email login
This commit is contained in:
parent
1b486eb788
commit
8df13569e2
@ -1,7 +1,7 @@
|
|||||||
<?php
|
<?php
|
||||||
|
|
||||||
$secure_config = [
|
$secure_config = [
|
||||||
'web_auth_type' => 'login_password', // login_password, email_code
|
'web_auth_type' => 'email_code', // login_password, email_code
|
||||||
'token_type' => 'JWT', // random_bytes, md5, crypt, hash, JWT
|
'token_type' => 'JWT', // random_bytes, md5, crypt, hash, JWT
|
||||||
'token_expired_time' => "+30 days", // +1 day
|
'token_expired_time' => "+30 days", // +1 day
|
||||||
];
|
];
|
||||||
|
@ -4,7 +4,7 @@ use itguild\forms\ActiveForm;
|
|||||||
|
|
||||||
\kernel\widgets\ModuleTabsWidget::create()->run();
|
\kernel\widgets\ModuleTabsWidget::create()->run();
|
||||||
|
|
||||||
echo \kernel\helpers\Html::h(2, "Форма авторизации");
|
echo \kernel\helpers\Html::h(2, "Форма авторизации/регистрации");
|
||||||
|
|
||||||
$form = new ActiveForm();
|
$form = new ActiveForm();
|
||||||
$form->beginForm("/admin/module_shop_client/auth/");
|
$form->beginForm("/admin/module_shop_client/auth/");
|
||||||
|
@ -4,11 +4,18 @@ namespace kernel\modules\secure\controllers;
|
|||||||
|
|
||||||
use JetBrains\PhpStorm\NoReturn;
|
use JetBrains\PhpStorm\NoReturn;
|
||||||
use kernel\AdminController;
|
use kernel\AdminController;
|
||||||
|
use kernel\App;
|
||||||
use kernel\Flash;
|
use kernel\Flash;
|
||||||
use kernel\helpers\Debug;
|
use kernel\helpers\Debug;
|
||||||
|
use kernel\Mailing;
|
||||||
|
use kernel\modules\secure\models\forms\LoginEmailForm;
|
||||||
use kernel\modules\secure\models\forms\LoginForm;
|
use kernel\modules\secure\models\forms\LoginForm;
|
||||||
use kernel\modules\secure\models\forms\RegisterForm;
|
use kernel\modules\secure\models\forms\RegisterForm;
|
||||||
|
use kernel\modules\user\models\User;
|
||||||
use kernel\modules\user\service\UserService;
|
use kernel\modules\user\service\UserService;
|
||||||
|
use kernel\Request;
|
||||||
|
use PHPMailer\PHPMailer\Exception;
|
||||||
|
use Random\RandomException;
|
||||||
|
|
||||||
class SecureController extends AdminController
|
class SecureController extends AdminController
|
||||||
{
|
{
|
||||||
@ -24,7 +31,12 @@ class SecureController extends AdminController
|
|||||||
|
|
||||||
public function actionLogin(): void
|
public function actionLogin(): void
|
||||||
{
|
{
|
||||||
$this->cgView->render('login.php');
|
$this->cgView->render(match (App::$secure['web_auth_type']) {
|
||||||
|
"login_password" => "login.php",
|
||||||
|
"email_code" => "email_login.php",
|
||||||
|
});
|
||||||
|
|
||||||
|
// $this->cgView->render('login.php');
|
||||||
}
|
}
|
||||||
|
|
||||||
#[NoReturn] public function actionAuth(): void
|
#[NoReturn] public function actionAuth(): void
|
||||||
@ -54,14 +66,78 @@ class SecureController extends AdminController
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @throws RandomException
|
||||||
|
* @throws Exception
|
||||||
|
*/
|
||||||
|
public function actionEmailAuth(): void
|
||||||
|
{
|
||||||
|
$loginForm = new LoginEmailForm();
|
||||||
|
$loginForm->load($_REQUEST);
|
||||||
|
$email = $loginForm->getItem("email");
|
||||||
|
|
||||||
|
$user = $this->userService->getByField('email', $email);
|
||||||
|
if (!$user){
|
||||||
|
$newUser = new User();
|
||||||
|
$code = mt_rand(100000, 999999);
|
||||||
|
$newUser->email = $email;
|
||||||
|
$newUser->username = substr($email, 0, strpos($email, "@"));
|
||||||
|
$newUser->password_hash = password_hash(md5(microtime() . bin2hex(random_bytes(10)) . time()), PASSWORD_DEFAULT);
|
||||||
|
$newUser->auth_code = $code;
|
||||||
|
$newUser->auth_code_expires_at = date("Y-m-d H:i:s", strtotime("+5 minutes"));
|
||||||
|
$newUser->save();
|
||||||
|
} else {
|
||||||
|
$code = mt_rand(100000, 999999);
|
||||||
|
$user->auth_code = $code;
|
||||||
|
$user->auth_code_expires_at = date("Y-m-d H:i:s", strtotime("+5 minutes"));
|
||||||
|
$user->save();
|
||||||
|
}
|
||||||
|
|
||||||
|
$mailing = new Mailing();
|
||||||
|
$mailing->send_html("login_by_code.php", ['code' => $code], [
|
||||||
|
'address' => $email,
|
||||||
|
'subject' => "Код авторизации",
|
||||||
|
"from_name" => $_ENV['APP_NAME']
|
||||||
|
]);
|
||||||
|
|
||||||
|
setcookie('user_email', $email, time()+60*15, '/', $_SERVER['SERVER_NAME'], false);
|
||||||
|
|
||||||
|
$this->cgView->render("enter_code.php", ['email' => $email]);
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @throws Exception
|
||||||
|
*/
|
||||||
|
public function actionCodeCheck(): void
|
||||||
|
{
|
||||||
|
$request = new Request();
|
||||||
|
|
||||||
|
if (isset($_COOKIE['user_email'])) {
|
||||||
|
$user = User::where('email', $_COOKIE["user_email"])->first();
|
||||||
|
if (!$user) {
|
||||||
|
throw new exception("User not found.");
|
||||||
|
}
|
||||||
|
$code = $request->post("code");
|
||||||
|
if ($user->auth_code == $code && time() <= strtotime($user->auth_code_expires_at)) {
|
||||||
|
setcookie('user_id', $user->id, time() + 60 * 60 * 24, '/', $_SERVER['SERVER_NAME'], false);
|
||||||
|
$this->redirect("/admin", code: 302);
|
||||||
|
} else {
|
||||||
|
Flash::setMessage("error", "Wrong code.");
|
||||||
|
$this->redirect("/admin/login", code: 302);
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
#[NoReturn] public function actionLogout(): void
|
#[NoReturn] public function actionLogout(): void
|
||||||
{
|
{
|
||||||
unset($_COOKIE['user_id']);
|
unset($_COOKIE['user_id']);
|
||||||
setcookie('user_id', "", -1, '/', ".".$_SERVER['SERVER_NAME'], false);
|
setcookie('user_id', "", -1, '/', ".".$_SERVER['SERVER_NAME'], false);
|
||||||
|
setcookie('user_email', "", -1, '/', ".".$_SERVER['SERVER_NAME'], false);
|
||||||
$this->redirect("/", code: 302);
|
$this->redirect("/", code: 302);
|
||||||
}
|
}
|
||||||
|
|
||||||
public function actionRegister()
|
public function actionRegister(): void
|
||||||
{
|
{
|
||||||
$this->cgView->render('register.php');
|
$this->cgView->render('register.php');
|
||||||
}
|
}
|
||||||
|
17
kernel/modules/secure/models/forms/LoginEmailForm.php
Normal file
17
kernel/modules/secure/models/forms/LoginEmailForm.php
Normal file
@ -0,0 +1,17 @@
|
|||||||
|
<?php
|
||||||
|
|
||||||
|
namespace kernel\modules\secure\models\forms;
|
||||||
|
|
||||||
|
use kernel\FormModel;
|
||||||
|
|
||||||
|
class LoginEmailForm extends FormModel
|
||||||
|
{
|
||||||
|
|
||||||
|
public function rules(): array
|
||||||
|
{
|
||||||
|
return [
|
||||||
|
'email' => 'required|string|email|max255',
|
||||||
|
];
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
@ -14,8 +14,10 @@ App::$collector->group(["prefix" => "admin"], function (RouteCollector $router){
|
|||||||
App::$collector->get('/login', [\kernel\modules\secure\controllers\SecureController::class, 'actionLogin']);
|
App::$collector->get('/login', [\kernel\modules\secure\controllers\SecureController::class, 'actionLogin']);
|
||||||
App::$collector->get('/logout', [\kernel\modules\secure\controllers\SecureController::class, 'actionLogout']);
|
App::$collector->get('/logout', [\kernel\modules\secure\controllers\SecureController::class, 'actionLogout']);
|
||||||
App::$collector->post('/auth', [\kernel\modules\secure\controllers\SecureController::class, 'actionAuth']);
|
App::$collector->post('/auth', [\kernel\modules\secure\controllers\SecureController::class, 'actionAuth']);
|
||||||
|
App::$collector->post('/email_auth', [\kernel\modules\secure\controllers\SecureController::class, 'actionEmailAuth']);
|
||||||
App::$collector->get('/register', [\kernel\modules\secure\controllers\SecureController::class, 'actionRegister']);
|
App::$collector->get('/register', [\kernel\modules\secure\controllers\SecureController::class, 'actionRegister']);
|
||||||
App::$collector->post('/registration', [\kernel\modules\secure\controllers\SecureController::class, 'actionRegistration']);
|
App::$collector->post('/registration', [\kernel\modules\secure\controllers\SecureController::class, 'actionRegistration']);
|
||||||
|
App::$collector->post('/code_check', [\kernel\modules\secure\controllers\SecureController::class, 'actionCodeCheck']);
|
||||||
});
|
});
|
||||||
|
|
||||||
App::$collector->group(["prefix" => "api"], function (CgRouteCollector $router){
|
App::$collector->group(["prefix" => "api"], function (CgRouteCollector $router){
|
||||||
|
48
kernel/modules/secure/views/email_login.php
Normal file
48
kernel/modules/secure/views/email_login.php
Normal file
@ -0,0 +1,48 @@
|
|||||||
|
<!-- Section: Design Block -->
|
||||||
|
<section class=" text-center text-lg-start">
|
||||||
|
<style>
|
||||||
|
.rounded-t-5 {
|
||||||
|
border-top-left-radius: 0.5rem;
|
||||||
|
border-top-right-radius: 0.5rem;
|
||||||
|
}
|
||||||
|
|
||||||
|
@media (min-width: 992px) {
|
||||||
|
.rounded-tr-lg-0 {
|
||||||
|
border-top-right-radius: 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
.rounded-bl-lg-5 {
|
||||||
|
border-bottom-left-radius: 0.5rem;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
</style>
|
||||||
|
<div class="card mb-3">
|
||||||
|
<div class="row g-0 d-flex align-items-center">
|
||||||
|
<div class="col-lg-4 d-none d-lg-flex">
|
||||||
|
<img src="https://mdbootstrap.com/img/new/ecommerce/vertical/004.jpg" alt="Trendy Pants and Shoes"
|
||||||
|
class="w-100 rounded-t-5 rounded-tr-lg-0 rounded-bl-lg-5" />
|
||||||
|
</div>
|
||||||
|
<div class="col-lg-8">
|
||||||
|
<div class="card-body py-5 px-md-5">
|
||||||
|
<div class="row md-4 text-md-center">
|
||||||
|
<h1>Форма авторизации/регистрации</h1>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
<form action="/admin/email_auth" method="post">
|
||||||
|
<!-- Email input -->
|
||||||
|
<div data-mdb-input-init class="form-outline mb-4">
|
||||||
|
<input type="text" id="form2Example1" class="form-control" name="email" />
|
||||||
|
<label class="form-label" for="form2Example1">Email</label>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
<!-- Submit button -->
|
||||||
|
<button type="submit" data-mdb-button-init data-mdb-ripple-init class="btn btn-primary btn-block mb-4">Отправить</button>
|
||||||
|
|
||||||
|
</form>
|
||||||
|
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
</section>
|
||||||
|
<!-- Section: Design Block -->
|
60
kernel/modules/secure/views/enter_code.php
Normal file
60
kernel/modules/secure/views/enter_code.php
Normal file
@ -0,0 +1,60 @@
|
|||||||
|
<?php
|
||||||
|
/**
|
||||||
|
* @var string $email
|
||||||
|
*/
|
||||||
|
?>
|
||||||
|
|
||||||
|
<!-- Section: Design Block -->
|
||||||
|
<section class=" text-center text-lg-start">
|
||||||
|
<style>
|
||||||
|
.rounded-t-5 {
|
||||||
|
border-top-left-radius: 0.5rem;
|
||||||
|
border-top-right-radius: 0.5rem;
|
||||||
|
}
|
||||||
|
|
||||||
|
@media (min-width: 992px) {
|
||||||
|
.rounded-tr-lg-0 {
|
||||||
|
border-top-right-radius: 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
.rounded-bl-lg-5 {
|
||||||
|
border-bottom-left-radius: 0.5rem;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
</style>
|
||||||
|
<div class="card mb-3">
|
||||||
|
<div class="row g-0 d-flex align-items-center">
|
||||||
|
<div class="col-lg-4 d-none d-lg-flex">
|
||||||
|
<img src="https://mdbootstrap.com/img/new/ecommerce/vertical/004.jpg" alt="Trendy Pants and Shoes"
|
||||||
|
class="w-100 rounded-t-5 rounded-tr-lg-0 rounded-bl-lg-5" />
|
||||||
|
</div>
|
||||||
|
<div class="col-lg-8">
|
||||||
|
<div class="card-body py-5 px-md-5">
|
||||||
|
<div class="row md-4 text-md-center">
|
||||||
|
<h1>Введите код, отправленный на почту "<?php echo $email ?>"</h1>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
<form action="/admin/code_check" method="post">
|
||||||
|
<!-- Email input -->
|
||||||
|
<div data-mdb-input-init class="form-outline mb-4">
|
||||||
|
<input type="text" id="form2Example1" class="form-control" name="code" />
|
||||||
|
<label class="form-label" for="form2Example1">Код подтверждения</label>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
<div class="row-md-4">
|
||||||
|
<div class="col">
|
||||||
|
<button type="submit" data-mdb-button-init data-mdb-ripple-init class="btn btn-primary btn-block mb-4">Подтвердить</button>
|
||||||
|
</div>
|
||||||
|
<div class="col">
|
||||||
|
<br>
|
||||||
|
<a href="/admin/login/"> <h5>Отправить код еще раз</h5></a>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
</form>
|
||||||
|
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
</section>
|
||||||
|
<!-- Section: Design Block -->
|
@ -19,6 +19,8 @@ return new class extends Migration
|
|||||||
$table->string('email', 255);
|
$table->string('email', 255);
|
||||||
$table->string('password_hash', 255);
|
$table->string('password_hash', 255);
|
||||||
$table->integer('role')->default(1);
|
$table->integer('role')->default(1);
|
||||||
|
$table->integer('auth_code')->default(1);
|
||||||
|
$table->dateTime('auth_code_expires_at')->nullable(true);
|
||||||
$table->string('access_token', 255)->nullable(true);
|
$table->string('access_token', 255)->nullable(true);
|
||||||
$table->dateTime('access_token_expires_at')->nullable(true);
|
$table->dateTime('access_token_expires_at')->nullable(true);
|
||||||
$table->timestamps();
|
$table->timestamps();
|
||||||
|
@ -7,6 +7,8 @@ use Illuminate\Database\Eloquent\Model;
|
|||||||
* @property string $username
|
* @property string $username
|
||||||
* @property string $email
|
* @property string $email
|
||||||
* @property string $password_hash
|
* @property string $password_hash
|
||||||
|
* @property int $auth_code
|
||||||
|
* @property string $auth_code_expires_at
|
||||||
* @property string $access_token
|
* @property string $access_token
|
||||||
* @property string $access_token_expires_at
|
* @property string $access_token_expires_at
|
||||||
* @method static find($id)
|
* @method static find($id)
|
||||||
@ -17,7 +19,7 @@ class User extends Model {
|
|||||||
const ADMIN_USER_ROLE = 9;
|
const ADMIN_USER_ROLE = 9;
|
||||||
|
|
||||||
protected $table = 'user';
|
protected $table = 'user';
|
||||||
protected $fillable = ['username', 'email', 'password_hash', 'role', 'access_token', 'access_token_expires_at'];
|
protected $fillable = ['username', 'email', 'password_hash', 'role', 'auth_code', 'auth_code_expires_at', 'access_token', 'access_token_expires_at'];
|
||||||
protected array $dates = ['deleted at'];
|
protected array $dates = ['deleted at'];
|
||||||
|
|
||||||
public static function labels(): array
|
public static function labels(): array
|
||||||
|
Loading…
Reference in New Issue
Block a user