/**
* Construct a form.
*
* @param null $route
* @param array $options
* @return string
*/
public static function open($route = null, $options = [])
{
$opts = self::evalOptions($options);
$route = $route == null ? $_SERVER['REQUEST_URI'] : $route;
$method = preg_match('/method\\=/i', $opts) ? "" : "method='POST' ";
return "<form action='{$route}' {$method}{$opts} accept-charset='UTF-8'>\n\n <input type='hidden' name='__FORM_TOKEN__' value='" . Token::create() . "'>";
}
/**
* Determines whether a user is authenticated
* by checking keys if they are valid.
*
* @return mixed
**/
public function guard()
{
if (!isset($_SESSION['user'])) {
return Route::redirect(route('login'));
} else {
if (!Token::verify(Session::user()->remember_token)) {
return $this->restartSession();
}
}
return true;
}
/**
* Execute the Process
*
* @todo execute
* @param $callback
* @return mixed
*/
public function execute($callback = "")
{
$request = new LoginRequest($_POST);
if ($request->validate()) {
$attempt = User::where('username', $request->get('username'))->where('password', Hash::encode($request->get('password')))->where('active', 'yes');
if ($attempt->exists()) {
$user = $attempt->first();
$user->remember_token = Token::create();
$user->save();
$_SESSION['user'] = $user();
return Route::redirect('welcome');
} else {
Session::setFlash('flash', 'username/password is incorrect.<br><br>');
return $callback();
}
} else {
return $callback();
}
}
/**
* Catches request method, and filter
* each values
*
* @param $request
*/
public function __construct($request = null)
{
$request = is_null($request) ? $_POST : $request;
if (is_null($this->request)) {
if (array_key_exists('__FORM_TOKEN__', $request)) {
unset($request['__FORM_TOKEN__']);
}
$this->request = filter_var_array($request, FILTER_SANITIZE_STRIPPED);
}
if (array_key_exists('__FORM_TOKEN__', $_POST)) {
$token = $_POST['__FORM_TOKEN__'];
unset($_POST['__FORM_TOKEN__']);
if (!Token::verify($token)) {
$auth = new \Auth();
return $auth->restartSession();
}
}
return true;
}
