1 files changed, 83 insertions, 3 deletions

diff --git a/src/Controllers/AuthController.php b/src/Controllers/AuthController.php
index cdaee167..55dd56b0 100644
--- a/src/Controllers/AuthController.php
+++ b/src/Controllers/AuthController.php
@@ -2,8 +2,14 @@
 
 namespace Engelsystem\Controllers;
 
+use Carbon\Carbon;
+use Engelsystem\Helpers\Authenticator;
+use Engelsystem\Http\Request;
 use Engelsystem\Http\Response;
 use Engelsystem\Http\UrlGeneratorInterface;
+use Engelsystem\Models\User\User;
+use Illuminate\Support\Arr;
+use Illuminate\Support\Collection;
 use Symfony\Component\HttpFoundation\Session\SessionInterface;
 
 class AuthController extends BaseController
@@ -17,17 +23,91 @@ class AuthController extends BaseController
     /** @var UrlGeneratorInterface */
     protected $url;
 
-    public function __construct(Response $response, SessionInterface $session, UrlGeneratorInterface $url)
-    {
+    /** @var Authenticator */
+    protected $auth;
+
+    /** @var array */
+    protected $permissions = [
+        'login'     => 'login',
+        'postLogin' => 'login',
+    ];
+
+    /**
+     * @param Response              $response
+     * @param SessionInterface      $session
+     * @param UrlGeneratorInterface $url
+     * @param Authenticator         $auth
+     */
+    public function __construct(
+        Response $response,
+        SessionInterface $session,
+        UrlGeneratorInterface $url,
+        Authenticator $auth
+    ) {
         $this->response = $response;
         $this->session = $session;
         $this->url = $url;
+        $this->auth = $auth;
+    }
+
+    /**
+     * @return Response
+     */
+    public function login(): Response
+    {
+        return $this->showLogin();
+    }
+
+    /**
+     * @param bool $showRecovery
+     * @return Response
+     */
+    protected function showLogin($showRecovery = false): Response
+    {
+        $errors = Collection::make(Arr::flatten($this->session->get('errors', [])));
+        $this->session->remove('errors');
+
+        return $this->response->withView(
+            'pages/login',
+            ['errors' => $errors, 'show_password_recovery' => $showRecovery]
+        );
+    }
+
+    /**
+     * Posted login form
+     *
+     * @param Request $request
+     * @return Response
+     */
+    public function postLogin(Request $request): Response
+    {
+        $data = $this->validate($request, [
+            'login'    => 'required',
+            'password' => 'required',
+        ]);
+
+        $user = $this->auth->authenticate($data['login'], $data['password']);
+
+        if (!$user instanceof User) {
+            $this->session->set('errors', $this->session->get('errors', []) + ['auth.not-found']);
+
+            return $this->showLogin(true);
+        }
+
+        $this->session->invalidate();
+        $this->session->set('user_id', $user->id);
+        $this->session->set('locale', $user->settings->language);
+
+        $user->last_login_at = new Carbon();
+        $user->save(['touch' => false]);
+
+        return $this->response->redirectTo('news');
     }
 
     /**
      * @return Response
      */
-    public function logout()
+    public function logout(): Response
     {
         $this->session->invalidate();