception $e) {
+				Logger::LogError(self::class, "Error invoking 'registerRoutes' in Module $className: " . $e->getMessage());
+			}
+		} else {
+			Logger::LogError(self::class, "Module $className not found");
+		}
+	}
+
+	/**
+	 * Converts a file path to a fully qualified class name.
+	 *
+	 * @param string $filePath The file path.
+	 * @return string The fully qualified class name.
+	 */
+	private function getClassNameFromFilePath($filePath)
+	{
+		// Get the relative path of the file
+		$relativePath = str_replace([realpath(__DIR__ . '/../../Modules') . DIRECTORY_SEPARATOR, '.php'], '', realpath($filePath));
+
+		// Replace directory separators with namespace separators
+		$relativePath = str_replace(DIRECTORY_SEPARATOR, '\\', $relativePath);
+
+		// Build the fully qualified class name
+		$className = 'App\\Modules\\' . $relativePath;
+
+		return $className;
 	}
 
 	/**

App/Core/Application/Configuration.php

@@ -34,7 +34,7 @@ class Configuration
     /**
      * The name of environment variable which stores encryption key for the application.
      */
-    public const ENV_CRYPTOGRAPHY_KEY_NAME = "GUSI-FRAMEWORK-ENCRYPTION-KEY";
+    public const ENV_CRYPTOGRAPHY_KEY_NAME = "GUSI_FRAMEWORK_ENCRYPTION_KEY";
 
     /**
      * Enable or disable debug mode.
@@ -72,7 +72,7 @@ class Configuration
     public const AUTOLOG_EXCEPTIONS = true;
 
     /**
-     * Automatically log exceptions.
+     * Automatically log errors.
      */
     public const AUTOLOG_ERRORS = true;
 
@@ -85,4 +85,93 @@ class Configuration
      * Log language errors.
      */
     public const LOG_LANGUAGE_ERRORS = true;
+
+
+
+    #region Storage configuration
+
+    /**
+     * The maximum disk space that the application can use in gigabytes.
+     */
+    public const APP_STORAGE_USAGE_CAP_GB = 20;
+
+    /**
+     * The minimum disk space that must be available in gigabytes.
+     */
+    public const MINIMUM_DISK_SPACE_GB = 1;
+
+    /**
+     * The maximum upload size in megabytes.
+     * This value should be less than or equal to the value set in the php.ini file.
+     */
+    public const MAX_UPLOAD_SIZE_MB = 100;
+
+    /**
+     * The root folder for all stored files.
+     */
+    public const APP_STORAGE_FOLDER = "Files/";
+
+    #endregion
+
+    #region Cache configuration
+
+    /**
+     * The cache directory.
+     */
+    const CACHE_FOLDER = "App/Cache/";
+
+    /**
+     * The cache file extension.
+     */
+    const CACHE_FILE_EXTENSION = ".cache";
+
+    /**
+     * The maximum cache size in megabytes.
+     */
+    const MAX_CACHE_SIZE_MB = 25;
+
+    #endregion
+
+    #region Database configuration
+
+    /**
+     * The database host.
+     */
+    public const DB_HOST = "localhost";
+
+    /**
+     * The database port.
+     */
+    public const DB_PORT = 3306;
+
+    /**
+     * The database name.
+     */
+    public const DB_NAME = "gusi-framework";
+
+    /**
+     * The database charset.
+     */
+    public const DB_CHARSET = "utf8mb4";
+
+    /**
+     * The database user environment variable.
+     */
+    public const DB_USER_ENV_VAR = "GUSI_FRAMEWORK_DB_USER";
+
+    /**
+     * The database password environment variable.
+     */
+    public const DB_PASSWORD_ENV_VAR = "GUSI_FRAMEWORK_DB_PASSWORD";
+
+    #endregion
+
+    #region Resource configuration
+
+    /**
+     * The path to the resources folder.
+     */
+    public const RESOURCES_PATH = "Resources/";
+
+    #endregion
 }

App/Core/Framework/Abstracts/Controller.php

@@ -11,6 +11,7 @@
 use App\Core\Server\Logger;
 use InvalidArgumentException;
 use PDOException;
+
 abstract class Controller extends Channel implements Controllable
 {
 	private $View;

App/Core/Framework/Security/Cryptography.php

@@ -12,7 +12,6 @@ final class Cryptography
 {
 
 	protected $isAvailable = false;
-	protected const PARTIAL_KEY = "dW5kZWZpbmVk";
 	protected const CIPHER_METHOD = 'aes-256-gcm';
 	protected const TAG_LENGTH = 16;
 
@@ -80,21 +79,18 @@ public function decrypt($data)
 	 * Generates or retrieves the encryption key.
 	 *
 	 * @return string The encryption key.
-	 * @throws CryptographyException If the OpenSSL extension is not available.
+	 * @throws CryptographyException If the OpenSSL extension is not available or the encryption key is not defined.
 	 */
 	protected function getEncryptionKey()
 	{
 		$this->validateAvailability();
 
-		// Check if an encryption key is defined as an environment variable
 		$envKey = getenv(Configuration::ENV_CRYPTOGRAPHY_KEY_NAME);
 		if ($envKey !== false) {
 			return $envKey;
+		} else {
+			throw new CryptographyException('Encryption key not defined.');
 		}
-
-		// If no environment variable is defined, generate the key
-		$fingerprint = [php_uname(), hash('sha256', filectime('/')), phpversion(), base64_decode(self::PARTIAL_KEY)];
-		return hash('sha256', implode('@', $fingerprint));
 	}
 
 	/**

App/Core/Server/Actions.php

@@ -107,17 +107,17 @@ public static function getRootURL()
 
 	public static function printScript($NombreArchivo)
 	{
-		return Configuration::APP_ROOT_PATH . self::getRootURL() . 'Resources/Scripts/' . $NombreArchivo . SharedConsts::STR_VERSION_PARAM . Configuration::APP_VERSION;
+		return Configuration::APP_ROOT_PATH . self::getRootURL() . Configuration::RESOURCES_PATH . 'Scripts/' . $NombreArchivo . SharedConsts::STR_VERSION_PARAM . Configuration::APP_VERSION;
 	}
 
 	public static function printCSS($NombreArchivo)
 	{
-		return Configuration::APP_ROOT_PATH . self::getRootURL() . 'Resources/Styles/' . $NombreArchivo . SharedConsts::STR_VERSION_PARAM . Configuration::APP_VERSION;
+		return Configuration::APP_ROOT_PATH . self::getRootURL() . Configuration::RESOURCES_PATH . 'Styles/' . $NombreArchivo . SharedConsts::STR_VERSION_PARAM . Configuration::APP_VERSION;
 	}
 
 	public static function printResource($Route, $printVersion = false)
 	{
-		return Configuration::APP_ROOT_PATH . self::getRootURL() . 'Resources/' . $Route . ($printVersion ? SharedConsts::STR_VERSION_PARAM . Configuration::APP_VERSION : "");
+		return Configuration::APP_ROOT_PATH . self::getRootURL() . Configuration::RESOURCES_PATH . $Route . ($printVersion ? SharedConsts::STR_VERSION_PARAM . Configuration::APP_VERSION : "");
 	}
 
 	public static function printFile($Route, $printVersion = false)