public function submitAction()
{
$loginData = new FormData(['email', 'password', 'return']);
$loginData->retrieve();
$success = Auth::attemptLogin(@$loginData->email, @$loginData->password);
if (!$success) {
$message = 'Incorrect login details, please try again.';
} else {
HTTP::redirect(@$loginData->return);
}
$pageTitle = 'Log In';
$this->display('login.tpl', get_defined_vars());
}
public function save($checkLogin = true)
{
$db = Env::get('db');
if ($checkLogin) {
Auth::requireAdmin();
$user = Auth::loggedInUser();
$isCurrentUser = $user && $user->id == $this->id;
} else {
$user = null;
$isCurrentUser = false;
}
// apply new id (email may have changed)
$oldId = $this->id;
$this->id = sha1(strtolower($this->row->email) . Env::get('auth_salt'));
$this->row->id = $this->id;
// misc fields
$this->row->modified = new \DateTime();
if ($user) {
$this->row->modifiedBy = $user->id;
} else {
$this->row->modifiedBy = 'none';
}
// reset password if it changed
$newPassword = false;
if (@$this->row->newPassword) {
$this->row->password = Auth::hashForPassword($this->email, $this->newPassword);
$newPassword = $this->row->newPassword;
unset($this->row->newPassword);
}
if (!isset($this->password)) {
$this->password = '';
}
// hash everything
$this->row->signature = Auth::signatureForUser($this);
$db->User->archive($oldId);
$db->User->write($this->id, $this->row, true);
if ($isCurrentUser && $newPassword) {
Auth::attemptLogin($this->row->email, $newPassword);
}
}
