public function authorize($password)
{
$enforcer = Enforcer::make('password');
$result = $enforcer->login($this->getSubject(), $password);
return $result;
}
});
$app->post('/login', function ($request, $response, $args) {
$container = $this->getContainer();
$data = $request->getParsedBody();
$user = new \Conftrack\Model\User($container->get('db'));
$user->find(['username' => $data['username']]);
if ($user->id === null) {
$this->flash->addMessage('danger', 'Account not found.');
}
if (!$user->isActive()) {
$this->flash->addMessage('danger', 'User inactive!');
$this->view->render($response, 'user/login.twig', $data);
return false;
}
$subject = new \Conftrack\VerifyUser($user);
$enforcer = \Psecio\Verify\Enforcer::make('password');
if ($enforcer->login($subject, $data['password']) === false) {
$this->flash->addMessage('danger', 'Invalid password!');
$this->view->render($response, 'user/login.twig', $data);
return false;
}
// Login success! Start up the session
$this->flash->addMessage('success', 'Login successful!');
$segment = $container->get('session')->getSegment('default');
$segment->set('user', $user->toArray(['password']));
return $response->withRedirect('/user/dashboard');
$this->view->render($response, 'user/login.twig', $data);
});
$app->get('/logout', function ($request, $response, $args) {
// Clear out the session
$this->getContainer()->get('session')->clear();