function login($req, $res, $args)
{
if ($req->isPost()) {
$form_username = Input::post('req_username');
$form_password = Input::post('req_password');
$save_pass = (bool) Input::post('save_pass');
// If form was correctly filled
if ($form_username && $form_password) {
$user = AuthModel::get_user_from_name($form_username);
// Compare user pass with form data
$form_password_hash = Random::hash($form_password);
// Will result in a SHA-1 hash
if ($user->password == $form_password_hash) {
$expire = $save_pass ? time() + 1209600 : time() + 1800;
$jwt = AuthModel::generate_jwt($user);
AuthModel::feather_setcookie('Bearer ' . $jwt, $expire);
return Router::redirect(Router::pathFor('home'), 'Welcome ' . $user->username . '!');
} else {
throw new \Exception('Wrong user/pass', 403);
}
} else {
throw new \Exception("Username and password are required fields.", 1);
}
} elseif ($req->isGet()) {
return View::setPageInfo(['title' => 'Login', 'active_nav' => 'login'])->addTemplate('login.php')->display();
}
}
public function __invoke($req, $res, $next)
{
// setcookie('authorization', '', 1, '/', '', false, true);
$authCookie = Container::get('cookie')->get('authorization');
if ($jwt = $this->get_cookie_data($authCookie)) {
// If JWT given in cookie is valid, load user infos
$user = AuthModel::load_user($jwt->data->userId);
$user->is_guest = false;
$user->is_admmod = $user->g_id == '1' || $user->g_moderator == '1';
// Refresh cookie to avoid re-logging between idle
$expire = $jwt->exp > time() + 1800 ? time() + 1209600 : time() + 1800;
$jwt = AuthModel::generate_jwt($user, $expire);
AuthModel::feather_setcookie('Bearer ' . $jwt, $expire);
} else {
$user = AuthModel::load_user(1);
$user->is_guest = true;
$user->is_admmod = false;
}
// Add user infos in request attributes and view
$req = $req->withAttribute('user', $user);
View::setPageInfo(['user' => $user]);
return $next($req, $res);
}
