# Pastebin P7a0by7g
use Mojolicious::Lite;

websocket "/ws" => sub{
        my $c = shift;

        $c->on(json => sub{
                # example: {
                #       "route":        "admin_get_user",
                #       "headers":      {
                #               "X-API-KEY":    "1234567890123456789012345678901234567890",
                #               "X-AUTH-KEY":   "1234567890123456789012345678901234567890"
                #       },
                #       "stash":        {
                #               "user_id":      42
                #       }
                #}
                
                my $tx  = shift;
                my $msg = shift;

                # PseudoCode
                my $newReq = create_new_request();
                $newReq->add_headers($msg->{headers});
                $newReq->add_stash($msg->{stash});
                my $response = $newReq->run_route($msg->{route}); # ping, client_data, get_object or admin_get_user
                $tx->send($response)
        });     
};

get "/ping" => sub{
        shift()->render(json => "pong");
} => "ping";

under "/api" => sub{
        my $c = shift;
        # Test if the header X-API-KEY is a valid key
        # and add a Client DBIC obj on $c->stash->{client}
};

get "/client_data" => sub{
        my $c = shift;
        $c->render(json => $self->stash->{client}->data)
} => "client_data";

under "/" => {
        my $c = shift;
        # Test if the header X-AUTH-KEY is a valid key
        # and add a User DBIC obj on $c->stash->{user}
};

get "/object/:obj_id" => sub {
        my $c = shift;

        $c->render(json => $c->stash->{user}->find_related($c->stash->{obj_id})->data)
} => "get_obj";

under "/admin" => sub{
        my $c = shift;
        # Test if the user has a admin role
};

get "/user/:user_id" => sub{
        my $c = shift;

        $c->render(json => $c->resultset("User")->find($c->stash->{user_id}))
} => "admin_get_user";

app->start;