diff --git a/kernel/modules/module_shop_client/controllers/ModuleShopClientController.php b/kernel/modules/module_shop_client/controllers/ModuleShopClientController.php index c1a12e9..ac2eb11 100644 --- a/kernel/modules/module_shop_client/controllers/ModuleShopClientController.php +++ b/kernel/modules/module_shop_client/controllers/ModuleShopClientController.php @@ -135,6 +135,13 @@ class ModuleShopClientController extends AdminController 'subject' => "Код авторизации", "from_name" => $_ENV['APP_NAME'] ]); + + $this->cgView->render('enter_code.php', ['email' => $address]); + } + + public function actionCodeCheck(): void + { + Debug::dd(123); } } \ No newline at end of file diff --git a/kernel/modules/module_shop_client/routs/module_shop_client.php b/kernel/modules/module_shop_client/routs/module_shop_client.php index 0ef17e8..5004486 100644 --- a/kernel/modules/module_shop_client/routs/module_shop_client.php +++ b/kernel/modules/module_shop_client/routs/module_shop_client.php @@ -16,6 +16,7 @@ App::$collector->group(["prefix" => "admin"], function (RouteCollector $router){ App::$collector->get('/delete', [\kernel\modules\module_shop_client\controllers\ModuleShopClientController::class, 'actionDelete']); App::$collector->get('/update', [\kernel\modules\module_shop_client\controllers\ModuleShopClientController::class, 'actionUpdate']); App::$collector->post('/auth', [\kernel\modules\module_shop_client\controllers\ModuleShopClientController::class, 'actionAuth']); + App::$collector->post('/code_check', [\kernel\modules\module_shop_client\controllers\ModuleShopClientController::class, 'actionCodeCheck']); }); }); }); \ No newline at end of file diff --git a/kernel/modules/module_shop_client/views/enter_code.php b/kernel/modules/module_shop_client/views/enter_code.php new file mode 100644 index 0000000..7befe28 --- /dev/null +++ b/kernel/modules/module_shop_client/views/enter_code.php @@ -0,0 +1,36 @@ +run(); + +echo \kernel\helpers\Html::h(2, "Введите код подтверждения отправленный на почту \"$email\""); + +$form = new ActiveForm(); +$form->beginForm("/admin/module_shop_client/code_check/"); + +$form->field(\itguild\forms\inputs\TextInput::class, 'code', [ + 'class' => "form-control", + 'placeholder' => 'Код', +]) + ->setLabel("Код") + ->render(); +?> + +
+
+ field(\itguild\forms\inputs\Button::class, name: "btn-submit", params: [ + 'class' => "btn btn-primary ", + 'value' => 'Отправить', + 'typeInput' => 'submit' + ]) + ->render(); + ?> +
+ +
+endForm(); \ No newline at end of file diff --git a/kernel/modules/secure/controllers/SecureRestController.php b/kernel/modules/secure/controllers/SecureRestController.php index 7b59a36..a78c259 100644 --- a/kernel/modules/secure/controllers/SecureRestController.php +++ b/kernel/modules/secure/controllers/SecureRestController.php @@ -92,6 +92,36 @@ class SecureRestController extends RestController "from_name" => $_ENV['APP_NAME'] ]); } + + $res = [ + "code" => $secretCode->code, + "code_expires_at" => $secretCode->code_expires_at, + ]; + + setcookie('user_email', $data['email'], time()+60*15, '/', $_SERVER['SERVER_NAME'], false); + $this->renderApi($res); + } + + /** + * @throws Exception + */ + public function actionCodeCheck(): void + { + $request = new Request(); + + if (isset($_COOKIE['user_email'])) { + $user = User::where('email', $_COOKIE["user_email"])->first(); + if (!$user) { + throw new exception("User not found."); + } + $code = $request->post("code"); + $secretCode = SecureService::getByField("user_id", $user->id); + if ($secretCode->code == $code && time() <= strtotime($secretCode->code_expires_at)) { + setcookie('user_id', $user->id, time() + 60 * 60 * 24, '/', $_SERVER['SERVER_NAME'], false); + } else { + throw new exception("incorrect code"); + } + } } } diff --git a/kernel/modules/secure/routs/secure.php b/kernel/modules/secure/routs/secure.php index 95c22d5..be041d8 100644 --- a/kernel/modules/secure/routs/secure.php +++ b/kernel/modules/secure/routs/secure.php @@ -24,6 +24,7 @@ App::$collector->group(["prefix" => "api"], function (CgRouteCollector $router){ App::$collector->group(["prefix" => "secure"], function (CgRouteCollector $router) { App::$collector->post('/auth', [\kernel\modules\secure\controllers\SecureRestController::class, 'actionAuth']); App::$collector->post('/email_auth', [\kernel\modules\secure\controllers\SecureRestController::class, 'actionEmailAuth']); + App::$collector->post('/code_check', [\kernel\modules\secure\controllers\SecureRestController::class, 'actionCodeCheck']); }); }); diff --git a/kernel/modules/secure/services/SecureService.php b/kernel/modules/secure/services/SecureService.php index 2f75b33..ca5e264 100644 --- a/kernel/modules/secure/services/SecureService.php +++ b/kernel/modules/secure/services/SecureService.php @@ -24,6 +24,7 @@ class SecureService { $secretCode = SecretCode::where('user_id', $user->id)->first(); $secretCode->code = mt_rand(100000, 999999); + $secretCode->code_expires_at = date("Y-m-d H:i:s", strtotime("+5 minutes"));; $secretCode->save(); }