Compare commits

...

6 Commits

Author SHA1 Message Date
2ae128ff79 merge 2024-12-16 14:35:12 +03:00
f5ad07c04a kernel update 2024-12-16 14:26:13 +03:00
589cf81e49 Merge branch 'master' of https://git.itguild.info/ItGuild/igfs 2024-11-19 16:35:40 +03:00
4dbfe12376 Merge branch 'master' of https://git.itguild.info/ItGuild/igfs 2024-11-19 16:28:37 +03:00
4077405296 some fix 2024-11-19 16:28:22 +03:00
47f29f16a5 merge 2024-11-19 13:43:13 +03:00
32 changed files with 810 additions and 3237 deletions

View File

@ -1,8 +1,11 @@
APP_NAME="It Guild Micro Framework"
DB_HOST=localhost DB_HOST=localhost
DB_USER=user DB_USER={db_user}
DB_DRIVER=mysql DB_DRIVER=mysql
DB_PASSWORD=password DB_PASSWORD={db_password}
DB_NAME=name DB_NAME={db_name}
DB_CHARSET=utf8mb4 DB_CHARSET=utf8mb4
DB_COLLATION=utf8mb4_unicode_ci DB_COLLATION=utf8mb4_unicode_ci
DB_PREFIX='' DB_PREFIX=''
@ -10,6 +13,11 @@ DB_PREFIX=''
VIEWS_PATH=/views VIEWS_PATH=/views
VIEWS_CACHE_PATH=/views_cache VIEWS_CACHE_PATH=/views_cache
MAIL_SMTP_HOST=smtp.mail.ru
MAIL_SMTP_PORT=587
MAIL_SMTP_USERNAME=username@mail.ru
MAIL_SMTP_PASSWORD=somepassword
MODULE_SHOP_URL='http://igfs.loc' MODULE_SHOP_URL='http://igfs.loc'
MODULE_SHOP_TOKEN='your token' MODULE_SHOP_TOKEN='your token'

1
.gitignore vendored
View File

@ -4,3 +4,4 @@ vendor
views_cache views_cache
resources/upload resources/upload
resources/tmp resources/tmp
composer.lock

View File

@ -1,7 +1,8 @@
<?php <?php
$secure_config = [ $secure_config = [
'token_type' => 'JWT', // random_bytes, md5, crypt, hash, JWT 'web_auth_type' => 'email_code', // login_password, email_code
'token_type' => 'crypt', // random_bytes, md5, crypt, hash, JWT
'token_expired_time' => "+30 days", // +1 day 'token_expired_time' => "+30 days", // +1 day
]; ];

View File

@ -18,7 +18,8 @@
"josantonius/session": "^2.0", "josantonius/session": "^2.0",
"firebase/php-jwt": "^6.10", "firebase/php-jwt": "^6.10",
"k-adam/env-editor": "^2.0", "k-adam/env-editor": "^2.0",
"guzzlehttp/guzzle": "^7.9" "guzzlehttp/guzzle": "^7.9",
"phpmailer/phpmailer": "^6.9"
}, },
"autoload": { "autoload": {
"psr-4": { "psr-4": {

3211
composer.lock generated

File diff suppressed because it is too large Load Diff

50
kernel/Mailing.php Normal file
View File

@ -0,0 +1,50 @@
<?php
namespace kernel;
use kernel\helpers\Debug;
use kernel\helpers\SMTP;
use PHPMailer\PHPMailer\Exception;
class Mailing
{
protected SMTP $SMTP;
protected CgView $cgView;
protected array $data;
public function __construct(array $data = [])
{
$this->cgView = new CgView();
$this->cgView->viewPath = KERNEL_DIR . "/views/mailing/";
$this->data = $data;
$this->SMTP = new SMTP();
$this->init();
}
/**
* @throws Exception
*/
public function send_html(string $tpl, array $tplParams, array $mailParams): ?false
{
$mailParams['body'] = $this->cgView->fetch($tpl, $tplParams);
return $this->SMTP->send_html($mailParams);
}
public function run()
{
}
public static function create(array $data = []): static
{
return new static($data);
}
protected function init()
{
}
}

View File

@ -46,6 +46,9 @@ class AdminConsoleController extends ConsoleController
$out = $this->migrationService->runAtPath("kernel/modules/post/migrations"); $out = $this->migrationService->runAtPath("kernel/modules/post/migrations");
$this->out->r("create post table", "green"); $this->out->r("create post table", "green");
$out = $this->migrationService->runAtPath("kernel/modules/secure/migrations");
$this->out->r("create secret_code table", "green");
$this->optionService->createFromParams( $this->optionService->createFromParams(
key: "admin_theme_paths", key: "admin_theme_paths",
value: "{\"paths\": [\"{KERNEL_ADMIN_THEMES}\", \"{APP}/admin_themes\"]}", value: "{\"paths\": [\"{KERNEL_ADMIN_THEMES}\", \"{APP}/admin_themes\"]}",

View File

@ -11,6 +11,18 @@ class Html
return "<img src='$src' $paramsStr>"; return "<img src='$src' $paramsStr>";
} }
public static function h(string|int $type = 1, string $title = '', array $params = [])
{
$paramsStr = self::createParams($params);
return "<h$type $paramsStr>$title</h$type>";
}
public static function a(string $link, array $params = []): string
{
$paramsStr = self::createParams($params);
return "<a href='$link' $paramsStr>";
}
/** /**
* @param array $data * @param array $data
* @return string * @return string

View File

@ -2,13 +2,17 @@
namespace kernel\helpers; namespace kernel\helpers;
use GuzzleHttp\Exception\GuzzleException;
use http\Client; use http\Client;
class RESTClient class RESTClient
{ {
public static function request(string $url, string $method = 'GET') /**
* @throws GuzzleException
*/
public static function request(string $url, string $method = 'GET'): \Psr\Http\Message\ResponseInterface
{ {
$client = new \GuzzleHttp\Client(); $client = new \GuzzleHttp\Client();
return $client->request($method, $url, [ return $client->request($method, $url, [
@ -18,4 +22,31 @@ class RESTClient
]); ]);
} }
/**
* @throws GuzzleException
*/
public static function request_without_auth(string $url, string $method = 'GET'): \Psr\Http\Message\ResponseInterface
{
$client = new \GuzzleHttp\Client();
return $client->request($method, $url);
}
/**
* @throws GuzzleException
*/
public static function post(string $url, array $data = [], bool $auth = true): \Psr\Http\Message\ResponseInterface
{
$headers = [];
if ($auth){
$headers = [
'Authorization' => 'Bearer ' . $_ENV['MODULE_SHOP_TOKEN']
];
}
$client = new \GuzzleHttp\Client();
return $client->request("POST", $url, [
'form_params' => $data,
'headers' => $headers,
]);
}
} }

40
kernel/helpers/SMTP.php Normal file
View File

@ -0,0 +1,40 @@
<?php
namespace kernel\helpers;
use PHPMailer\PHPMailer\Exception;
use PHPMailer\PHPMailer\PHPMailer;
class SMTP
{
public PHPMailer $mail;
public function __construct()
{
$this->mail = new PHPMailer(true);
$this->mail->CharSet = 'UTF-8';
$this->mail->isSMTP();
$this->mail->SMTPAuth = true;
$this->mail->SMTPDebug = 0;
$this->mail->Host = $_ENV['MAIL_SMTP_HOST'];
$this->mail->Port = $_ENV['MAIL_SMTP_PORT'];
$this->mail->Username = $_ENV['MAIL_SMTP_USERNAME'];
$this->mail->Password = $_ENV['MAIL_SMTP_PASSWORD'];
}
/**
* @throws Exception
*/
public function send_html(array $params)
{
if (!isset($params['address'])){
return false;
}
$this->mail->setFrom($this->mail->Username, $params['from_name'] ?? $this->mail->Host);
$this->mail->addAddress($params['address']);
$this->mail->Subject = $params['subject'] ?? 'Без темы';
$body = $params['body'] ?? 'Нет информации';
$this->mail->msgHTML($body);
$this->mail->send();
}
}

View File

@ -10,9 +10,14 @@ use kernel\Flash;
use kernel\helpers\Debug; use kernel\helpers\Debug;
use kernel\helpers\Files; use kernel\helpers\Files;
use kernel\helpers\RESTClient; use kernel\helpers\RESTClient;
use kernel\helpers\SMTP;
use kernel\Mailing;
use kernel\modules\module_shop_client\services\ModuleShopClientService; use kernel\modules\module_shop_client\services\ModuleShopClientService;
use kernel\Request; use kernel\Request;
use kernel\services\ModuleService; use kernel\services\ModuleService;
use kernel\services\ModuleShopService;
use kernel\services\TokenService;
use PHPMailer\PHPMailer\Exception;
class ModuleShopClientController extends AdminController class ModuleShopClientController extends AdminController
{ {
@ -34,18 +39,30 @@ class ModuleShopClientController extends AdminController
*/ */
public function actionIndex(int $page_number = 1): void public function actionIndex(int $page_number = 1): void
{ {
$per_page = 8;
$modules_info = RESTClient::request($_ENV['MODULE_SHOP_URL'] . '/api/module_shop/gb_slug'); if ($this->moduleService->issetModuleShopToken()) {
$modules_info = json_decode($modules_info->getBody()->getContents(), true); if ($this->moduleService->isServerAvailable()) {
$module_count = count($modules_info);
$modules_info = array_slice($modules_info, $per_page*($page_number-1), $per_page); $per_page = 8;
$this->cgView->render("index.php", [ $modules_info = RESTClient::request($_ENV['MODULE_SHOP_URL'] . '/api/module_shop/gb_slug');
'modules_info' => $modules_info, $modules_info = json_decode($modules_info->getBody()->getContents(), true);
'moduleService' => $this->moduleService, $module_count = count($modules_info);
'page_number' => $page_number, $modules_info = array_slice($modules_info, $per_page * ($page_number - 1), $per_page);
'module_count' => $module_count,
'per_page' => $per_page, $this->cgView->render("index.php", [
]); 'modules_info' => $modules_info,
'moduleService' => $this->moduleService,
'page_number' => $page_number,
'module_count' => $module_count,
'per_page' => $per_page,
]);
} else {
$this->cgView->render("module_shop_error_connection.php");
}
} else {
$this->cgView->render("login_at_module_shop.php");
}
} }
public function actionView(int $id): void public function actionView(int $id): void
@ -106,4 +123,58 @@ class ModuleShopClientController extends AdminController
$this->redirect('/admin/module_shop_client', 302); $this->redirect('/admin/module_shop_client', 302);
} }
/**
* @throws Exception
*/
public function actionAuth(): void
{
$request = new Request();
$address = $request->post("email");
// $mailing = new Mailing();
// $mailing->send_html("login_by_code.php", ['code' => mt_rand(100000, 999999)], [
// 'address' => $address,
// 'subject' => "Код авторизации",
// "from_name" => $_ENV['APP_NAME']
// ]);
$moduleShopService = new ModuleShopService();
$result = $moduleShopService->email_auth($address);
if ($result['status'] == 'success'){
$this->cgView->render('enter_code.php', ['email' => $address]);
}
$this->cgView->render('module_shop_error_connection.php', ['email' => $address]);
}
public function actionCodeCheck(): void
{
$request = new Request();
$code = $request->post("code");
// $mailing = new Mailing();
// $mailing->send_html("login_by_code.php", ['code' => mt_rand(100000, 999999)], [
// 'address' => $address,
// 'subject' => "Код авторизации",
// "from_name" => $_ENV['APP_NAME']
// ]);
$moduleShopService = new ModuleShopService();
$result = $moduleShopService->code_check($code);
if (isset($result['access_token'])){
$envFile = \EnvEditor\EnvFile::loadFrom(ROOT_DIR . "/.env");
$envFile->setValue("MODULE_SHOP_TOKEN", $result['access_token']);
$envFile->saveTo(ROOT_DIR . "/.env");
$this->cgView->render('success_login.php');
}
$this->cgView->render('module_shop_error_connection.php');
}
} }

View File

@ -15,6 +15,8 @@ App::$collector->group(["prefix" => "admin"], function (RouteCollector $router){
App::$collector->get('/view/{id}', [\kernel\modules\module_shop_client\controllers\ModuleShopClientController::class, 'actionView']); App::$collector->get('/view/{id}', [\kernel\modules\module_shop_client\controllers\ModuleShopClientController::class, 'actionView']);
App::$collector->get('/delete', [\kernel\modules\module_shop_client\controllers\ModuleShopClientController::class, 'actionDelete']); App::$collector->get('/delete', [\kernel\modules\module_shop_client\controllers\ModuleShopClientController::class, 'actionDelete']);
App::$collector->get('/update', [\kernel\modules\module_shop_client\controllers\ModuleShopClientController::class, 'actionUpdate']); App::$collector->get('/update', [\kernel\modules\module_shop_client\controllers\ModuleShopClientController::class, 'actionUpdate']);
App::$collector->post('/auth', [\kernel\modules\module_shop_client\controllers\ModuleShopClientController::class, 'actionAuth']);
App::$collector->post('/code_check', [\kernel\modules\module_shop_client\controllers\ModuleShopClientController::class, 'actionCodeCheck']);
}); });
}); });
}); });

View File

@ -0,0 +1,36 @@
<?php
/**
* @var $email
*/
use itguild\forms\ActiveForm;
\kernel\widgets\ModuleTabsWidget::create()->run();
echo \kernel\helpers\Html::h(2, "Введите код подтверждения отправленный на почту \"$email\"");
$form = new ActiveForm();
$form->beginForm("/admin/module_shop_client/code_check/");
$form->field(\itguild\forms\inputs\TextInput::class, 'code', [
'class' => "form-control",
'placeholder' => 'Код',
])
->setLabel("Код")
->render();
?>
<div class="row">
<div class="col-sm-2">
<?php
$form->field(\itguild\forms\inputs\Button::class, name: "btn-submit", params: [
'class' => "btn btn-primary ",
'value' => 'Отправить',
'typeInput' => 'submit'
])
->render();
?>
</div>
</div>
<?php
$form->endForm();

View File

@ -0,0 +1,34 @@
<?php
use itguild\forms\ActiveForm;
\kernel\widgets\ModuleTabsWidget::create()->run();
echo \kernel\helpers\Html::h(2, "Форма авторизации/регистрации");
$form = new ActiveForm();
$form->beginForm("/admin/module_shop_client/auth/");
$form->field(\itguild\forms\inputs\TextInput::class, 'email', [
'class' => "form-control",
'placeholder' => 'Email',
])
->setLabel("Email")
->render();
?>
<div class="row">
<div class="col-sm-2">
<?php
$form->field(\itguild\forms\inputs\Button::class, name: "btn-submit", params: [
'class' => "btn btn-primary ",
'value' => 'Отправить',
'typeInput' => 'submit'
])
->render();
?>
</div>
</div>
<?php
$form->endForm();

View File

@ -0,0 +1,6 @@
<?php
\kernel\widgets\ModuleTabsWidget::create()->run();
?>
<h1>Ошибка подключения к сервису</h1>

View File

@ -0,0 +1,9 @@
<?php
use itguild\forms\ActiveForm;
\kernel\widgets\ModuleTabsWidget::create()->run();
echo \kernel\helpers\Html::h(2, "Авторизация прошла успешно");
echo \kernel\helpers\Html::a("/admin", ['class' => 'btm btm-primary']);

View File

@ -4,11 +4,19 @@ namespace kernel\modules\secure\controllers;
use JetBrains\PhpStorm\NoReturn; use JetBrains\PhpStorm\NoReturn;
use kernel\AdminController; use kernel\AdminController;
use kernel\App;
use kernel\Flash; use kernel\Flash;
use kernel\helpers\Debug; use kernel\helpers\Debug;
use kernel\Mailing;
use kernel\modules\secure\models\forms\LoginEmailForm;
use kernel\modules\secure\models\forms\LoginForm; use kernel\modules\secure\models\forms\LoginForm;
use kernel\modules\secure\models\forms\RegisterForm; use kernel\modules\secure\models\forms\RegisterForm;
use kernel\modules\secure\services\SecureService;
use kernel\modules\user\models\User;
use kernel\modules\user\service\UserService; use kernel\modules\user\service\UserService;
use kernel\Request;
use PHPMailer\PHPMailer\Exception;
use Random\RandomException;
class SecureController extends AdminController class SecureController extends AdminController
{ {
@ -24,7 +32,12 @@ class SecureController extends AdminController
public function actionLogin(): void public function actionLogin(): void
{ {
$this->cgView->render('login.php'); $this->cgView->render(match (App::$secure['web_auth_type']) {
"login_password" => "login.php",
"email_code" => "email_login.php",
});
// $this->cgView->render('login.php');
} }
#[NoReturn] public function actionAuth(): void #[NoReturn] public function actionAuth(): void
@ -54,14 +67,83 @@ class SecureController extends AdminController
} }
} }
/**
* @throws RandomException
* @throws Exception
*/
public function actionEmailAuth(): void
{
$mailing = new Mailing();
$loginForm = new LoginEmailForm();
$loginForm->load($_REQUEST);
$email = $loginForm->getItem("email");
$user = $this->userService->getByField('email', $email);
if (!$user){
$password = bin2hex(random_bytes(8));
UserService::createUserByEmailAndPassword($email, $password);
$user = $this->userService->getByField('email', $email);
SecureService::createSecretCode($user);
$secretCode = SecureService::getByField("user_id", $user->id);
$mailing->send_html("register_by_code.php", ['code' => $secretCode->code, 'password' => $password], [
'address' => $email,
'subject' => "Код регистрации",
"from_name" => $_ENV['APP_NAME']
]);
} else {
SecureService::updateSecretCode($user);
$secretCode = SecureService::getByField("user_id", $user->id);
$mailing->send_html("login_by_code.php", ['code' => $secretCode->code], [
'address' => $email,
'subject' => "Код авторизации",
"from_name" => $_ENV['APP_NAME']
]);
}
setcookie('user_email', $email, time()+60*15, '/', $_SERVER['SERVER_NAME'], false);
$this->cgView->render("enter_code.php", ['email' => $email]);
}
/**
* @throws Exception
*/
public function actionCodeCheck(): void
{
$request = new Request();
if (isset($_COOKIE['user_email'])) {
$user = User::where('email', $_COOKIE["user_email"])->first();
if (!$user) {
throw new exception("User not found.");
}
$code = $request->post("code");
$secretCode = SecureService::getByField("user_id", $user->id);
if ($secretCode->code == $code && time() <= strtotime($secretCode->code_expires_at)) {
setcookie('user_id', $user->id, time() + 60 * 60 * 24, '/', $_SERVER['SERVER_NAME'], false);
$this->redirect("/admin", code: 302);
} else {
Flash::setMessage("error", "Wrong code.");
$this->cgView->render("enter_code.php", ['email' => $_COOKIE["user_email"]]);
}
}
}
#[NoReturn] public function actionLogout(): void #[NoReturn] public function actionLogout(): void
{ {
unset($_COOKIE['user_id']); unset($_COOKIE['user_id']);
setcookie('user_id', "", -1, '/', ".".$_SERVER['SERVER_NAME'], false); setcookie('user_id', "", -1, '/', ".".$_SERVER['SERVER_NAME'], false);
setcookie('user_email', "", -1, '/', ".".$_SERVER['SERVER_NAME'], false);
$this->redirect("/", code: 302); $this->redirect("/", code: 302);
} }
public function actionRegister() public function actionRegister(): void
{ {
$this->cgView->render('register.php'); $this->cgView->render('register.php');
} }

View File

@ -7,10 +7,15 @@ use Firebase\JWT\Key;
use JetBrains\PhpStorm\NoReturn; use JetBrains\PhpStorm\NoReturn;
use kernel\App; use kernel\App;
use kernel\helpers\Debug; use kernel\helpers\Debug;
use kernel\Mailing;
use kernel\modules\secure\models\SecretCode;
use kernel\modules\secure\services\SecureService;
use kernel\modules\user\models\User; use kernel\modules\user\models\User;
use kernel\modules\user\service\UserService;
use kernel\Request; use kernel\Request;
use kernel\RestController; use kernel\RestController;
use kernel\services\TokenService; use kernel\services\TokenService;
use PHPMailer\PHPMailer\Exception;
use Random\RandomException; use Random\RandomException;
class SecureRestController extends RestController class SecureRestController extends RestController
@ -51,4 +56,75 @@ class SecureRestController extends RestController
$this->renderApi($res); $this->renderApi($res);
} }
/**
* @throws Exception
* @throws RandomException
*/
#[NoReturn] public function actionEmailAuth(): void
{
$mailing = new Mailing();
$request = new Request();
$data = $request->post();
$model = $this->model->where('email', $data['email'])->first();
if (!$model) {
$password = bin2hex(random_bytes(8));
UserService::createUserByEmailAndPassword($data['email'], $password);
$model = UserService::getByField('email', $data['email']);
SecureService::createSecretCode($model);
$secretCode = SecureService::getByField("user_id", $model->id);
$mailing->send_html("register_by_code.php", ['code' => $secretCode->code, 'password' => $password], [
'address' => $data['email'],
'subject' => "Код регистрации",
"from_name" => $_ENV['APP_NAME']
]);
} else {
SecureService::updateSecretCode($model);
$secretCode = SecureService::getByField("user_id", $model->id);
$mailing->send_html("login_by_code.php", ['code' => $secretCode->code], [
'address' => $data['email'],
'subject' => "Код авторизации",
"from_name" => $_ENV['APP_NAME']
]);
}
$res = [
"status" => "success",
"code_expires_at" => $secretCode->code_expires_at,
];
setcookie('user_email', $data['email'], time()+60*15, '/', $_SERVER['SERVER_NAME'], false);
$this->renderApi($res);
}
/**
* @throws Exception
*/
#[NoReturn] public function actionCodeCheck(): void
{
$request = new Request();
$code = $request->post("code");
$model = SecretCode::where("code", $code)->first();
if (time() <= strtotime($model->code_expires_at)) {
$user = $this->model->where("id", $model->user_id)->first();
if ($user){
$user->access_token_expires_at = date("Y-m-d H:i:s", strtotime(App::$secure['token_expired_time']));
$user->access_token = SecureService::generateAccessToken();
$user->save();
$this->renderApi([
"access_token" => $user->access_token,
"access_token_expires_at" => $user->access_token_expires_at,
]);
}
}
$this->renderApi(['status' => 'error', 'message' => 'incorrect code']);
}
} }

View File

@ -0,0 +1,31 @@
<?php
use Illuminate\Database\Migrations\Migration;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Support\Facades\Schema;
return new class extends Migration
{
/**
* Run the migrations.
*/
public function up(): void
{
\kernel\App::$db->schema->create('secret_code', function (Blueprint $table) {
$table->increments('id');
$table->integer('user_id');
$table->integer('code');
$table->dateTime('code_expires_at')->nullable(true);
$table->timestamps();
});
}
/**
* Reverse the migrations.
*/
public function down(): void
{
\kernel\App::$db->schema->dropIfExists('secret_code');
}
};

View File

@ -0,0 +1,25 @@
<?php
namespace kernel\modules\secure\models;
use Illuminate\Database\Eloquent\Model;
/**
* @property int $id
* @property int $user_id
* @property int $code
* @property string $code_expires_at
*/
class SecretCode extends Model {
protected $table = 'secret_code';
protected $fillable = ['user_id', 'code', 'code_expires_at'];
public static function labels(): array
{
return [
'user_id' => 'Пользователь',
'code' => 'Код',
'code_expires_at' => 'Срок жизни кода',
];
}
}

View File

@ -0,0 +1,17 @@
<?php
namespace kernel\modules\secure\models\forms;
use kernel\FormModel;
class LoginEmailForm extends FormModel
{
public function rules(): array
{
return [
'email' => 'required|string|email|max255',
];
}
}

View File

@ -14,13 +14,17 @@ App::$collector->group(["prefix" => "admin"], function (RouteCollector $router){
App::$collector->get('/login', [\kernel\modules\secure\controllers\SecureController::class, 'actionLogin']); App::$collector->get('/login', [\kernel\modules\secure\controllers\SecureController::class, 'actionLogin']);
App::$collector->get('/logout', [\kernel\modules\secure\controllers\SecureController::class, 'actionLogout']); App::$collector->get('/logout', [\kernel\modules\secure\controllers\SecureController::class, 'actionLogout']);
App::$collector->post('/auth', [\kernel\modules\secure\controllers\SecureController::class, 'actionAuth']); App::$collector->post('/auth', [\kernel\modules\secure\controllers\SecureController::class, 'actionAuth']);
App::$collector->post('/email_auth', [\kernel\modules\secure\controllers\SecureController::class, 'actionEmailAuth']);
App::$collector->get('/register', [\kernel\modules\secure\controllers\SecureController::class, 'actionRegister']); App::$collector->get('/register', [\kernel\modules\secure\controllers\SecureController::class, 'actionRegister']);
App::$collector->post('/registration', [\kernel\modules\secure\controllers\SecureController::class, 'actionRegistration']); App::$collector->post('/registration', [\kernel\modules\secure\controllers\SecureController::class, 'actionRegistration']);
App::$collector->post('/code_check', [\kernel\modules\secure\controllers\SecureController::class, 'actionCodeCheck']);
}); });
App::$collector->group(["prefix" => "api"], function (CgRouteCollector $router){ App::$collector->group(["prefix" => "api"], function (CgRouteCollector $router){
App::$collector->group(["prefix" => "secure"], function (CgRouteCollector $router) { App::$collector->group(["prefix" => "secure"], function (CgRouteCollector $router) {
App::$collector->post('/auth', [\kernel\modules\secure\controllers\SecureRestController::class, 'actionAuth']); App::$collector->post('/auth', [\kernel\modules\secure\controllers\SecureRestController::class, 'actionAuth']);
App::$collector->post('/email_auth', [\kernel\modules\secure\controllers\SecureRestController::class, 'actionEmailAuth']);
App::$collector->post('/code_check', [\kernel\modules\secure\controllers\SecureRestController::class, 'actionCodeCheck']);
}); });
}); });

View File

@ -0,0 +1,54 @@
<?php
namespace kernel\modules\secure\services;
use kernel\App;
use kernel\FormModel;
use kernel\helpers\Debug;
use kernel\modules\secure\models\SecretCode;
use kernel\modules\user\models\User;
use kernel\modules\user\service\UserService;
use kernel\services\TokenService;
class SecureService
{
public static function createSecretCode(User $user): void
{
$secretCode = new SecretCode();
$secretCode->user_id = $user->id;
$secretCode->code = mt_rand(100000, 999999);
$secretCode->code_expires_at = date("Y-m-d H:i:s", strtotime("+5 minutes"));;
$secretCode->save();
}
public static function updateSecretCode(User $user): void
{
$secretCode = SecretCode::where('user_id', $user->id)->first();
$secretCode->code = mt_rand(100000, 999999);
$secretCode->code_expires_at = date("Y-m-d H:i:s", strtotime("+5 minutes"));;
$secretCode->save();
}
public static function getCodeByUserId(int $user_id)
{
return SecretCode::where('user_id', $user_id)->one()->code;
}
public static function getByField(string $field, mixed $value)
{
return SecretCode::where($field, $value)->first();
}
public static function generateAccessToken(): string
{
return match (App::$secure['token_type']) {
"JWT" => TokenService::JWT($_ENV['SECRET_KEY'], 'HS256'),
"md5" => TokenService::md5(),
"crypt" => TokenService::crypt(),
"hash" => TokenService::hash('sha256'),
default => TokenService::random_bytes(20),
};
}
}

View File

@ -0,0 +1,48 @@
<!-- Section: Design Block -->
<section class=" text-center text-lg-start">
<style>
.rounded-t-5 {
border-top-left-radius: 0.5rem;
border-top-right-radius: 0.5rem;
}
@media (min-width: 992px) {
.rounded-tr-lg-0 {
border-top-right-radius: 0;
}
.rounded-bl-lg-5 {
border-bottom-left-radius: 0.5rem;
}
}
</style>
<div class="card mb-3">
<div class="row g-0 d-flex align-items-center">
<div class="col-lg-4 d-none d-lg-flex">
<img src="https://mdbootstrap.com/img/new/ecommerce/vertical/004.jpg" alt="Trendy Pants and Shoes"
class="w-100 rounded-t-5 rounded-tr-lg-0 rounded-bl-lg-5" />
</div>
<div class="col-lg-8">
<div class="card-body py-5 px-md-5">
<div class="row md-4 text-md-center">
<h1>Форма авторизации/регистрации</h1>
</div>
<form action="/admin/email_auth" method="post">
<!-- Email input -->
<div data-mdb-input-init class="form-outline mb-4">
<input type="text" id="form2Example1" class="form-control" name="email" />
<label class="form-label" for="form2Example1">Email</label>
</div>
<!-- Submit button -->
<button type="submit" data-mdb-button-init data-mdb-ripple-init class="btn btn-primary btn-block mb-4">Отправить</button>
</form>
</div>
</div>
</div>
</div>
</section>
<!-- Section: Design Block -->

View File

@ -0,0 +1,60 @@
<?php
/**
* @var string $email
*/
?>
<!-- Section: Design Block -->
<section class=" text-center text-lg-start">
<style>
.rounded-t-5 {
border-top-left-radius: 0.5rem;
border-top-right-radius: 0.5rem;
}
@media (min-width: 992px) {
.rounded-tr-lg-0 {
border-top-right-radius: 0;
}
.rounded-bl-lg-5 {
border-bottom-left-radius: 0.5rem;
}
}
</style>
<div class="card mb-3">
<div class="row g-0 d-flex align-items-center">
<div class="col-lg-4 d-none d-lg-flex">
<img src="https://mdbootstrap.com/img/new/ecommerce/vertical/004.jpg" alt="Trendy Pants and Shoes"
class="w-100 rounded-t-5 rounded-tr-lg-0 rounded-bl-lg-5" />
</div>
<div class="col-lg-8">
<div class="card-body py-5 px-md-5">
<div class="row md-4 text-md-center">
<h1>Введите код, отправленный на почту "<?php echo $email ?>"</h1>
</div>
<form action="/admin/code_check" method="post">
<!-- Email input -->
<div data-mdb-input-init class="form-outline mb-4">
<input type="text" id="form2Example1" class="form-control" name="code" />
<label class="form-label" for="form2Example1">Код подтверждения</label>
</div>
<div class="row-md-4">
<div class="col">
<button type="submit" data-mdb-button-init data-mdb-ripple-init class="btn btn-primary btn-block mb-4">Подтвердить</button>
</div>
<div class="col">
<br>
<a href="/admin/login/"> <h5>Отправить код еще раз</h5></a>
</div>
</div>
</form>
</div>
</div>
</div>
</div>
</section>
<!-- Section: Design Block -->

View File

@ -41,7 +41,7 @@ class UserService
* @param string $value * @param string $value
* @return mixed * @return mixed
*/ */
public function getByField(string $field, string $value) public static function getByField(string $field, string $value): mixed
{ {
return User::where($field, $value)->first(); return User::where($field, $value)->first();
} }
@ -85,4 +85,13 @@ class UserService
return $this->getByField("access_token", $token); return $this->getByField("access_token", $token);
} }
public static function createUserByEmailAndPassword(string $email, string $password): void
{
$user = new User();
$user->email = $email;
$user->username = $email;
$user->password_hash = password_hash($password, PASSWORD_DEFAULT);
$user->save();
}
} }

View File

@ -475,7 +475,9 @@ class ModuleService
{ {
if ($this->isServerAvailable()){ if ($this->isServerAvailable()){
$modules_info = RESTClient::request($_ENV['MODULE_SHOP_URL'] . '/api/module_shop/gb_slug'); $modules_info = RESTClient::request($_ENV['MODULE_SHOP_URL'] . '/api/module_shop/gb_slug');
if (!$this->issetModuleShopToken()){
return false;
}
$modules_info = json_decode($modules_info->getBody()->getContents(), true); $modules_info = json_decode($modules_info->getBody()->getContents(), true);
$mod_info = $this->getModuleInfoBySlug($slug); $mod_info = $this->getModuleInfoBySlug($slug);
foreach ($modules_info as $mod) { foreach ($modules_info as $mod) {
@ -516,4 +518,12 @@ class ModuleService
} }
} }
public function issetModuleShopToken(): bool
{
if (!empty($_ENV['MODULE_SHOP_TOKEN'])){
return true;
}
return false;
}
} }

View File

@ -0,0 +1,36 @@
<?php
namespace kernel\services;
use GuzzleHttp\Exception\GuzzleException;
use kernel\helpers\RESTClient;
class ModuleShopService
{
protected string $url;
protected string $token;
public function __construct()
{
$this->url = $_ENV['MODULE_SHOP_URL'];
$this->token = $_ENV['MODULE_SHOP_TOKEN'];
}
/**
* @throws GuzzleException
*/
public function email_auth(string $email)
{
$request = RESTClient::post($this->url . "/api/secure/email_auth", ['email' => $email], false);
return json_decode($request->getBody()->getContents(), true);
}
public function code_check(string $code)
{
$request = RESTClient::post($this->url . "/api/secure/code_check", ['code' => $code], false);
return json_decode($request->getBody()->getContents(), true);
}
}

View File

@ -0,0 +1,12 @@
<?php
/**
* @var int $code
*/
?>
<p>
Код подтверждения: <?= $code ?>
</p>
<p>
Если вы не запрашивали код, проигнорируйте данное письмо.
</p>

View File

@ -0,0 +1,15 @@
<?php
/**
* @var int $code
* @var string $password
*/
?>
<p>
Код подтверждения: <?= $code ?> <br><br>
Ваш пароль: <?= $password ?>
</p>
<p>
Если вы не запрашивали код, проигнорируйте данное письмо.
</p>

View File

@ -75,7 +75,7 @@ $table->addAction(function ($row) use ($moduleService){
return false; return false;
}); });
if ($moduleService->isActive('module_shop_client') && $moduleService->isServerAvailable()) { if ($moduleService->isActive('module_shop_client')) {
ModuleTabsWidget::create()->run(); ModuleTabsWidget::create()->run();
} }

View File

@ -6,4 +6,4 @@
*/ */
?> ?>
"<a class='btn btn-$btn' href='$url/deactivate/?slug=$slug' style='margin: 3px; width: 150px;' >$icon</a>"; "<a class='btn btn-$btn_type' href='$url/deactivate/?slug=$slug' style='margin: 3px; width: 150px;' >$label</a>";