Files
grocy/controllers/LoginController.php
T

68 lines
2.2 KiB
PHP
Raw Normal View History

2018-04-11 19:49:35 +02:00
<?php
namespace Grocy\Controllers;
class LoginController extends BaseController
{
2020-08-31 20:40:31 +02:00
protected $SessionCookieName;
public function GetSessionCookieName()
2018-04-11 19:49:35 +02:00
{
2020-08-31 20:40:31 +02:00
return $this->SessionCookieName;
}
public function LoginPage(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
{
return $this->renderPage($response, 'login');
}
public function Logout(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
{
$this->getSessionService()->RemoveSession($_COOKIE[$this->SessionCookieName]);
return $response->withRedirect($this->AppContainer->get('UrlManager')->ConstructUrl('/'));
2018-04-11 19:49:35 +02:00
}
2020-02-11 17:42:03 +01:00
public function ProcessLogin(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
2018-04-11 19:49:35 +02:00
{
$postParams = $this->GetParsedAndFilteredRequestBody($request);
2020-08-31 20:40:31 +02:00
2018-04-11 19:49:35 +02:00
if (isset($postParams['username']) && isset($postParams['password']))
{
$user = $this->getDatabase()->users()->where('username', $postParams['username'])->fetch();
$inputPassword = $postParams['password'];
2018-09-24 13:16:57 +02:00
$stayLoggedInPermanently = $postParams['stay_logged_in'] == 'on';
if ($user !== null && password_verify($inputPassword, $user->password))
2018-04-11 19:49:35 +02:00
{
$sessionKey = $this->getSessionService()->CreateSession($user->id, $stayLoggedInPermanently);
2020-08-31 20:40:31 +02:00
setcookie($this->SessionCookieName, $sessionKey, PHP_INT_SIZE == 4 ? PHP_INT_MAX : PHP_INT_MAX >> 32);
2020-09-01 21:29:47 +02:00
// Cookie expires never, but session validity is up to SessionService
if (password_needs_rehash($user->password, PASSWORD_DEFAULT))
{
2020-08-31 20:40:31 +02:00
$user->update([
'password' => password_hash($inputPassword, PASSWORD_DEFAULT)
2020-08-31 20:40:31 +02:00
]);
}
2018-04-11 19:49:35 +02:00
2020-02-11 17:42:03 +01:00
return $response->withRedirect($this->AppContainer->get('UrlManager')->ConstructUrl('/'));
2018-04-11 19:49:35 +02:00
}
else
{
2020-02-11 17:42:03 +01:00
return $response->withRedirect($this->AppContainer->get('UrlManager')->ConstructUrl('/login?invalid=true'));
2018-04-11 19:49:35 +02:00
}
}
else
{
2020-02-11 17:42:03 +01:00
return $response->withRedirect($this->AppContainer->get('UrlManager')->ConstructUrl('/login?invalid=true'));
2018-04-11 19:49:35 +02:00
}
}
2020-08-31 20:40:31 +02:00
public function __construct(\DI\Container $container, string $sessionCookieName)
2018-04-11 19:49:35 +02:00
{
2020-08-31 20:40:31 +02:00
parent::__construct($container);
$this->SessionCookieName = $sessionCookieName;
2018-04-11 19:49:35 +02:00
}
}