Context: I'm developing a turn-based game that requires client-server communication. The client uses RESTful requests via HTTPS and the server uses JSON responses. I'm not using REST because I need to expose the API, but because the REST paradigm was comfortable to get the client/server interaction sorted out. The server is to be written in PHP.
To help me out with routing the REST requests I've been searching for a useful routing library. There are a staggering amount of them available, but I have difficulties finding one that fits my specific needs. My problem is this: a player should only be allowed to follow certain routes if certain conditions are met. Obviously I can check if the conditions are met in the method that is called after a route match, but this seems an error-prone approach because conditions are the same for many routes. It would be much simpler to first do a partial match, then decide some conditions must be met to follow more specific routes under the partial match.
To illustrate, there are 4 levels of 'authentication' in the game:
- Not authenticated
- Authenticated as {id} (we know which player it is)
- Authenticated as {id} and participant in session {sesid}
- Authenticated as {id}, participant in session {sesid}, AND it's the player's turn
Assume for now that authentication happens in the background. Routes you can follow on each level, progressively:
LEVEL 1:
- POST \Players- sign up
LEVEL 2:
- PUT \Players\{id} - change profile
- GET \Players\{id}\Sessions - get list of sessions
- POST \Players\{id}\Sessions - create session
- POST\Players\{id}\Inventory - buy items
- PUT \Players\{id}\Invites\{sesid} - join invitation for session
- DELETE \Players\{id}\Invites\{sesid} - decline invitation for session
LEVEL 3:
- GET \Players\{id}\Sessions\{sesid} - get session state
- DELETE \Players{id}\Sessions\{sesid} - cancel session
LEVEL 4:
- PUT \Players\{id}\Sessions\{sesid}\... - set several session state parameters
So I wish to be check a few parameters up front before matching the next set of routes. I've spent quite some Google and Packagist time finding a suitable routing package (I've looked at the docs for Klein, Zend, PHP-Router, Fat_free, Slim, TORO, Aura, FlightPHP, Phalcon, FuelPHP to name but a few) but almost all libraries require that you define routes up front and find a single match in one go - sometimes allowing you to set an order, and sometimes going from most specific to least specific, but mostly executing only one route.
I would be somewhat helped if I could do a partial route match in a defined order - for example, any route starting with players\{id} first checks authentication, exits when it's not there, whilst continuing to check the next pattern in defined order if authentication is OK.
Any routing library that would allow me to match and execute a route on the spot would also help - provided that it can do partial matches so that I can pick up parameters I require to check the authentication level requirements (id, sesid). Obviously, to keep things slim I'd prefer a library that is not part of a larger framework.
From the documentation pages I've read at Packagist, I have difficulties finding out if you can partially match routes in certain libraries - match parameters, yes, but routes? - and sometimes it's unclear if the first match found is the only match. Any pointers?
Or am I missing a more straightforward solution here?