new kernel, ms bearer

kernel/modules/secure/controllers/SecureController.php

@@ -4,6 +4,8 @@ namespace kernel\modules\secure\controllers;
 
 use JetBrains\PhpStorm\NoReturn;
 use kernel\AdminController;
+use kernel\Flash;
+use kernel\helpers\Debug;
 use kernel\modules\secure\models\forms\LoginForm;
 use kernel\modules\user\service\UserService;
 
@@ -25,7 +27,7 @@ class SecureController extends AdminController
         $this->cgView->render('login.php');
     }
 
-    public function actionAuth(): void
+    #[NoReturn] public function actionAuth(): void
     {
         $loginForm = new LoginForm();
         $loginForm->load($_REQUEST);
@@ -39,21 +41,23 @@ class SecureController extends AdminController
 
         $user = $this->userService->getByField($field, $loginForm->getItem("username"));
         if (!$user){
-            throw new \Exception(message: "User not found");
+            Flash::setMessage("error", "User not found.");
+            $this->redirect("/admin/login", code: 302);
         }
 
         if (password_verify($loginForm->getItem("password"), $user->password_hash)) {
             setcookie('user_id', $user->id, time()+60*60*24, '/', $_SERVER['SERVER_NAME'], false);
-            $this->redirect("/admin");
+            $this->redirect("/admin", code: 302);
         } else {
-            $this->redirect("/admin/login");
+            Flash::setMessage("error", "Username or password incorrect.");
+            $this->redirect("/admin/login", code: 302);
         }
     }
 
     #[NoReturn] public function actionLogout(): void
     {
         unset($_COOKIE['user_id']);
-        setcookie('user_id', "", -1, '/', $_SERVER['SERVER_NAME'], false);
+        setcookie('user_id', "", -1, '/', ".".$_SERVER['SERVER_NAME'], false);
         $this->redirect("/", code: 302);
     }