auth email api

kernel/modules/secure/controllers/SecureRestController.php

@@ -92,6 +92,36 @@ class SecureRestController extends RestController
                 "from_name" => $_ENV['APP_NAME']
             ]);
         }
+
+        $res = [
+            "code" => $secretCode->code,
+            "code_expires_at" => $secretCode->code_expires_at,
+        ];
+
+        setcookie('user_email', $data['email'], time()+60*15, '/', $_SERVER['SERVER_NAME'], false);
+        $this->renderApi($res);
+    }
+
+    /**
+     * @throws Exception
+     */
+    public function actionCodeCheck(): void
+    {
+        $request = new Request();
+
+        if (isset($_COOKIE['user_email'])) {
+            $user = User::where('email', $_COOKIE["user_email"])->first();
+            if (!$user) {
+                throw new exception("User not found.");
+            }
+            $code = $request->post("code");
+            $secretCode = SecureService::getByField("user_id", $user->id);
+            if ($secretCode->code == $code && time() <= strtotime($secretCode->code_expires_at)) {
+                setcookie('user_id', $user->id, time() + 60 * 60 * 24, '/', $_SERVER['SERVER_NAME'], false);
+            } else {
+                throw new exception("incorrect code");
+            }
+        }
     }
 
 }