grocy/controllers/LoginController.php

<?php

namespace Grocy\Controllers;

use \Grocy\Services\SessionService;
use \Grocy\Services\DatabaseMigrationService;
use \Grocy\Services\DemoDataGeneratorService;

class LoginController extends BaseController
{
	public function __construct(\Slim\Container $container, string $sessionCookieName)
	{
		parent::__construct($container);
		$this->SessionService = new SessionService();
		$this->SessionCookieName = $sessionCookieName;
	}

	protected $SessionService;
	protected $SessionCookieName;

	public function ProcessLogin(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
	{
		$postParams = $request->getParsedBody();
		if (isset($postParams['username']) && isset($postParams['password']))
		{
			$user = $this->Database->users()->where('username', $postParams['username'])->fetch();
			$inputPassword = $postParams['password'];
			$stayLoggedInPermanently = $postParams['stay_logged_in'] == 'on';

			if ($user !== null && password_verify($inputPassword, $user->password))
			{
				$sessionKey = $this->SessionService->CreateSession($user->id, $stayLoggedInPermanently);
				setcookie($this->SessionCookieName, $sessionKey, intval(time() + 31220640000)); // Cookie expires in 999 years, but session validity is up to SessionService

				if (password_needs_rehash($user->password, PASSWORD_DEFAULT))
				{
					$user->update(array(
						'password' => password_hash($inputPassword, PASSWORD_DEFAULT)
					));
				}

				return $response->withRedirect($this->AppContainer->UrlManager->ConstructUrl('/'));
			}
			else
			{
				return $response->withRedirect($this->AppContainer->UrlManager->ConstructUrl('/login?invalid=true'));
			}
		}
		else
		{
			return $response->withRedirect($this->AppContainer->UrlManager->ConstructUrl('/login?invalid=true'));
		}
	}

	public function LoginPage(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
	{
		return $this->AppContainer->view->render($response, 'login');
	}

	public function Logout(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)
	{
		$this->SessionService->RemoveSession($_COOKIE[$this->SessionCookieName]);
		return $response->withRedirect($this->AppContainer->UrlManager->ConstructUrl('/'));
	}

	public function GetSessionCookieName()
	{
		return $this->SessionCookieName;
	}
}
Reorganize project part 2 2018-04-11 19:49:35 +02:00			`<?php`

			`namespace Grocy\Controllers;`

Reorganize project part 3 2018-04-12 21:13:38 +02:00			`use \Grocy\Services\SessionService;`
			`use \Grocy\Services\DatabaseMigrationService;`
			`use \Grocy\Services\DemoDataGeneratorService;`
Reorganize project part 2 2018-04-11 19:49:35 +02:00
			`class LoginController extends BaseController`
			`{`
Revise session handling to prepare API authentication via token 2018-04-19 20:44:49 +02:00			`public function __construct(\Slim\Container $container, string $sessionCookieName)`
Reorganize project part 2 2018-04-11 19:49:35 +02:00			`{`
			`parent::__construct($container);`
			`$this->SessionService = new SessionService();`
Revise session handling to prepare API authentication via token 2018-04-19 20:44:49 +02:00			`$this->SessionCookieName = $sessionCookieName;`
Reorganize project part 2 2018-04-11 19:49:35 +02:00			`}`

			`protected $SessionService;`
Revise session handling to prepare API authentication via token 2018-04-19 20:44:49 +02:00			`protected $SessionCookieName;`
Reorganize project part 2 2018-04-11 19:49:35 +02:00
Reorganize project part 3 2018-04-12 21:13:38 +02:00			`public function ProcessLogin(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)`
Reorganize project part 2 2018-04-11 19:49:35 +02:00			`{`
			`$postParams = $request->getParsedBody();`
			`if (isset($postParams['username']) && isset($postParams['password']))`
			`{`
Replace the single user (defined in /data/config.php) with a multi user management thing 2018-07-24 19:31:43 +02:00			`$user = $this->Database->users()->where('username', $postParams['username'])->fetch();`
			`$inputPassword = $postParams['password'];`
Added option to stay logged in permanently 2018-09-24 13:16:57 +02:00			`$stayLoggedInPermanently = $postParams['stay_logged_in'] == 'on';`
Replace the single user (defined in /data/config.php) with a multi user management thing 2018-07-24 19:31:43 +02:00
			`if ($user !== null && password_verify($inputPassword, $user->password))`
Reorganize project part 2 2018-04-11 19:49:35 +02:00			`{`
Added option to stay logged in permanently 2018-09-24 13:16:57 +02:00			`$sessionKey = $this->SessionService->CreateSession($user->id, $stayLoggedInPermanently);`
Fixed reported login problem ("PHP Warning: date() expects parameter 2 to be integer, float given") 2018-10-16 18:21:38 +02:00			`setcookie($this->SessionCookieName, $sessionKey, intval(time() + 31220640000)); // Cookie expires in 999 years, but session validity is up to SessionService`
Replace the single user (defined in /data/config.php) with a multi user management thing 2018-07-24 19:31:43 +02:00
			`if (password_needs_rehash($user->password, PASSWORD_DEFAULT))`
			`{`
			`$user->update(array(`
			`'password' => password_hash($inputPassword, PASSWORD_DEFAULT)`
			`));`
			`}`
Reorganize project part 2 2018-04-11 19:49:35 +02:00
Use absolute URLs everywhere, this should fix #3 2018-04-18 19:03:39 +02:00			`return $response->withRedirect($this->AppContainer->UrlManager->ConstructUrl('/'));`
Reorganize project part 2 2018-04-11 19:49:35 +02:00			`}`
			`else`
			`{`
Use absolute URLs everywhere, this should fix #3 2018-04-18 19:03:39 +02:00			`return $response->withRedirect($this->AppContainer->UrlManager->ConstructUrl('/login?invalid=true'));`
Reorganize project part 2 2018-04-11 19:49:35 +02:00			`}`
			`}`
			`else`
			`{`
Use absolute URLs everywhere, this should fix #3 2018-04-18 19:03:39 +02:00			`return $response->withRedirect($this->AppContainer->UrlManager->ConstructUrl('/login?invalid=true'));`
Reorganize project part 2 2018-04-11 19:49:35 +02:00			`}`
			`}`

Reorganize project part 3 2018-04-12 21:13:38 +02:00			`public function LoginPage(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)`
Reorganize project part 2 2018-04-11 19:49:35 +02:00			`{`
Reorganize project part 3 2018-04-12 21:13:38 +02:00			`return $this->AppContainer->view->render($response, 'login');`
Reorganize project part 2 2018-04-11 19:49:35 +02:00			`}`

Reorganize project part 3 2018-04-12 21:13:38 +02:00			`public function Logout(\Slim\Http\Request $request, \Slim\Http\Response $response, array $args)`
Reorganize project part 2 2018-04-11 19:49:35 +02:00			`{`
Revise session handling to prepare API authentication via token 2018-04-19 20:44:49 +02:00			`$this->SessionService->RemoveSession($_COOKIE[$this->SessionCookieName]);`
Use absolute URLs everywhere, this should fix #3 2018-04-18 19:03:39 +02:00			`return $response->withRedirect($this->AppContainer->UrlManager->ConstructUrl('/'));`
Reorganize project part 2 2018-04-11 19:49:35 +02:00			`}`

Revise session handling to prepare API authentication via token 2018-04-19 20:44:49 +02:00			`public function GetSessionCookieName()`
			`{`
			`return $this->SessionCookieName;`
			`}`
Reorganize project part 2 2018-04-11 19:49:35 +02:00			`}`