public function postLogin() { if ($this->data() === null) { $this->flash('error', 'Please fill out the fields!'); return $this->response->withRedirect($this->router->pathFor('auth.login')); } else { $validator = $this->getValidator(); $data = ['identifier' => $this->data()->identifier, 'password' => $this->data()->password, 'remember' => isset($this->data()->remember) ? 'on' : 'off']; $this->getValidator()->validate(['identifier|E-mail or Username' => [$data['identifier'], 'required'], 'password|Password' => [$data['password'], 'required']]); if ($validator->passes()) { // Log the user in $user = $this->container->user->where('email', $data['identifier'])->orWhere('username', $data['identifier'])->first(); if (!$user || !$this->container->util->verifyPassword($data['password'], $user->password)) { $this->flashNow('error', 'The credentials you have entered are invalid.'); $this->flashNow('identifier', $data['identifier']); return $this->render('auth/login', ['errors' => $validator->errors()]); } else { if ($user && !(bool) $user->active) { $this->flash('error', 'Your account is banned.'); return $this->redirectTo('auth.login'); } else { if ($user && $this->container->util->verifyPassword($data['password'], $user->password)) { \Savage\Http\Util\Session::set($this->container->settings['auth']['session'], $user->id); if ($data['remember'] === 'on') { $rememberIdentifier = $this->container->util->genAlnumString(128); $rememberToken = $this->container->util->genAlnumString(128); $user->updateRememberCredentials($rememberIdentifier, $this->container->util->hash($rememberToken)); \Savage\Http\Util\Cookie::set($this->container->settings['auth']['remember'], "{$rememberIdentifier}.{$rememberToken}", \Carbon\Carbon::now()->addWeek(2)->timestamp); } return $this->redirectTo('home'); } } } return $this->redirectTo('home'); } else { // Are we going to need to flash all previous data se we can keep it in the input field? foreach ($data as $key => $value) { $this->flashNow($key, $value); } $this->flashNow('error', 'You have some errors with your registration, please fix them and try again.'); return $this->render('auth/login', ['errors' => $validator->errors()]); } } }
protected function checkRememberStatus($response) { if (Cookie::exists($this->site->getContainer()->settings['auth']['remember']) && !$this->site->auth) { $data = Cookie::get($this->site->getContainer()->settings['auth']['remember']); $credentials = explode('.', $data); if (empty(trim($data)) || count($credentials) !== 2) { return $response->withRedirect($this->site->router()->pathFor('home')); } else { $identifier = $credentials[0]; $token = $this->site->getContainer()->util->hash($credentials[1]); $user = $this->site->getContainer()->user->where('remember_identifier', $identifier)->first(); if ($user) { if ($this->site->getContainer()->util->verifyHash($token, $user->remember_token)) { Session::set($this->site->getContainer()->settings['auth']['session'], $user->id); $this->site->auth = $this->site->getContainer()->user->where('id', $user->id)->first(); } else { $user->removeRememberCredentials(); } } } } }