Implement basic database access and login

This commit is contained in:
Lexi / Zoe 2021-07-27 01:25:03 +02:00
parent 8be7988d97
commit b24fe56c8a
Signed by: binaryDiv
GPG key ID: F8D4956E224DA232
14 changed files with 307 additions and 31 deletions

View file

@ -3,52 +3,69 @@ declare(strict_types=1);
namespace MailAccountAdmin\Frontend\Login;
use MailAccountAdmin\Common\UserHelper;
use MailAccountAdmin\Exceptions\AdminUserNotFoundException;
use MailAccountAdmin\Frontend\BaseController;
use MailAccountAdmin\Repositories\AdminUserRepository;
use Psr\Http\Message\ResponseInterface as Response;
use Psr\Http\Message\ServerRequestInterface as Request;
use Slim\Exception\HttpBadRequestException;
use Slim\Views\Twig;
class LoginController
class LoginController extends BaseController
{
/** @var Twig */
private $view;
/** @var AdminUserRepository */
private $adminUserRepository;
public function __construct(Twig $view)
public function __construct(Twig $view, UserHelper $userHelper, AdminUserRepository $adminUserRepository)
{
$this->view = $view;
parent::__construct($view, $userHelper);
$this->adminUserRepository = $adminUserRepository;
}
private function renderLoginPage(Response $response, array $renderData = []): Response
{
return $this->view->render($response, 'login.html.twig', $renderData);
}
public function showLoginPage(Request $request, Response $response): Response
{
if (!empty($_SESSION['username'])) {
if ($this->userHelper->isLoggedIn()) {
// Already logged in, redirect to dashboard
return $response
->withHeader('Location', '/')
->withStatus(303);
}
$renderData = [
];
return $this->view->render($response, 'login.html.twig', $renderData);
return $this->renderLoginPage($response);
}
public function authenticateUser(Request $request, Response $response): Response
{
$params = (array)$request->getParsedBody();
if (empty($params['username']) || empty($params['password'])) {
throw new HttpBadRequestException($request, 'Missing parameters');
if (empty($params['username'])) {
return $this->renderLoginPage($response, ['error' => 'Missing username!']);
} elseif (empty($params['password'])) {
return $this->renderLoginPage($response, ['error' => 'Missing password!']);
}
// TODO: only for testing, obviously
if ($params['username'] === 'lexi' && $params['password'] === 'testpw') {
$_SESSION['username'] = $params['username'];
$loginUsername = $params['username'];
$loginPassword = $params['password'];
try {
$user = $this->adminUserRepository->getUserByName($loginUsername);
}
catch (AdminUserNotFoundException $e) {
$user = null;
}
if ($user !== null && password_verify($loginPassword, $user->getPasswordHash())) {
$_SESSION['username'] = $user->getUsername();
return $response
->withHeader('Location', '/')
->withStatus(303);
} else {
return $this->view->render($response, 'login.html.twig', ['error' => 'Wrong username or password!']);
return $this->renderLoginPage($response, ['error' => 'Wrong username or password!']);
}
}