Example #1
0
 public function __construct()
 {
     /*
      * Check if the user is logged-in.
      *
      * TODO:
      *      It would be better to use 'Auth::inGroup("group1", "group2", ...)' to specify who can act as some sort of admin.
      *      But since this is just a test and we don't have a frontpage to send logged-in, not admin, users, we
      *      simply check for logged-in state.
      */
     if (!Auth::isLoggedIn()) {
         /*
          * User is not logged-in, re-route to the login controller
          */
         Router::request("/login");
     } else {
         /*
          * User is logged-in, show page template
          */
         $this->imLoadContent("view/adminMain.inc", ["pageTitle" => "Admin", "pageHeadline" => "Admin Home"]);
     }
 }
Example #2
0
 private function handleAuthRequest()
 {
     $status = false;
     /*
      * Are we logging in or out?
      */
     if (Runtime::$GET["action"] == "login") {
         /*
          * If not already logged-in, let's log the user in
          */
         if (!Auth::isLoggedIn()) {
             $user = Runtime::$POST["username"];
             $passwd = Runtime::$POST["password"];
             $token = Runtime::$POST["token"];
             if (!empty($token) && strcmp($token, Runtime::$SESSION["_im_login_token"]) === 0) {
                 if (!empty($user) && !empty($passwd)) {
                     Auth::login($user, $passwd);
                 }
                 $status = Auth::isLoggedIn();
                 if (!$status && Runtime::$SYSTEM["REQUEST_CONTENT"] == "json") {
                     Runtime::$SESSION["_im_login_token"] = Crypt::encode(Crypt::password());
                 } else {
                     Runtime::$SESSION->remove("_im_login_token");
                 }
             }
         }
     } elseif (Runtime::$GET["action"] == "logout") {
         /*
          * If not already logged-out, let's log the user out
          */
         if (Auth::isLoggedIn()) {
             Auth::logout();
         }
         $status = !Auth::isLoggedIn();
     }
     /*
      * If the client is asking for JSON content, we provide a JSON object
      * with the status of the request.
      */
     if (Runtime::$SYSTEM["REQUEST_CONTENT"] == "json") {
         echo json_encode(["status" => $status, "token" => Runtime::$SESSION["_im_login_token"]]);
         /*
          * If the client is asking for html content,
          * e.g. the request is a regular post/load request and not an ajax request.
          */
     } elseif (Auth::isLoggedIn()) {
         Router::request("/");
         /*
          * Regular post/load request, user is not logged-in.
          * Either wrong password/username was supplied, or this was a
          * logout request. Either way, show the login form again.
          */
     } else {
         $this->buildLoginForm();
     }
 }