1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
|
<?php
namespace Engelsystem\Controllers;
use Carbon\Carbon;
use Engelsystem\Helpers\Authenticator;
use Engelsystem\Http\Request;
use Engelsystem\Http\Response;
use Engelsystem\Http\UrlGeneratorInterface;
use Engelsystem\Models\User\User;
use Symfony\Component\HttpFoundation\Session\SessionInterface;
class AuthController extends BaseController
{
/** @var Response */
protected $response;
/** @var SessionInterface */
protected $session;
/** @var UrlGeneratorInterface */
protected $url;
/** @var Authenticator */
protected $auth;
/** @var array */
protected $permissions = [
'login' => 'login',
'postLogin' => 'login',
];
/**
* @param Response $response
* @param SessionInterface $session
* @param UrlGeneratorInterface $url
* @param Authenticator $auth
*/
public function __construct(
Response $response,
SessionInterface $session,
UrlGeneratorInterface $url,
Authenticator $auth
) {
$this->response = $response;
$this->session = $session;
$this->url = $url;
$this->auth = $auth;
}
/**
* @return Response
*/
public function login()
{
return $this->response->withView('pages/login');
}
/**
* Posted login form
*
* @param Request $request
* @return Response
*/
public function postLogin(Request $request): Response
{
$return = $this->authenticateUser($request->get('login', ''), $request->get('password', ''));
if (!$return instanceof User) {
return $this->response->withView(
'pages/login',
['errors' => [$return], 'show_password_recovery' => true]
);
}
$user = $return;
$this->session->invalidate();
$this->session->set('user_id', $user->id);
$this->session->set('locale', $user->settings->language);
$user->last_login_at = new Carbon();
$user->save(['touch' => false]);
return $this->response->redirectTo('news');
}
/**
* @return Response
*/
public function logout(): Response
{
$this->session->invalidate();
return $this->response->redirectTo($this->url->to('/'));
}
/**
* Verify the user and password
*
* @param $login
* @param $password
* @return User|string
*/
protected function authenticateUser(string $login, string $password)
{
if (!$login) {
return 'auth.no-nickname';
}
if (!$password) {
return 'auth.no-password';
}
if (!$user = $this->auth->authenticate($login, $password)) {
return 'auth.not-found';
}
return $user;
}
}
|