function login($req, $res, $args) { if ($req->isPost()) { $form_username = Input::post('req_username'); $form_password = Input::post('req_password'); $save_pass = (bool) Input::post('save_pass'); // If form was correctly filled if ($form_username && $form_password) { $user = AuthModel::get_user_from_name($form_username); // Compare user pass with form data $form_password_hash = Random::hash($form_password); // Will result in a SHA-1 hash if ($user->password == $form_password_hash) { $expire = $save_pass ? time() + 1209600 : time() + 1800; $jwt = AuthModel::generate_jwt($user); AuthModel::feather_setcookie('Bearer ' . $jwt, $expire); return Router::redirect(Router::pathFor('home'), 'Welcome ' . $user->username . '!'); } else { throw new \Exception('Wrong user/pass', 403); } } else { throw new \Exception("Username and password are required fields.", 1); } } elseif ($req->isGet()) { return View::setPageInfo(['title' => 'Login', 'active_nav' => 'login'])->addTemplate('login.php')->display(); } }
public function __invoke($req, $res, $next) { // setcookie('authorization', '', 1, '/', '', false, true); $authCookie = Container::get('cookie')->get('authorization'); if ($jwt = $this->get_cookie_data($authCookie)) { // If JWT given in cookie is valid, load user infos $user = AuthModel::load_user($jwt->data->userId); $user->is_guest = false; $user->is_admmod = $user->g_id == '1' || $user->g_moderator == '1'; // Refresh cookie to avoid re-logging between idle $expire = $jwt->exp > time() + 1800 ? time() + 1209600 : time() + 1800; $jwt = AuthModel::generate_jwt($user, $expire); AuthModel::feather_setcookie('Bearer ' . $jwt, $expire); } else { $user = AuthModel::load_user(1); $user->is_guest = true; $user->is_admmod = false; } // Add user infos in request attributes and view $req = $req->withAttribute('user', $user); View::setPageInfo(['user' => $user]); return $next($req, $res); }