public function getAuthUser()
{
if (Session::exists($this->container->settings['auth']['session'])) {
return $this->container->user->where('id', Session::get($this->container->settings['auth']['session']));
} else {
return null;
}
}
protected function checkAccountStatus($response)
{
if ($this->site->auth) {
$user = $this->site->auth;
if (!(bool) $user->active) {
\Savage\Http\Util\Session::delete($this->site->getContainer()->settings['auth']['session']);
if (\Savage\Http\Util\Cookie::exists($this->site->getContainer()->settings['auth']['remember'])) {
$user->removeRememberCredentials();
\Savage\Http\Util\Cookie::delete($this->site->getContainer()->settings['auth']['remember']);
}
$this->site->getContainer()->flash->addMessage('error', 'Your account is banned.');
return $response->withRedirect($this->site->getContainer()->router->pathFor('home'));
}
}
}
public function postLogin()
{
if ($this->data() === null) {
$this->flash('error', 'Please fill out the fields!');
return $this->response->withRedirect($this->router->pathFor('auth.login'));
} else {
$validator = $this->getValidator();
$data = ['identifier' => $this->data()->identifier, 'password' => $this->data()->password, 'remember' => isset($this->data()->remember) ? 'on' : 'off'];
$this->getValidator()->validate(['identifier|E-mail or Username' => [$data['identifier'], 'required'], 'password|Password' => [$data['password'], 'required']]);
if ($validator->passes()) {
// Log the user in
$user = $this->container->user->where('email', $data['identifier'])->orWhere('username', $data['identifier'])->first();
if (!$user || !$this->container->util->verifyPassword($data['password'], $user->password)) {
$this->flashNow('error', 'The credentials you have entered are invalid.');
$this->flashNow('identifier', $data['identifier']);
return $this->render('auth/login', ['errors' => $validator->errors()]);
} else {
if ($user && !(bool) $user->active) {
$this->flash('error', 'Your account is banned.');
return $this->redirectTo('auth.login');
} else {
if ($user && $this->container->util->verifyPassword($data['password'], $user->password)) {
\Savage\Http\Util\Session::set($this->container->settings['auth']['session'], $user->id);
if ($data['remember'] === 'on') {
$rememberIdentifier = $this->container->util->genAlnumString(128);
$rememberToken = $this->container->util->genAlnumString(128);
$user->updateRememberCredentials($rememberIdentifier, $this->container->util->hash($rememberToken));
\Savage\Http\Util\Cookie::set($this->container->settings['auth']['remember'], "{$rememberIdentifier}.{$rememberToken}", \Carbon\Carbon::now()->addWeek(2)->timestamp);
}
return $this->redirectTo('home');
}
}
}
return $this->redirectTo('home');
} else {
// Are we going to need to flash all previous data se we can keep it in the input field?
foreach ($data as $key => $value) {
$this->flashNow($key, $value);
}
$this->flashNow('error', 'You have some errors with your registration, please fix them and try again.');
return $this->render('auth/login', ['errors' => $validator->errors()]);
}
}
}
<?php
$site->route(['GET'], '/', \Savage\Http\Controllers\HomeController::class)->setName('home');
$site->route(['GET'], '/tests', \Savage\Http\Controllers\TestController::class, 'index')->setName('tests');
$site->route(['GET'], '/fakesomedata', \Savage\Http\Controllers\FakeController::class, 'index')->setName('fake.faker');
$site->get('/auth/logout', function ($request, $response, $args) use($site) {
\Savage\Http\Util\Session::delete($site->getContainer()->settings['auth']['session']);
if (\Savage\Http\Util\Cookie::exists($site->getContainer()->settings['auth']['remember'])) {
$site->auth->removeRememberCredentials();
\Savage\Http\Util\Cookie::delete($site->getContainer()->settings['auth']['remember']);
}
return $response->withRedirect($site->getContainer()->router->pathFor('home'));
})->setName('auth.logout');
$site->group('/auth', function () {
$this->route(['GET', 'POST'], '/login', \Savage\Http\Controllers\AuthController::class, 'login')->add(new \Savage\Http\Filters\GuestFilter($this))->setName('auth.login');
$this->route(['GET', 'POST'], '/register', \Savage\Http\Controllers\AuthController::class, 'register')->add(new \Savage\Http\Filters\GuestFilter($this))->setName('auth.register');
$this->route(['GET'], '/settings', \Savage\Http\Controllers\AuthController::class, 'settings')->add(new \Savage\Http\Filters\AuthFilter($this))->setName('auth.settings');
$this->route(['GET', 'POST'], '/settings/update/profile', \Savage\Http\Controllers\AuthController::class, 'profile')->add(new \Savage\Http\Filters\AuthFilter($this))->setName('auth.update.profile');
$this->route(['GET', 'POST'], '/settings/update/password', \Savage\Http\Controllers\AuthController::class, 'password')->add(new \Savage\Http\Filters\AuthFilter($this))->setName('auth.update.password');
$this->route(['GET'], '/notifications', \Savage\Http\Controllers\AuthController::class, 'notifications')->add(new \Savage\Http\Filters\AuthFilter($this))->setName('auth.notifications');
$this->route(['GET'], '/messages', \Savage\Http\Controllers\AuthController::class, 'directMessages')->add(new \Savage\Http\Filters\AuthFilter($this))->setName('auth.messages');
$this->route(['GET'], '/messages/sent', \Savage\Http\Controllers\AuthController::class, 'sentMessages')->add(new \Savage\Http\Filters\AuthFilter($this))->setName('auth.messages.sent');
$this->route(['GET'], '/messages/trash', \Savage\Http\Controllers\AuthController::class, 'trashedMessages')->add(new \Savage\Http\Filters\AuthFilter($this))->setName('auth.messages.trash');
$this->route(['GET', 'POST'], '/messages/view/{id}', Savage\Http\Controllers\AuthController::class, 'viewDirectMessage')->add(new \Savage\Http\Filters\AuthFilter($this))->setName('auth.messages.view');
$this->route(['POST'], '/messages/compose', Savage\Http\Controllers\AuthController::class, 'composeMessage')->add(new \Savage\Http\Filters\AuthFilter($this))->setName('auth.messages.compose');
$this->route(['POST'], '/messages/reply/{id}', Savage\Http\Controllers\AuthController::class, 'directMessageResponse')->add(new \Savage\Http\Filters\AuthFilter($this))->setName('auth.messages.reply');
// Temp Delete
$this->route(['POST'], '/messages/edit/trash', Savage\Http\Controllers\AuthController::class, 'trashDirectMessages')->add(new \Savage\Http\Filters\AuthFilter($this))->setName('auth.messages.edit.trash');
// Restore
$this->route(['POST'], '/messages/edit/restore', Savage\Http\Controllers\AuthController::class, 'restoreDirectMessages')->add(new \Savage\Http\Filters\AuthFilter($this))->setName('auth.messages.edit.restore');
// Delete Forever!
