2021-07-26 23:52:59 +02:00
|
|
|
<?php
|
|
|
|
|
declare(strict_types=1);
|
|
|
|
|
|
|
|
|
|
namespace MailAccountAdmin\Frontend\Login;
|
|
|
|
|
|
2021-07-27 01:25:03 +02:00
|
|
|
use MailAccountAdmin\Common\UserHelper;
|
|
|
|
|
use MailAccountAdmin\Exceptions\AdminUserNotFoundException;
|
|
|
|
|
use MailAccountAdmin\Frontend\BaseController;
|
|
|
|
|
use MailAccountAdmin\Repositories\AdminUserRepository;
|
2021-07-26 23:52:59 +02:00
|
|
|
use Psr\Http\Message\ResponseInterface as Response;
|
|
|
|
|
use Psr\Http\Message\ServerRequestInterface as Request;
|
|
|
|
|
use Slim\Views\Twig;
|
|
|
|
|
|
2021-07-27 01:25:03 +02:00
|
|
|
class LoginController extends BaseController
|
2021-07-26 23:52:59 +02:00
|
|
|
{
|
2021-07-27 01:25:03 +02:00
|
|
|
/** @var AdminUserRepository */
|
|
|
|
|
private $adminUserRepository;
|
2021-07-26 23:52:59 +02:00
|
|
|
|
2021-07-27 01:25:03 +02:00
|
|
|
public function __construct(Twig $view, UserHelper $userHelper, AdminUserRepository $adminUserRepository)
|
2021-07-26 23:52:59 +02:00
|
|
|
{
|
2021-07-27 01:25:03 +02:00
|
|
|
parent::__construct($view, $userHelper);
|
|
|
|
|
$this->adminUserRepository = $adminUserRepository;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
private function renderLoginPage(Response $response, array $renderData = []): Response
|
|
|
|
|
{
|
|
|
|
|
return $this->view->render($response, 'login.html.twig', $renderData);
|
2021-07-26 23:52:59 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public function showLoginPage(Request $request, Response $response): Response
|
|
|
|
|
{
|
2021-07-27 01:25:03 +02:00
|
|
|
if ($this->userHelper->isLoggedIn()) {
|
2021-07-26 23:52:59 +02:00
|
|
|
// Already logged in, redirect to dashboard
|
|
|
|
|
return $response
|
|
|
|
|
->withHeader('Location', '/')
|
|
|
|
|
->withStatus(303);
|
|
|
|
|
}
|
|
|
|
|
|
2021-07-27 01:25:03 +02:00
|
|
|
return $this->renderLoginPage($response);
|
2021-07-26 23:52:59 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public function authenticateUser(Request $request, Response $response): Response
|
|
|
|
|
{
|
|
|
|
|
$params = (array)$request->getParsedBody();
|
|
|
|
|
|
2021-07-27 01:25:03 +02:00
|
|
|
if (empty($params['username'])) {
|
|
|
|
|
return $this->renderLoginPage($response, ['error' => 'Missing username!']);
|
|
|
|
|
} elseif (empty($params['password'])) {
|
|
|
|
|
return $this->renderLoginPage($response, ['error' => 'Missing password!']);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$loginUsername = $params['username'];
|
|
|
|
|
$loginPassword = $params['password'];
|
|
|
|
|
|
|
|
|
|
try {
|
|
|
|
|
$user = $this->adminUserRepository->getUserByName($loginUsername);
|
|
|
|
|
}
|
|
|
|
|
catch (AdminUserNotFoundException $e) {
|
|
|
|
|
$user = null;
|
2021-07-26 23:52:59 +02:00
|
|
|
}
|
|
|
|
|
|
2021-07-27 20:02:36 +02:00
|
|
|
if ($user === null || !password_verify($loginPassword, $user->getPasswordHash())) {
|
2021-07-27 01:25:03 +02:00
|
|
|
return $this->renderLoginPage($response, ['error' => 'Wrong username or password!']);
|
2021-07-27 20:02:36 +02:00
|
|
|
} elseif (!$user->isActive()) {
|
|
|
|
|
return $this->renderLoginPage($response, ['error' => 'User is inactive!']);
|
2021-07-26 23:52:59 +02:00
|
|
|
}
|
2021-07-27 20:02:36 +02:00
|
|
|
|
|
|
|
|
// Set login session
|
|
|
|
|
$_SESSION['username'] = $user->getUsername();
|
|
|
|
|
return $response
|
|
|
|
|
->withHeader('Location', '/')
|
|
|
|
|
->withStatus(303);
|
2021-07-26 23:52:59 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public function logoutUser(Request $request, Response $response): Response
|
|
|
|
|
{
|
|
|
|
|
session_destroy();
|
|
|
|
|
|
|
|
|
|
return $response
|
|
|
|
|
->withHeader('Location', '/login')
|
|
|
|
|
->withStatus(303);
|
|
|
|
|
}
|
|
|
|
|
}
|