diff options
author | Igor Scheller <igor.scheller@igorshp.de> | 2019-07-09 22:02:07 +0200 |
---|---|---|
committer | Igor Scheller <igor.scheller@igorshp.de> | 2019-07-09 22:27:34 +0200 |
commit | 6d5ada252202bfb29eba884cf9567e969d798607 (patch) | |
tree | 41b67592977e1f5a70f643db6628464b420fd86d /src | |
parent | 7414f9b23dbcc66e5f0efda3d0cbfd79372ec780 (diff) |
Added validation to AuthController
Diffstat (limited to 'src')
-rw-r--r-- | src/Controllers/AuthController.php | 62 |
1 files changed, 29 insertions, 33 deletions
diff --git a/src/Controllers/AuthController.php b/src/Controllers/AuthController.php index e5fc40e3..a8cc1ace 100644 --- a/src/Controllers/AuthController.php +++ b/src/Controllers/AuthController.php @@ -8,6 +8,8 @@ use Engelsystem\Http\Request; use Engelsystem\Http\Response; use Engelsystem\Http\UrlGeneratorInterface; use Engelsystem\Models\User\User; +use Illuminate\Support\Arr; +use Illuminate\Support\Collection; use Symfony\Component\HttpFoundation\Session\SessionInterface; class AuthController extends BaseController @@ -53,7 +55,22 @@ class AuthController extends BaseController */ public function login() { - return $this->response->withView('pages/login'); + return $this->showLogin(); + } + + /** + * @param bool $showRecovery + * @return Response + */ + protected function showLogin($showRecovery = false) + { + $errors = Collection::make(Arr::flatten($this->session->get('errors', []))); + $this->session->remove('errors'); + + return $this->response->withView( + 'pages/login', + ['errors' => $errors, 'show_password_recovery' => $showRecovery] + ); } /** @@ -64,15 +81,18 @@ class AuthController extends BaseController */ public function postLogin(Request $request): Response { - $return = $this->authenticateUser($request->get('login', ''), $request->get('password', '')); - if (!$return instanceof User) { - return $this->response->withView( - 'pages/login', - ['errors' => [$return], 'show_password_recovery' => true] - ); - } + $data = $this->validate($request, [ + 'login' => 'required', + 'password' => 'required', + ]); + + $user = $this->auth->authenticate($data['login'], $data['password']); - $user = $return; + if (!$user instanceof User) { + $this->session->set('errors', $this->session->get('errors', []) + ['auth.not-found']); + + return $this->showLogin(true); + } $this->session->invalidate(); $this->session->set('user_id', $user->id); @@ -93,28 +113,4 @@ class AuthController extends BaseController return $this->response->redirectTo($this->url->to('/')); } - - /** - * Verify the user and password - * - * @param $login - * @param $password - * @return User|string - */ - protected function authenticateUser(string $login, string $password) - { - if (!$login) { - return 'auth.no-nickname'; - } - - if (!$password) { - return 'auth.no-password'; - } - - if (!$user = $this->auth->authenticate($login, $password)) { - return 'auth.not-found'; - } - - return $user; - } } |