igfs/kernel/modules/secure/controllers/SecureController.php

<?php

namespace kernel\modules\secure\controllers;

use JetBrains\PhpStorm\NoReturn;
use kernel\AdminController;
use kernel\App;
use kernel\Flash;
use kernel\helpers\Debug;
use kernel\Mailing;
use kernel\modules\secure\models\forms\LoginEmailForm;
use kernel\modules\secure\models\forms\LoginForm;
use kernel\modules\secure\models\forms\RegisterForm;
use kernel\modules\secure\services\SecureService;
use kernel\modules\user\models\User;
use kernel\modules\user\service\UserService;
use kernel\Request;
use PHPMailer\PHPMailer\Exception;
use Random\RandomException;

class SecureController extends AdminController
{
    protected UserService $userService;

    protected function init(): void
    {
        parent::init();
        $this->cgView->viewPath = KERNEL_MODULES_DIR. "/secure/views/";
        $this->cgView->layout = "/login.php";
        $this->userService = new UserService();
    }

    public function actionLogin(): void
    {
        $this->cgView->render(match (App::$secure['web_auth_type']) {
            "login_password" => "login.php",
            "email_code" => "email_login.php",
        });

//        $this->cgView->render('login.php');
    }

    #[NoReturn] public function actionAuth(): void
    {
        $loginForm = new LoginForm();
        $loginForm->load($_REQUEST);

        if(filter_var($loginForm->getItem("username"), FILTER_VALIDATE_EMAIL)) {
            $field = "email";
        }
        else {
            $field = "username";
        }

        $user = $this->userService->getByField($field, $loginForm->getItem("username"));
        if (!$user){
            Flash::setMessage("error", "User not found.");
            $this->redirect("/admin/login", code: 302);
        }

        if (password_verify($loginForm->getItem("password"), $user->password_hash)) {
            setcookie('user_id', $user->id, time()+60*60*24, '/', $_SERVER['SERVER_NAME'], false);
            $this->redirect("/admin", code: 302);
        } else {
            Flash::setMessage("error", "Username or password incorrect.");
            $this->redirect("/admin/login", code: 302);
        }
    }

    /**
     * @throws RandomException
     * @throws Exception
     */
    public function actionEmailAuth(): void
    {
        $mailing = new Mailing();

        $loginForm = new LoginEmailForm();
        $loginForm->load($_REQUEST);

        $email = $loginForm->getItem("email");
        $user = $this->userService->getByField('email', $email);

        if (!$user){
            $password = bin2hex(random_bytes(8));

            UserService::createUserByEmailAndPassword($email, $password);
            $user = $this->userService->getByField('email', $email);

            SecureService::createSecretCode($user);
            $secretCode = SecureService::getByField("user_id", $user->id);


            $mailing->send_html("register_by_code.php", ['code' => $secretCode->code, 'password' => $password], [
                'address' => $email,
                'subject' => "Код регистрации",
                "from_name" => $_ENV['APP_NAME']
            ]);
        } else {
            SecureService::updateSecretCode($user);
            $secretCode = SecureService::getByField("user_id", $user->id);
            $mailing->send_html("login_by_code.php", ['code' => $secretCode->code], [
                'address' => $email,
                'subject' => "Код авторизации",
                "from_name" => $_ENV['APP_NAME']
            ]);
        }

        setcookie('user_email', $email, time()+60*15, '/', $_SERVER['SERVER_NAME'], false);
        $this->cgView->render("enter_code.php", ['email' => $email]);
    }

    /**
     * @throws Exception
     */
    public function actionCodeCheck(): void
    {
        $request = new Request();

        if (isset($_COOKIE['user_email'])) {
            $user = User::where('email', $_COOKIE["user_email"])->first();
            if (!$user) {
                throw new exception("User not found.");
            }
            $code = $request->post("code");
            $secretCode = SecureService::getByField("user_id", $user->id);
            if ($secretCode->code == $code && time() <= strtotime($secretCode->code_expires_at)) {
                setcookie('user_id', $user->id, time() + 60 * 60 * 24, '/', $_SERVER['SERVER_NAME'], false);
                $this->redirect("/admin", code: 302);
            } else {
                Flash::setMessage("error", "Wrong code.");
                $this->cgView->render("enter_code.php", ['email' => $_COOKIE["user_email"]]);
            }

        }
    }

    #[NoReturn] public function actionLogout(): void
    {
        unset($_COOKIE['user_id']);
        setcookie('user_id', "", -1, '/', ".".$_SERVER['SERVER_NAME'], false);
        setcookie('user_email', "", -1, '/', ".".$_SERVER['SERVER_NAME'], false);
        $this->redirect("/", code: 302);
    }

    public function actionRegister(): void
    {
        $this->cgView->render('register.php');
    }

    public function actionRegistration(): void
    {
        $regForm = new RegisterForm();
        $regForm->load($_REQUEST);

        if ($this->userService->getByField('username', $regForm->getItem("username"))) {
            Flash::setMessage("error", "Username already exists.");
            $this->redirect("/admin/register", code: 302);
        }

        if ($this->userService->getByField('email', $regForm->getItem("email"))) {
            Flash::setMessage("error", "Email already exists.");
            $this->redirect("/admin/register", code: 302);
        }

        $user = $this->userService->create($regForm);
        if ($user){
            setcookie('user_id', $user->id, time()+60*60*24, '/', $_SERVER['SERVER_NAME'], false);
            $this->redirect("/admin", code: 302);
        }
    }

}