email login
This commit is contained in:
@ -4,11 +4,18 @@ namespace kernel\modules\secure\controllers;
|
||||
|
||||
use JetBrains\PhpStorm\NoReturn;
|
||||
use kernel\AdminController;
|
||||
use kernel\App;
|
||||
use kernel\Flash;
|
||||
use kernel\helpers\Debug;
|
||||
use kernel\Mailing;
|
||||
use kernel\modules\secure\models\forms\LoginEmailForm;
|
||||
use kernel\modules\secure\models\forms\LoginForm;
|
||||
use kernel\modules\secure\models\forms\RegisterForm;
|
||||
use kernel\modules\user\models\User;
|
||||
use kernel\modules\user\service\UserService;
|
||||
use kernel\Request;
|
||||
use PHPMailer\PHPMailer\Exception;
|
||||
use Random\RandomException;
|
||||
|
||||
class SecureController extends AdminController
|
||||
{
|
||||
@ -24,7 +31,12 @@ class SecureController extends AdminController
|
||||
|
||||
public function actionLogin(): void
|
||||
{
|
||||
$this->cgView->render('login.php');
|
||||
$this->cgView->render(match (App::$secure['web_auth_type']) {
|
||||
"login_password" => "login.php",
|
||||
"email_code" => "email_login.php",
|
||||
});
|
||||
|
||||
// $this->cgView->render('login.php');
|
||||
}
|
||||
|
||||
#[NoReturn] public function actionAuth(): void
|
||||
@ -54,14 +66,78 @@ class SecureController extends AdminController
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* @throws RandomException
|
||||
* @throws Exception
|
||||
*/
|
||||
public function actionEmailAuth(): void
|
||||
{
|
||||
$loginForm = new LoginEmailForm();
|
||||
$loginForm->load($_REQUEST);
|
||||
$email = $loginForm->getItem("email");
|
||||
|
||||
$user = $this->userService->getByField('email', $email);
|
||||
if (!$user){
|
||||
$newUser = new User();
|
||||
$code = mt_rand(100000, 999999);
|
||||
$newUser->email = $email;
|
||||
$newUser->username = substr($email, 0, strpos($email, "@"));
|
||||
$newUser->password_hash = password_hash(md5(microtime() . bin2hex(random_bytes(10)) . time()), PASSWORD_DEFAULT);
|
||||
$newUser->auth_code = $code;
|
||||
$newUser->auth_code_expires_at = date("Y-m-d H:i:s", strtotime("+5 minutes"));
|
||||
$newUser->save();
|
||||
} else {
|
||||
$code = mt_rand(100000, 999999);
|
||||
$user->auth_code = $code;
|
||||
$user->auth_code_expires_at = date("Y-m-d H:i:s", strtotime("+5 minutes"));
|
||||
$user->save();
|
||||
}
|
||||
|
||||
$mailing = new Mailing();
|
||||
$mailing->send_html("login_by_code.php", ['code' => $code], [
|
||||
'address' => $email,
|
||||
'subject' => "Код авторизации",
|
||||
"from_name" => $_ENV['APP_NAME']
|
||||
]);
|
||||
|
||||
setcookie('user_email', $email, time()+60*15, '/', $_SERVER['SERVER_NAME'], false);
|
||||
|
||||
$this->cgView->render("enter_code.php", ['email' => $email]);
|
||||
}
|
||||
|
||||
/**
|
||||
* @throws Exception
|
||||
*/
|
||||
public function actionCodeCheck(): void
|
||||
{
|
||||
$request = new Request();
|
||||
|
||||
if (isset($_COOKIE['user_email'])) {
|
||||
$user = User::where('email', $_COOKIE["user_email"])->first();
|
||||
if (!$user) {
|
||||
throw new exception("User not found.");
|
||||
}
|
||||
$code = $request->post("code");
|
||||
if ($user->auth_code == $code && time() <= strtotime($user->auth_code_expires_at)) {
|
||||
setcookie('user_id', $user->id, time() + 60 * 60 * 24, '/', $_SERVER['SERVER_NAME'], false);
|
||||
$this->redirect("/admin", code: 302);
|
||||
} else {
|
||||
Flash::setMessage("error", "Wrong code.");
|
||||
$this->redirect("/admin/login", code: 302);
|
||||
}
|
||||
|
||||
}
|
||||
}
|
||||
|
||||
#[NoReturn] public function actionLogout(): void
|
||||
{
|
||||
unset($_COOKIE['user_id']);
|
||||
setcookie('user_id', "", -1, '/', ".".$_SERVER['SERVER_NAME'], false);
|
||||
setcookie('user_email', "", -1, '/', ".".$_SERVER['SERVER_NAME'], false);
|
||||
$this->redirect("/", code: 302);
|
||||
}
|
||||
|
||||
public function actionRegister()
|
||||
public function actionRegister(): void
|
||||
{
|
||||
$this->cgView->render('register.php');
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user