new kernel, ms bearer
This commit is contained in:
@ -4,6 +4,8 @@ namespace kernel\modules\secure\controllers;
|
||||
|
||||
use JetBrains\PhpStorm\NoReturn;
|
||||
use kernel\AdminController;
|
||||
use kernel\Flash;
|
||||
use kernel\helpers\Debug;
|
||||
use kernel\modules\secure\models\forms\LoginForm;
|
||||
use kernel\modules\user\service\UserService;
|
||||
|
||||
@ -25,7 +27,7 @@ class SecureController extends AdminController
|
||||
$this->cgView->render('login.php');
|
||||
}
|
||||
|
||||
public function actionAuth(): void
|
||||
#[NoReturn] public function actionAuth(): void
|
||||
{
|
||||
$loginForm = new LoginForm();
|
||||
$loginForm->load($_REQUEST);
|
||||
@ -39,21 +41,23 @@ class SecureController extends AdminController
|
||||
|
||||
$user = $this->userService->getByField($field, $loginForm->getItem("username"));
|
||||
if (!$user){
|
||||
throw new \Exception(message: "User not found");
|
||||
Flash::setMessage("error", "User not found.");
|
||||
$this->redirect("/admin/login", code: 302);
|
||||
}
|
||||
|
||||
if (password_verify($loginForm->getItem("password"), $user->password_hash)) {
|
||||
setcookie('user_id', $user->id, time()+60*60*24, '/', $_SERVER['SERVER_NAME'], false);
|
||||
$this->redirect("/admin");
|
||||
$this->redirect("/admin", code: 302);
|
||||
} else {
|
||||
$this->redirect("/admin/login");
|
||||
Flash::setMessage("error", "Username or password incorrect.");
|
||||
$this->redirect("/admin/login", code: 302);
|
||||
}
|
||||
}
|
||||
|
||||
#[NoReturn] public function actionLogout(): void
|
||||
{
|
||||
unset($_COOKIE['user_id']);
|
||||
setcookie('user_id', "", -1, '/', $_SERVER['SERVER_NAME'], false);
|
||||
setcookie('user_id', "", -1, '/', ".".$_SERVER['SERVER_NAME'], false);
|
||||
$this->redirect("/", code: 302);
|
||||
}
|
||||
|
||||
|
||||
54
kernel/modules/secure/controllers/SecureRestController.php
Normal file
54
kernel/modules/secure/controllers/SecureRestController.php
Normal file
@ -0,0 +1,54 @@
|
||||
<?php
|
||||
|
||||
namespace kernel\modules\secure\controllers;
|
||||
|
||||
use Firebase\JWT\JWT;
|
||||
use Firebase\JWT\Key;
|
||||
use JetBrains\PhpStorm\NoReturn;
|
||||
use kernel\App;
|
||||
use kernel\helpers\Debug;
|
||||
use kernel\modules\user\models\User;
|
||||
use kernel\Request;
|
||||
use kernel\RestController;
|
||||
use kernel\services\TokenService;
|
||||
use Random\RandomException;
|
||||
|
||||
class SecureRestController extends RestController
|
||||
{
|
||||
public function __construct()
|
||||
{
|
||||
$this->model = new User();
|
||||
}
|
||||
|
||||
/**
|
||||
* @throws RandomException
|
||||
*/
|
||||
#[NoReturn] public function actionAuth(): void
|
||||
{
|
||||
$request = new Request();
|
||||
$data = $request->post();
|
||||
$model = $this->model->where('username', $data['username'])->first();
|
||||
$res = [];
|
||||
if ($model) {
|
||||
if (password_verify($data["password"], $model->password_hash)) {
|
||||
$model->access_token_expires_at = date("Y-m-d H:i:s", strtotime(App::$secure['token_expired_time']));
|
||||
$model->access_token = match (App::$secure['token_type']) {
|
||||
"JWT" => TokenService::JWT($_ENV['SECRET_KEY'], 'HS256'),
|
||||
"md5" => TokenService::md5(),
|
||||
"crypt" => TokenService::crypt(),
|
||||
"hash" => TokenService::hash('sha256'),
|
||||
default => TokenService::random_bytes(20),
|
||||
};
|
||||
|
||||
$res = [
|
||||
"access_token" => $model->access_token,
|
||||
"access_token_expires_at" => $model->access_token_expires_at,
|
||||
];
|
||||
}
|
||||
$model->save();
|
||||
}
|
||||
|
||||
$this->renderApi($res);
|
||||
}
|
||||
|
||||
}
|
||||
Reference in New Issue
Block a user