auth email api

This commit is contained in:
Билай Станислав 2024-12-09 14:45:44 +03:00
parent 62ed358a4b
commit cfbcb3609f
6 changed files with 76 additions and 0 deletions

View File

@ -135,6 +135,13 @@ class ModuleShopClientController extends AdminController
'subject' => "Код авторизации",
"from_name" => $_ENV['APP_NAME']
]);
$this->cgView->render('enter_code.php', ['email' => $address]);
}
public function actionCodeCheck(): void
{
Debug::dd(123);
}
}

View File

@ -16,6 +16,7 @@ App::$collector->group(["prefix" => "admin"], function (RouteCollector $router){
App::$collector->get('/delete', [\kernel\modules\module_shop_client\controllers\ModuleShopClientController::class, 'actionDelete']);
App::$collector->get('/update', [\kernel\modules\module_shop_client\controllers\ModuleShopClientController::class, 'actionUpdate']);
App::$collector->post('/auth', [\kernel\modules\module_shop_client\controllers\ModuleShopClientController::class, 'actionAuth']);
App::$collector->post('/code_check', [\kernel\modules\module_shop_client\controllers\ModuleShopClientController::class, 'actionCodeCheck']);
});
});
});

View File

@ -0,0 +1,36 @@
<?php
/**
* @var $email
*/
use itguild\forms\ActiveForm;
\kernel\widgets\ModuleTabsWidget::create()->run();
echo \kernel\helpers\Html::h(2, "Введите код подтверждения отправленный на почту \"$email\"");
$form = new ActiveForm();
$form->beginForm("/admin/module_shop_client/code_check/");
$form->field(\itguild\forms\inputs\TextInput::class, 'code', [
'class' => "form-control",
'placeholder' => 'Код',
])
->setLabel("Код")
->render();
?>
<div class="row">
<div class="col-sm-2">
<?php
$form->field(\itguild\forms\inputs\Button::class, name: "btn-submit", params: [
'class' => "btn btn-primary ",
'value' => 'Отправить',
'typeInput' => 'submit'
])
->render();
?>
</div>
</div>
<?php
$form->endForm();

View File

@ -92,6 +92,36 @@ class SecureRestController extends RestController
"from_name" => $_ENV['APP_NAME']
]);
}
$res = [
"code" => $secretCode->code,
"code_expires_at" => $secretCode->code_expires_at,
];
setcookie('user_email', $data['email'], time()+60*15, '/', $_SERVER['SERVER_NAME'], false);
$this->renderApi($res);
}
/**
* @throws Exception
*/
public function actionCodeCheck(): void
{
$request = new Request();
if (isset($_COOKIE['user_email'])) {
$user = User::where('email', $_COOKIE["user_email"])->first();
if (!$user) {
throw new exception("User not found.");
}
$code = $request->post("code");
$secretCode = SecureService::getByField("user_id", $user->id);
if ($secretCode->code == $code && time() <= strtotime($secretCode->code_expires_at)) {
setcookie('user_id', $user->id, time() + 60 * 60 * 24, '/', $_SERVER['SERVER_NAME'], false);
} else {
throw new exception("incorrect code");
}
}
}
}

View File

@ -24,6 +24,7 @@ App::$collector->group(["prefix" => "api"], function (CgRouteCollector $router){
App::$collector->group(["prefix" => "secure"], function (CgRouteCollector $router) {
App::$collector->post('/auth', [\kernel\modules\secure\controllers\SecureRestController::class, 'actionAuth']);
App::$collector->post('/email_auth', [\kernel\modules\secure\controllers\SecureRestController::class, 'actionEmailAuth']);
App::$collector->post('/code_check', [\kernel\modules\secure\controllers\SecureRestController::class, 'actionCodeCheck']);
});
});

View File

@ -24,6 +24,7 @@ class SecureService
{
$secretCode = SecretCode::where('user_id', $user->id)->first();
$secretCode->code = mt_rand(100000, 999999);
$secretCode->code_expires_at = date("Y-m-d H:i:s", strtotime("+5 minutes"));;
$secretCode->save();
}