From bcce2625a8cb0b630d945c6849014049869e10ce Mon Sep 17 00:00:00 2001 From: Igor Scheller Date: Tue, 27 Nov 2018 12:01:36 +0100 Subject: Implemented AuthController for login * Moved /login functionality to AuthController * Refactored password handling logic to use the Authenticator --- includes/pages/admin_user.php | 2 +- includes/pages/guest_login.php | 119 +-------------------------------------- includes/pages/user_settings.php | 5 +- 3 files changed, 5 insertions(+), 121 deletions(-) (limited to 'includes/pages') diff --git a/includes/pages/admin_user.php b/includes/pages/admin_user.php index e6f94180..8482dea5 100644 --- a/includes/pages/admin_user.php +++ b/includes/pages/admin_user.php @@ -291,8 +291,8 @@ function admin_user() $request->postData('new_pw') != '' && $request->postData('new_pw') == $request->postData('new_pw2') ) { - set_password($user_id, $request->postData('new_pw')); $user_source = User::find($user_id); + auth()->setPassword($user_source, $request->postData('new_pw')); engelsystem_log('Set new password for ' . User_Nick_render($user_source, true)); $html .= success('Passwort neu gesetzt.', true); } else { diff --git a/includes/pages/guest_login.php b/includes/pages/guest_login.php index d152a092..3bc10fc3 100644 --- a/includes/pages/guest_login.php +++ b/includes/pages/guest_login.php @@ -8,14 +8,6 @@ use Engelsystem\Models\User\Settings; use Engelsystem\Models\User\State; use Engelsystem\Models\User\User; -/** - * @return string - */ -function login_title() -{ - return __('Login'); -} - /** * @return string */ @@ -226,7 +218,7 @@ function guest_register() // Assign user-group and set password DB::insert('INSERT INTO `UserGroups` (`uid`, `group_id`) VALUES (?, -20)', [$user->id]); - set_password($user->id, $request->postData('password')); + auth()->setPassword($user, $request->postData('password')); // Assign angel-types $user_angel_types_info = []; @@ -369,112 +361,3 @@ function entry_required() { return ''; } - -/** - * @return string - */ -function guest_login() -{ - $nick = ''; - $request = request(); - $session = session(); - $valid = true; - - $session->remove('uid'); - - if ($request->hasPostData('submit')) { - if ($request->has('nick') && !empty($request->input('nick'))) { - $nickValidation = User_validate_Nick($request->input('nick')); - $nick = $nickValidation->getValue(); - $login_user = User::whereName($nickValidation->getValue())->first(); - if ($login_user) { - if ($request->has('password')) { - if (!verify_password($request->postData('password'), $login_user->password, $login_user->id)) { - $valid = false; - error(__('Your password is incorrect. Please try it again.')); - } - } else { - $valid = false; - error(__('Please enter a password.')); - } - } else { - $valid = false; - error(__('No user was found with that Nickname. Please try again. If you are still having problems, ask a Dispatcher.')); - } - } else { - $valid = false; - error(__('Please enter a nickname.')); - } - - if ($valid && $login_user) { - $session->set('uid', $login_user->id); - $session->set('locale', $login_user->settings->language); - - redirect(page_link_to(config('home_site'))); - } - } - - return page([ - div('col-md-12', [ - div('row', [ - EventConfig_countdown_page() - ]), - div('row', [ - div('col-sm-6 col-sm-offset-3 col-md-4 col-md-offset-4', [ - div('panel panel-primary first', [ - div('panel-heading', [ - ' ' . __('Login') - ]), - div('panel-body', [ - msg(), - form([ - form_text_placeholder('nick', __('Nick'), $nick), - form_password_placeholder('password', __('Password')), - form_submit('submit', __('Login')), - !$valid ? buttons([ - button(page_link_to('user_password_recovery'), __('I forgot my password')) - ]) : '' - ]) - ]), - div('panel-footer', [ - glyph('info-sign') . __('Please note: You have to activate cookies!') - ]) - ]) - ]) - ]), - div('row', [ - div('col-sm-6 text-center', [ - heading(register_title(), 2), - get_register_hint() - ]), - div('col-sm-6 text-center', [ - heading(__('What can I do?'), 2), - '

' . __('Please read about the jobs you can do to help us.') . '

', - buttons([ - button( - page_link_to('angeltypes', ['action' => 'about']), - __('Teams/Job description') . ' »' - ) - ]) - ]) - ]) - ]) - ]); -} - -/** - * @return string - */ -function get_register_hint() -{ - if (auth()->can('register') && config('registration_enabled')) { - return join('', [ - '

' . __('Please sign up, if you want to help us!') . '

', - buttons([ - button(page_link_to('register'), register_title() . ' »') - ]) - ]); - } - - return error(__('Registration is disabled.'), true); -} diff --git a/includes/pages/user_settings.php b/includes/pages/user_settings.php index ae29e4d8..f6853191 100644 --- a/includes/pages/user_settings.php +++ b/includes/pages/user_settings.php @@ -101,9 +101,10 @@ function user_settings_main($user_source, $enable_tshirt_size, $tshirt_sizes) function user_settings_password($user_source) { $request = request(); + $auth = auth(); if ( !$request->has('password') - || !verify_password($request->postData('password'), $user_source->password, $user_source->id) + || !$auth->verifyPassword($user_source, $request->postData('password')) ) { error(__('-> not OK. Please try again.')); } elseif (strlen($request->postData('new_password')) < config('min_password_length')) { @@ -111,7 +112,7 @@ function user_settings_password($user_source) } elseif ($request->postData('new_password') != $request->postData('new_password2')) { error(__('Your passwords don\'t match.')); } else { - set_password($user_source->id, $request->postData('new_password')); + $auth->setPassword($user_source, $request->postData('new_password')); success(__('Password saved.')); } redirect(page_link_to('user_settings')); -- cgit v1.2.3-54-g00ecf