ItGuild/igfs
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

kernel update

Browse Source
This commit is contained in:
Kavalar
2024-12-16 14:26:13 +03:00
parent 589cf81e49
commit f5ad07c04a
77 changed files with 2067 additions and 251 deletions
Download Patch File Download Diff File Expand all files Collapse all files

116
kernel/modules/secure/controllers/SecureController.php
View File

@ -4,10 +4,19 @@ namespace kernel\modules\secure\controllers;
use JetBrains\PhpStorm\NoReturn;
use kernel\AdminController;
use kernel\App;
use kernel\Flash;
use kernel\helpers\Debug;
use kernel\Mailing;
use kernel\modules\secure\models\forms\LoginEmailForm;
use kernel\modules\secure\models\forms\LoginForm;
use kernel\modules\secure\models\forms\RegisterForm;
use kernel\modules\secure\services\SecureService;
use kernel\modules\user\models\User;
use kernel\modules\user\service\UserService;
use kernel\Request;
use PHPMailer\PHPMailer\Exception;
use Random\RandomException;
class SecureController extends AdminController
{
@ -16,7 +25,6 @@ class SecureController extends AdminController
protected function init(): void
{
parent::init();
// $this->cgView->viewPath = KERNEL_DIR . "/views/secure/";
$this->cgView->viewPath = KERNEL_MODULES_DIR. "/secure/views/";
$this->cgView->layout = "/login.php";
$this->userService = new UserService();
@ -24,7 +32,12 @@ class SecureController extends AdminController
public function actionLogin(): void
{
$this->cgView->render('login.php');
$this->cgView->render(match (App::$secure['web_auth_type']) {
"login_password" => "login.php",
"email_code" => "email_login.php",
});
// $this->cgView->render('login.php');
}
#[NoReturn] public function actionAuth(): void
@ -44,8 +57,9 @@ class SecureController extends AdminController
Flash::setMessage("error", "User not found.");
$this->redirect("/admin/login", code: 302);
}
if (password_verify($loginForm->getItem("password"), $user->password_hash)) {
setcookie('user_id', $user->id, time()+60*60*24, '/', $_SERVER['HTTP_HOST'], false);
setcookie('user_id', $user->id, time()+60*60*24, '/', $_SERVER['SERVER_NAME'], false);
$this->redirect("/admin", code: 302);
} else {
Flash::setMessage("error", "Username or password incorrect.");
@ -53,11 +67,107 @@ class SecureController extends AdminController
}
}
/**
* @throws RandomException
* @throws Exception
*/
public function actionEmailAuth(): void
{
$mailing = new Mailing();
$loginForm = new LoginEmailForm();
$loginForm->load($_REQUEST);
$email = $loginForm->getItem("email");
$user = $this->userService->getByField('email', $email);
if (!$user){
$password = bin2hex(random_bytes(8));
UserService::createUserByEmailAndPassword($email, $password);
$user = $this->userService->getByField('email', $email);
SecureService::createSecretCode($user);
$secretCode = SecureService::getByField("user_id", $user->id);
$mailing->send_html("register_by_code.php", ['code' => $secretCode->code, 'password' => $password], [
'address' => $email,
'subject' => "Код регистрации",
"from_name" => $_ENV['APP_NAME']
]);
} else {
SecureService::updateSecretCode($user);
$secretCode = SecureService::getByField("user_id", $user->id);
$mailing->send_html("login_by_code.php", ['code' => $secretCode->code], [
'address' => $email,
'subject' => "Код авторизации",
"from_name" => $_ENV['APP_NAME']
]);
}
setcookie('user_email', $email, time()+60*15, '/', $_SERVER['SERVER_NAME'], false);
$this->cgView->render("enter_code.php", ['email' => $email]);
}
/**
* @throws Exception
*/
public function actionCodeCheck(): void
{
$request = new Request();
if (isset($_COOKIE['user_email'])) {
$user = User::where('email', $_COOKIE["user_email"])->first();
if (!$user) {
throw new exception("User not found.");
}
$code = $request->post("code");
$secretCode = SecureService::getByField("user_id", $user->id);
if ($secretCode->code == $code && time() <= strtotime($secretCode->code_expires_at)) {
setcookie('user_id', $user->id, time() + 60 * 60 * 24, '/', $_SERVER['SERVER_NAME'], false);
$this->redirect("/admin", code: 302);
} else {
Flash::setMessage("error", "Wrong code.");
$this->cgView->render("enter_code.php", ['email' => $_COOKIE["user_email"]]);
}
}
}
#[NoReturn] public function actionLogout(): void
{
unset($_COOKIE['user_id']);
setcookie('user_id', "", -1, '/', ".".$_SERVER['SERVER_NAME'], false);
setcookie('user_email', "", -1, '/', ".".$_SERVER['SERVER_NAME'], false);
$this->redirect("/", code: 302);
}
public function actionRegister(): void
{
$this->cgView->render('register.php');
}
public function actionRegistration(): void
{
$regForm = new RegisterForm();
$regForm->load($_REQUEST);
if ($this->userService->getByField('username', $regForm->getItem("username"))) {
Flash::setMessage("error", "Username already exists.");
$this->redirect("/admin/register", code: 302);
}
if ($this->userService->getByField('email', $regForm->getItem("email"))) {
Flash::setMessage("error", "Email already exists.");
$this->redirect("/admin/register", code: 302);
}
$user = $this->userService->create($regForm);
if ($user){
setcookie('user_id', $user->id, time()+60*60*24, '/', $_SERVER['SERVER_NAME'], false);
$this->redirect("/admin", code: 302);
}
}
}

78
kernel/modules/secure/controllers/SecureRestController.php
View File

@ -7,10 +7,15 @@ use Firebase\JWT\Key;
use JetBrains\PhpStorm\NoReturn;
use kernel\App;
use kernel\helpers\Debug;
use kernel\Mailing;
use kernel\modules\secure\models\SecretCode;
use kernel\modules\secure\services\SecureService;
use kernel\modules\user\models\User;
use kernel\modules\user\service\UserService;
use kernel\Request;
use kernel\RestController;
use kernel\services\TokenService;
use PHPMailer\PHPMailer\Exception;
use Random\RandomException;
class SecureRestController extends RestController
@ -51,4 +56,75 @@ class SecureRestController extends RestController
$this->renderApi($res);
}
}
/**
* @throws Exception
* @throws RandomException
*/
#[NoReturn] public function actionEmailAuth(): void
{
$mailing = new Mailing();
$request = new Request();
$data = $request->post();
$model = $this->model->where('email', $data['email'])->first();
if (!$model) {
$password = bin2hex(random_bytes(8));
UserService::createUserByEmailAndPassword($data['email'], $password);
$model = UserService::getByField('email', $data['email']);
SecureService::createSecretCode($model);
$secretCode = SecureService::getByField("user_id", $model->id);
$mailing->send_html("register_by_code.php", ['code' => $secretCode->code, 'password' => $password], [
'address' => $data['email'],
'subject' => "Код регистрации",
"from_name" => $_ENV['APP_NAME']
]);
} else {
SecureService::updateSecretCode($model);
$secretCode = SecureService::getByField("user_id", $model->id);
$mailing->send_html("login_by_code.php", ['code' => $secretCode->code], [
'address' => $data['email'],
'subject' => "Код авторизации",
"from_name" => $_ENV['APP_NAME']
]);
}
$res = [
"status" => "success",
"code_expires_at" => $secretCode->code_expires_at,
];
setcookie('user_email', $data['email'], time()+60*15, '/', $_SERVER['SERVER_NAME'], false);
$this->renderApi($res);
}
/**
* @throws Exception
*/
#[NoReturn] public function actionCodeCheck(): void
{
$request = new Request();
$code = $request->post("code");
$model = SecretCode::where("code", $code)->first();
if (time() <= strtotime($model->code_expires_at)) {
$user = $this->model->where("id", $model->user_id)->first();
if ($user){
$user->access_token_expires_at = date("Y-m-d H:i:s", strtotime(App::$secure['token_expired_time']));
$user->access_token = SecureService::generateAccessToken();
$user->save();
$this->renderApi([
"access_token" => $user->access_token,
"access_token_expires_at" => $user->access_token_expires_at,
]);
}
}
$this->renderApi(['status' => 'error', 'message' => 'incorrect code']);
}
}

31
kernel/modules/secure/migrations/2024_12_09_081420_create_secret_code_table.php Normal file
View File

@ -0,0 +1,31 @@
<?php
use Illuminate\Database\Migrations\Migration;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Support\Facades\Schema;
return new class extends Migration
{
/**
* Run the migrations.
*/
public function up(): void
{
\kernel\App::$db->schema->create('secret_code', function (Blueprint $table) {
$table->increments('id');
$table->integer('user_id');
$table->integer('code');
$table->dateTime('code_expires_at')->nullable(true);
$table->timestamps();
});
}
/**
* Reverse the migrations.
*/
public function down(): void
{
\kernel\App::$db->schema->dropIfExists('secret_code');
}
};

25
kernel/modules/secure/models/SecretCode.php Normal file
View File

@ -0,0 +1,25 @@
<?php
namespace kernel\modules\secure\models;
use Illuminate\Database\Eloquent\Model;
/**
* @property int $id
* @property int $user_id
* @property int $code
* @property string $code_expires_at
*/
class SecretCode extends Model {
protected $table = 'secret_code';
protected $fillable = ['user_id', 'code', 'code_expires_at'];
public static function labels(): array
{
return [
'user_id' => 'Пользователь',
'code' => 'Код',
'code_expires_at' => 'Срок жизни кода',
];
}
}

17
kernel/modules/secure/models/forms/LoginEmailForm.php Normal file
View File

@ -0,0 +1,17 @@
<?php
namespace kernel\modules\secure\models\forms;
use kernel\FormModel;
class LoginEmailForm extends FormModel
{
public function rules(): array
{
return [
'email' => 'required|string|email|max255',
];
}
}

19
kernel/modules/secure/models/forms/RegisterForm.php Normal file
View File

@ -0,0 +1,19 @@
<?php
namespace kernel\modules\secure\models\forms;
use kernel\FormModel;
class RegisterForm extends FormModel
{
public function rules(): array
{
return [
'username' => 'required|min-str-len:5|max-str-len:50',
'email' => 'required|email|max-str-len:50',
'password' => 'required|min-str-len:6|max-str-len:50',
];
}
}

6
kernel/modules/secure/routs/secure.php
View File

@ -14,11 +14,17 @@ App::$collector->group(["prefix" => "admin"], function (RouteCollector $router){
App::$collector->get('/login', [\kernel\modules\secure\controllers\SecureController::class, 'actionLogin']);
App::$collector->get('/logout', [\kernel\modules\secure\controllers\SecureController::class, 'actionLogout']);
App::$collector->post('/auth', [\kernel\modules\secure\controllers\SecureController::class, 'actionAuth']);
App::$collector->post('/email_auth', [\kernel\modules\secure\controllers\SecureController::class, 'actionEmailAuth']);
App::$collector->get('/register', [\kernel\modules\secure\controllers\SecureController::class, 'actionRegister']);
App::$collector->post('/registration', [\kernel\modules\secure\controllers\SecureController::class, 'actionRegistration']);
App::$collector->post('/code_check', [\kernel\modules\secure\controllers\SecureController::class, 'actionCodeCheck']);
});
App::$collector->group(["prefix" => "api"], function (CgRouteCollector $router){
App::$collector->group(["prefix" => "secure"], function (CgRouteCollector $router) {
App::$collector->post('/auth', [\kernel\modules\secure\controllers\SecureRestController::class, 'actionAuth']);
App::$collector->post('/email_auth', [\kernel\modules\secure\controllers\SecureRestController::class, 'actionEmailAuth']);
App::$collector->post('/code_check', [\kernel\modules\secure\controllers\SecureRestController::class, 'actionCodeCheck']);
});
});

54
kernel/modules/secure/services/SecureService.php Normal file
View File

@ -0,0 +1,54 @@
<?php
namespace kernel\modules\secure\services;
use kernel\App;
use kernel\FormModel;
use kernel\helpers\Debug;
use kernel\modules\secure\models\SecretCode;
use kernel\modules\user\models\User;
use kernel\modules\user\service\UserService;
use kernel\services\TokenService;
class SecureService
{
public static function createSecretCode(User $user): void
{
$secretCode = new SecretCode();
$secretCode->user_id = $user->id;
$secretCode->code = mt_rand(100000, 999999);
$secretCode->code_expires_at = date("Y-m-d H:i:s", strtotime("+5 minutes"));;
$secretCode->save();
}
public static function updateSecretCode(User $user): void
{
$secretCode = SecretCode::where('user_id', $user->id)->first();
$secretCode->code = mt_rand(100000, 999999);
$secretCode->code_expires_at = date("Y-m-d H:i:s", strtotime("+5 minutes"));;
$secretCode->save();
}
public static function getCodeByUserId(int $user_id)
{
return SecretCode::where('user_id', $user_id)->one()->code;
}
public static function getByField(string $field, mixed $value)
{
return SecretCode::where($field, $value)->first();
}
public static function generateAccessToken(): string
{
return match (App::$secure['token_type']) {
"JWT" => TokenService::JWT($_ENV['SECRET_KEY'], 'HS256'),
"md5" => TokenService::md5(),
"crypt" => TokenService::crypt(),
"hash" => TokenService::hash('sha256'),
default => TokenService::random_bytes(20),
};
}
}

48
kernel/modules/secure/views/email_login.php Normal file
View File

@ -0,0 +1,48 @@
<!-- Section: Design Block -->
<section class=" text-center text-lg-start">
<style>
.rounded-t-5 {
border-top-left-radius: 0.5rem;
border-top-right-radius: 0.5rem;
}
@media (min-width: 992px) {
.rounded-tr-lg-0 {
border-top-right-radius: 0;
}
.rounded-bl-lg-5 {
border-bottom-left-radius: 0.5rem;
}
}
</style>
<div class="card mb-3">
<div class="row g-0 d-flex align-items-center">
<div class="col-lg-4 d-none d-lg-flex">
<img src="https://mdbootstrap.com/img/new/ecommerce/vertical/004.jpg" alt="Trendy Pants and Shoes"
class="w-100 rounded-t-5 rounded-tr-lg-0 rounded-bl-lg-5" />
</div>
<div class="col-lg-8">
<div class="card-body py-5 px-md-5">
<div class="row md-4 text-md-center">
<h1>Форма авторизации/регистрации</h1>
</div>
<form action="/admin/email_auth" method="post">
<!-- Email input -->
<div data-mdb-input-init class="form-outline mb-4">
<input type="text" id="form2Example1" class="form-control" name="email" />
<label class="form-label" for="form2Example1">Email</label>
</div>
<!-- Submit button -->
<button type="submit" data-mdb-button-init data-mdb-ripple-init class="btn btn-primary btn-block mb-4">Отправить</button>
</form>
</div>
</div>
</div>
</div>
</section>
<!-- Section: Design Block -->

60
kernel/modules/secure/views/enter_code.php Normal file
View File

@ -0,0 +1,60 @@
<?php
/**
* @var string $email
*/
?>
<!-- Section: Design Block -->
<section class=" text-center text-lg-start">
<style>
.rounded-t-5 {
border-top-left-radius: 0.5rem;
border-top-right-radius: 0.5rem;
}
@media (min-width: 992px) {
.rounded-tr-lg-0 {
border-top-right-radius: 0;
}
.rounded-bl-lg-5 {
border-bottom-left-radius: 0.5rem;
}
}
</style>
<div class="card mb-3">
<div class="row g-0 d-flex align-items-center">
<div class="col-lg-4 d-none d-lg-flex">
<img src="https://mdbootstrap.com/img/new/ecommerce/vertical/004.jpg" alt="Trendy Pants and Shoes"
class="w-100 rounded-t-5 rounded-tr-lg-0 rounded-bl-lg-5" />
</div>
<div class="col-lg-8">
<div class="card-body py-5 px-md-5">
<div class="row md-4 text-md-center">
<h1>Введите код, отправленный на почту "<?php echo $email ?>"</h1>
</div>
<form action="/admin/code_check" method="post">
<!-- Email input -->
<div data-mdb-input-init class="form-outline mb-4">
<input type="text" id="form2Example1" class="form-control" name="code" />
<label class="form-label" for="form2Example1">Код подтверждения</label>
</div>
<div class="row-md-4">
<div class="col">
<button type="submit" data-mdb-button-init data-mdb-ripple-init class="btn btn-primary btn-block mb-4">Подтвердить</button>
</div>
<div class="col">
<br>
<a href="/admin/login/"> <h5>Отправить код еще раз</h5></a>
</div>
</div>
</form>
</div>
</div>
</div>
</div>
</section>
<!-- Section: Design Block -->

10
kernel/modules/secure/views/login.php
View File

@ -24,6 +24,9 @@
</div>
<div class="col-lg-8">
<div class="card-body py-5 px-md-5">
<div class="row md-4 text-md-center">
<h1>Авторизация</h1>
</div>
<form action="/admin/auth" method="post">
<!-- Email input -->
@ -48,10 +51,15 @@
</div>
</div>
<div class="col">
<div class="col-3">
<!-- Simple link -->
<a href="#!">Забыл пароль?</a>
</div>
<div class="col">
<!-- Simple link -->
<a href="/admin/register">Регистрация</a>
</div>
</div>
<!-- Submit button -->

71
kernel/modules/secure/views/register.php Normal file
View File

@ -0,0 +1,71 @@
<!-- Section: Design Block -->
<section class=" text-center text-lg-start">
<style>
.rounded-t-5 {
border-top-left-radius: 0.5rem;
border-top-right-radius: 0.5rem;
}
@media (min-width: 992px) {
.rounded-tr-lg-0 {
border-top-right-radius: 0;
}
.rounded-bl-lg-5 {
border-bottom-left-radius: 0.5rem;
}
}
</style>
<div class="card mb-3">
<div class="row g-0 d-flex align-items-center">
<div class="col-lg-4 d-none d-lg-flex">
<img src="https://mdbootstrap.com/img/new/ecommerce/vertical/004.jpg" alt="Trendy Pants and Shoes"
class="w-100 rounded-t-5 rounded-tr-lg-0 rounded-bl-lg-5" />
</div>
<div class="col-lg-8">
<div class="card-body py-5 px-md-5">
<div class="row md-4 text-md-center">
<h1>Регистрация</h1>
</div>
<form action="/admin/registration" method="post">
<!--Username input -->
<div data-mdb-input-init class="form-outline mb-4">
<input type="text" id="form2Example1" class="form-control" name="username" />
<label class="form-label" for="form2Example1">Логин</label>
</div>
<!-- Email input -->
<div data-mdb-input-init class="form-outline mb-4">
<input type="email" id="form2Example1" class="form-control" name="email" />
<label class="form-label" for="form2Example1">Email</label>
</div>
<!-- Password input -->
<div data-mdb-input-init class="form-outline mb-4">
<input type="password" id="form2Example2" class="form-control" name="password" />
<label class="form-label" for="form2Example2">Пароль</label>
</div>
<div class="row mb-4">
<div class="col-4">
<!-- Submit button -->
<button type="submit" data-mdb-button-init data-mdb-ripple-init class="btn btn-primary btn-block mb-4">Регистрация</button>
</div>
<div class="col-4">
<!-- Simple link -->
<a href="/admin/login">Войти в существующий аккаунт</a>
</div>
</div>
</form>
</div>
</div>
</div>
</div>
</section>
<!-- Section: Design Block -->