mail-account-admin/src/Frontend/Login/LoginController.php

64 lines
1.8 KiB
PHP
Raw Normal View History

<?php
declare(strict_types=1);
namespace MailAccountAdmin\Frontend\Login;
use Psr\Http\Message\ResponseInterface as Response;
use Psr\Http\Message\ServerRequestInterface as Request;
use Slim\Exception\HttpBadRequestException;
use Slim\Views\Twig;
class LoginController
{
/** @var Twig */
private $view;
public function __construct(Twig $view)
{
$this->view = $view;
}
public function showLoginPage(Request $request, Response $response): Response
{
if (!empty($_SESSION['username'])) {
// Already logged in, redirect to dashboard
return $response
->withHeader('Location', '/')
->withStatus(303);
}
$renderData = [
];
return $this->view->render($response, 'login.html.twig', $renderData);
}
public function authenticateUser(Request $request, Response $response): Response
{
$params = (array)$request->getParsedBody();
if (empty($params['username']) || empty($params['password'])) {
throw new HttpBadRequestException($request, 'Missing parameters');
}
// TODO: only for testing, obviously
if ($params['username'] === 'lexi' && $params['password'] === 'testpw') {
$_SESSION['username'] = $params['username'];
return $response
->withHeader('Location', '/')
->withStatus(303);
} else {
return $this->view->render($response, 'login.html.twig', ['error' => 'Wrong username or password!']);
}
}
public function logoutUser(Request $request, Response $response): Response
{
session_destroy();
return $response
->withHeader('Location', '/login')
->withStatus(303);
}
}