Initial commit of the Asset Management System, including project structure, Docker configuration, database migrations, and core application files. Added user authentication, asset management features, and basic UI components.

app/Middleware/AdminMiddleware.php

@@ -0,0 +1,27 @@
+<?php
+
+namespace App\Middleware;
+
+use App\Core\Request;
+use App\Core\Response;
+use App\Core\Session;
+
+class AdminMiddleware
+{
+    public function handle(Request $request, Response $response): void
+    {
+        $session = new Session();
+        
+        // First check if user is logged in
+        if (!$session->isLoggedIn()) {
+            $session->flash('error', 'Bitte melden Sie sich an, um fortzufahren.');
+            $response->redirect('/login')->send();
+        }
+
+        // Check if user has admin role
+        if (!$session->isAdmin()) {
+            $session->flash('error', 'Sie haben keine Berechtigung für diese Aktion.');
+            $response->redirect('/dashboard')->send();
+        }
+    }
+}

app/Middleware/AuthMiddleware.php

@@ -0,0 +1,31 @@
+<?php
+
+namespace App\Middleware;
+
+use App\Core\Request;
+use App\Core\Response;
+use App\Core\Session;
+
+class AuthMiddleware
+{
+    public function handle(Request $request, Response $response): void
+    {
+        $session = new Session();
+        
+        // Check if user is logged in
+        if (!$session->isLoggedIn()) {
+            $session->flash('error', 'Bitte melden Sie sich an, um fortzufahren.');
+            $response->redirect('/login')->send();
+        }
+
+        // Check if session is expired
+        if ($session->isExpired()) {
+            $session->logout();
+            $session->flash('error', 'Ihre Sitzung ist abgelaufen. Bitte melden Sie sich erneut an.');
+            $response->redirect('/login')->send();
+        }
+
+        // Update last activity
+        $session->setLastActivity();
+    }
+}

app/Middleware/CsrfMiddleware.php

@@ -0,0 +1,34 @@
+<?php
+
+namespace App\Middleware;
+
+use App\Core\Request;
+use App\Core\Response;
+use App\Core\Session;
+
+class CsrfMiddleware
+{
+    public function handle(Request $request, Response $response): void
+    {
+        $session = new Session();
+        
+        // Skip CSRF check for GET requests
+        if ($request->getMethod() === 'GET') {
+            return;
+        }
+
+        // Get CSRF token from request
+        $token = $request->post('csrf_token') ?: $request->getHeader('X-CSRF-TOKEN');
+        
+        if (!$token) {
+            $session->flash('error', 'CSRF-Token fehlt.');
+            $response->redirect('/dashboard')->send();
+        }
+
+        // Validate CSRF token
+        if (!$session->validateCsrfToken($token)) {
+            $session->flash('error', 'Ungültiger CSRF-Token.');
+            $response->redirect('/dashboard')->send();
+        }
+    }
+}