mince/src/WhitelistRoutes.php

<?php
namespace Mince;

use Index\Routing\IRouter;
use Index\Security\CSRFP;

class WhitelistRoutes {
    public function __construct(
        private Whitelist $whitelist,
        private CSRFP $csrfp,
        private object $userInfo
    ) {}

    public function register(IRouter $router): void {
        $router->use('/whitelist', [$this, 'verifyRequest']);
        $router->post('/whitelist/add', [$this, 'postAdd']);
        $router->post('/whitelist/remove', [$this, 'postRemove']);
    }

    public function verifyRequest($response, $request) {
        if(!$request->isFormContent()) {
            $response->redirect('/?error=request');
            return true;
        }

        $body = $request->getContent();

        if(!$body->hasParam('csrfp') || !$this->csrfp->verifyToken((string)$body->getParam('csrfp'))) {
            $response->redirect('/?error=verify');
            return true;
        }
    }

    public function postAdd($response, $request) {
        if($this->userInfo->user_id == 45) {
            $response->redirect('/?error=itainthappenin');
            return true;
        }

        $body = $request->getContent();
        $name = (string)$body->getParam('name');
        $resp = $this->whitelist->add($this->userInfo, $name);

        if($resp === '')
            $response->redirect('/');
        else {
            if($resp === 'invalid')
                $name = '';
            $response->redirect("/?error={$resp}&name={$name}");
        }
    }

    public function postRemove($response) {
        $resp = $this->whitelist->remove($this->userInfo);

        if($resp === '')
            $response->redirect('/');
        else
            $response->redirect("/?error={$resp}");
    }
}