Skip to main content

Overview

The DashboardController manages the main dashboard interface that users see after successful authentication. It serves as the central hub for authenticated users to access various features of the Apartado de Salas system. Location: app/controllers/DashboardController.php

Methods

index()

Displays the main dashboard view. Requires user authentication.
return
void
Renders the dashboard view
Route Mapping: 
GET /dashboard -> DashboardController::index()
Method Signature: 
public function index(): void
Implementation: 
Auth::requireLogin();

require_once dirname(__DIR__) . '/views/dashboard/index.php';
This method requires an active user session. Unauthenticated users will be redirected to the login page by the Auth::requireLogin() helper.

Access Control

Authentication Requirement

All dashboard routes require authentication: 
Auth::requireLogin();
Behavior:
  • If authenticated: Dashboard view is rendered
  • If not authenticated: User is redirected to /login

Route Details

GET /dashboard

Controller: DashboardController
Method: index()
Authentication: Required
Authorization: Any authenticated user Flow:
  1. User navigates to /dashboard
  2. Auth::requireLogin() verifies active session
  3. If valid session exists, dashboard view is loaded
  4. If no valid session, redirect to /login

Dashboard Features

The dashboard typically provides access to:
  • View their own reservations
  • Create new reservations
  • Check reservation status
  • Access room availability

Dependencies

require_once dirname(__DIR__) . '/Helpers/Session.php';
require_once dirname(__DIR__) . '/Helpers/Auth.php';
Required Classes:
  • Session - Helper for session management
  • Auth - Helper for authentication verification

Usage Flow

Typical User Journey

Code Example: Redirect After Login

// From AuthController::login()
if ($authResult) {
    Session::create($authResult);
    
    // Redirect to dashboard after successful login
    header('Location: ' . BASE_URL . '/dashboard');
    exit;
}

Code Example: Protected Dashboard Access

// From DashboardController::index()
public function index(): void
{
    // Verify user is logged in
    Auth::requireLogin();
    
    // If execution reaches here, user is authenticated
    // Load the dashboard view
    require_once dirname(__DIR__) . '/views/dashboard/index.php';
}

Session Data Available

When the dashboard loads, the following session data is typically available: 
$_SESSION['user'] = [
    'id' => 1,
    'username' => 'john_doe',
    'role' => 'admin',  // or 'user'
    'email' => '[email protected]',
    // ... other user fields
];
Accessing Session Data in Views: 
// Get current user's name
$username = $_SESSION['user']['username'] ?? 'Guest';

// Check if user is admin
$isAdmin = ($_SESSION['user']['role'] ?? '') === 'admin';

// Get user ID for queries
$userId = $_SESSION['user']['id'] ?? null;

Integration Points

The dashboard serves as the central navigation hub, linking to:

Reservation Management

// Create new reservation
GET /reservations/create -> ReservationController::create()

// View user's reservations
GET /reservations/mine -> ReservationController::mine()

Admin Functions (if user has admin role)

// View all reservations
GET /reservations -> ReservationController::index()

// View specific reservation details
GET /reservations/show?id={id} -> ReservationController::show()

Authentication

// Logout
GET /logout -> AuthController::logout()

Security Considerations

The dashboard controller implements minimal business logic by design. All authentication and authorization checks are delegated to the Auth helper class, following the single responsibility principle.
Security Features:
  1. Session Verification
    • Every request checks for active session via Auth::requireLogin()
    • Invalid or expired sessions redirect to login
  2. Role-Based Access
    • Dashboard adapts content based on user role
    • Admin-only features are hidden from regular users
  3. No Direct Database Access
    • Dashboard controller doesn’t query database directly
    • All data fetching delegated to appropriate models/controllers

Example Dashboard View Structure

<!-- views/dashboard/index.php -->
<?php
$user = $_SESSION['user'] ?? null;
$isAdmin = ($user['role'] ?? '') === 'admin';
?>

<div class="dashboard">
    <h1>Bienvenido, <?= htmlspecialchars($user['username']) ?></h1>
    
    <nav>
        <a href="<?= BASE_URL ?>/reservations/create">Nueva Reservación</a>
        <a href="<?= BASE_URL ?>/reservations/mine">Mis Reservaciones</a>
        
        <?php if ($isAdmin): ?>
            <a href="<?= BASE_URL ?>/reservations">Todas las Reservaciones</a>
        <?php endif; ?>
        
        <a href="<?= BASE_URL ?>/logout">Cerrar Sesión</a>
    </nav>
    
    <!-- Dashboard content -->
</div>

Build docs developers (and LLMs) love

Get started for freeTalk to us