function login($req, $res, $args)
 {
     if ($req->isPost()) {
         $form_username = Input::post('req_username');
         $form_password = Input::post('req_password');
         $save_pass = (bool) Input::post('save_pass');
         // If form was correctly filled
         if ($form_username && $form_password) {
             $user = AuthModel::get_user_from_name($form_username);
             // Compare user pass with form data
             $form_password_hash = Random::hash($form_password);
             // Will result in a SHA-1 hash
             if ($user->password == $form_password_hash) {
                 $expire = $save_pass ? time() + 1209600 : time() + 1800;
                 $jwt = AuthModel::generate_jwt($user);
                 AuthModel::feather_setcookie('Bearer ' . $jwt, $expire);
                 return Router::redirect(Router::pathFor('home'), 'Welcome ' . $user->username . '!');
             } else {
                 throw new \Exception('Wrong user/pass', 403);
             }
         } else {
             throw new \Exception("Username and password are required fields.", 1);
         }
     } elseif ($req->isGet()) {
         return View::setPageInfo(['title' => 'Login', 'active_nav' => 'login'])->addTemplate('login.php')->display();
     }
 }
Пример #2
0
 public function __invoke($req, $res, $next)
 {
     // setcookie('authorization', '', 1, '/', '', false, true);
     $authCookie = Container::get('cookie')->get('authorization');
     if ($jwt = $this->get_cookie_data($authCookie)) {
         // If JWT given in cookie is valid, load user infos
         $user = AuthModel::load_user($jwt->data->userId);
         $user->is_guest = false;
         $user->is_admmod = $user->g_id == '1' || $user->g_moderator == '1';
         // Refresh cookie to avoid re-logging between idle
         $expire = $jwt->exp > time() + 1800 ? time() + 1209600 : time() + 1800;
         $jwt = AuthModel::generate_jwt($user, $expire);
         AuthModel::feather_setcookie('Bearer ' . $jwt, $expire);
     } else {
         $user = AuthModel::load_user(1);
         $user->is_guest = true;
         $user->is_admmod = false;
     }
     // Add user infos in request attributes and view
     $req = $req->withAttribute('user', $user);
     View::setPageInfo(['user' => $user]);
     return $next($req, $res);
 }