/**
* Dispatches the processed request.
*
* @param Request $request Router Request object.
* @param Routes $routes Router Routes object.
*
* @access public
* @throws \InvalidArgumentException Request token does not match.
*
* @return void
*/
public function dispatch(Request &$request, Routes &$routes)
{
$this->routes = $routes;
$this->request = $request;
$this->response = new Response();
if (Core\Session()->get('_token')) {
$this->request->setToken(Core\Session()->get('_token'));
} else {
$this->request->regenerateToken();
Core\Session()->set('_token', $this->request->token());
}
if (!$request->isValid()) {
$this->response->setHttpResponseCode(403);
throw new \InvalidArgumentException('Request token does not match.');
}
$namespace = $request->mode('namespace');
$controller = "\\{$namespace}\\Controllers\\" . $request->controller();
if (class_exists($controller)) {
$controller = new $controller();
$action = $request->action();
/* Check if there is such action implemented and filter for magic methods like __construct, etc. */
if (is_callable(array($controller, $action)) && false === strpos($action, '__')) {
$controller->__executeAction($action, $request);
} else {
$controller->__executeAction('actionNotFound', $request);
}
$this->response->setContent($controller->renderer->getOutput());
$this->response->addHeader('Content-Type: ' . $controller->renderer->getOutputContentType());
} else {
Core\Base\Controller::resourceNotFound($request);
}
}
/**
* Login action.
*
* Updates the user login time.
*
* @param Request $request Current router request.
*
* @return void
*/
public function login(Request $request)
{
if ($request->is('post')) {
if ($this->captcha) {
if (!Helpers\Captcha::isValid($this->captcha)) {
Helpers\FlashMessage::set($this->labels['captcha']['error'], 'danger');
return;
}
}
$user = Models\CMSUser::find()->where('email = ?', array($request->post('email')))->first();
if ($user && Crypt::hashCompare($user->password, $request->post('password'))) {
$user->save(array('login_on' => gmdate('Y-m-d H:i:s')), true);
/* Regenerate Session key for prevent session id fixation. */
Core\Session()->regenerateKey();
Core\Session()->set('cms_user_info', rawurlencode(serialize($user)));
Core\Session()->set('cms_user_logged', 1);
Core\Session()->remove('authentication_error');
Core\Session()->remove('captcha');
/* Regenerate CSRF token for prevent token fixation. */
Core\Session()->remove('_token');
$request->regenerateToken();
if ($request->get('redirect')) {
$request->redirectTo($request->get('redirect'));
} else {
$request->redirectTo(array('controller' => 'account'));
}
} else {
Helpers\FlashMessage::set($this->labels['login']['error'], 'danger');
Core\Session()->set('authentication_error', true);
if (Core\Config()->CAPTCHA['enabled']) {
$this->loadCaptcha(Core\Config()->CAPTCHA);
}
}
} else {
if (Core\Session()->get('cms_user_logged') === 1) {
$request->redirectTo(array('controller' => 'account'));
}
}
}
