auth email api
This commit is contained in:
parent
62ed358a4b
commit
cfbcb3609f
@ -135,6 +135,13 @@ class ModuleShopClientController extends AdminController
|
||||
'subject' => "Код авторизации",
|
||||
"from_name" => $_ENV['APP_NAME']
|
||||
]);
|
||||
|
||||
$this->cgView->render('enter_code.php', ['email' => $address]);
|
||||
}
|
||||
|
||||
public function actionCodeCheck(): void
|
||||
{
|
||||
Debug::dd(123);
|
||||
}
|
||||
|
||||
}
|
@ -16,6 +16,7 @@ App::$collector->group(["prefix" => "admin"], function (RouteCollector $router){
|
||||
App::$collector->get('/delete', [\kernel\modules\module_shop_client\controllers\ModuleShopClientController::class, 'actionDelete']);
|
||||
App::$collector->get('/update', [\kernel\modules\module_shop_client\controllers\ModuleShopClientController::class, 'actionUpdate']);
|
||||
App::$collector->post('/auth', [\kernel\modules\module_shop_client\controllers\ModuleShopClientController::class, 'actionAuth']);
|
||||
App::$collector->post('/code_check', [\kernel\modules\module_shop_client\controllers\ModuleShopClientController::class, 'actionCodeCheck']);
|
||||
});
|
||||
});
|
||||
});
|
36
kernel/modules/module_shop_client/views/enter_code.php
Normal file
36
kernel/modules/module_shop_client/views/enter_code.php
Normal file
@ -0,0 +1,36 @@
|
||||
<?php
|
||||
/**
|
||||
* @var $email
|
||||
*/
|
||||
use itguild\forms\ActiveForm;
|
||||
|
||||
\kernel\widgets\ModuleTabsWidget::create()->run();
|
||||
|
||||
echo \kernel\helpers\Html::h(2, "Введите код подтверждения отправленный на почту \"$email\"");
|
||||
|
||||
$form = new ActiveForm();
|
||||
$form->beginForm("/admin/module_shop_client/code_check/");
|
||||
|
||||
$form->field(\itguild\forms\inputs\TextInput::class, 'code', [
|
||||
'class' => "form-control",
|
||||
'placeholder' => 'Код',
|
||||
])
|
||||
->setLabel("Код")
|
||||
->render();
|
||||
?>
|
||||
|
||||
<div class="row">
|
||||
<div class="col-sm-2">
|
||||
<?php
|
||||
$form->field(\itguild\forms\inputs\Button::class, name: "btn-submit", params: [
|
||||
'class' => "btn btn-primary ",
|
||||
'value' => 'Отправить',
|
||||
'typeInput' => 'submit'
|
||||
])
|
||||
->render();
|
||||
?>
|
||||
</div>
|
||||
|
||||
</div>
|
||||
<?php
|
||||
$form->endForm();
|
@ -92,6 +92,36 @@ class SecureRestController extends RestController
|
||||
"from_name" => $_ENV['APP_NAME']
|
||||
]);
|
||||
}
|
||||
|
||||
$res = [
|
||||
"code" => $secretCode->code,
|
||||
"code_expires_at" => $secretCode->code_expires_at,
|
||||
];
|
||||
|
||||
setcookie('user_email', $data['email'], time()+60*15, '/', $_SERVER['SERVER_NAME'], false);
|
||||
$this->renderApi($res);
|
||||
}
|
||||
|
||||
/**
|
||||
* @throws Exception
|
||||
*/
|
||||
public function actionCodeCheck(): void
|
||||
{
|
||||
$request = new Request();
|
||||
|
||||
if (isset($_COOKIE['user_email'])) {
|
||||
$user = User::where('email', $_COOKIE["user_email"])->first();
|
||||
if (!$user) {
|
||||
throw new exception("User not found.");
|
||||
}
|
||||
$code = $request->post("code");
|
||||
$secretCode = SecureService::getByField("user_id", $user->id);
|
||||
if ($secretCode->code == $code && time() <= strtotime($secretCode->code_expires_at)) {
|
||||
setcookie('user_id', $user->id, time() + 60 * 60 * 24, '/', $_SERVER['SERVER_NAME'], false);
|
||||
} else {
|
||||
throw new exception("incorrect code");
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
|
@ -24,6 +24,7 @@ App::$collector->group(["prefix" => "api"], function (CgRouteCollector $router){
|
||||
App::$collector->group(["prefix" => "secure"], function (CgRouteCollector $router) {
|
||||
App::$collector->post('/auth', [\kernel\modules\secure\controllers\SecureRestController::class, 'actionAuth']);
|
||||
App::$collector->post('/email_auth', [\kernel\modules\secure\controllers\SecureRestController::class, 'actionEmailAuth']);
|
||||
App::$collector->post('/code_check', [\kernel\modules\secure\controllers\SecureRestController::class, 'actionCodeCheck']);
|
||||
});
|
||||
});
|
||||
|
||||
|
@ -24,6 +24,7 @@ class SecureService
|
||||
{
|
||||
$secretCode = SecretCode::where('user_id', $user->id)->first();
|
||||
$secretCode->code = mt_rand(100000, 999999);
|
||||
$secretCode->code_expires_at = date("Y-m-d H:i:s", strtotime("+5 minutes"));;
|
||||
$secretCode->save();
|
||||
}
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user