diff --git a/src/Venom/Admin/AdminRouterInit.php b/src/Venom/Admin/AdminRouterInit.php index 3443d10..e1643ab 100644 --- a/src/Venom/Admin/AdminRouterInit.php +++ b/src/Venom/Admin/AdminRouterInit.php @@ -4,6 +4,7 @@ namespace Venom\Admin; +use Venom\Admin\Routes\LoginRoute; use Venom\Routing\Router; use Venom\Venom; @@ -18,6 +19,19 @@ class AdminRouterInit public static function getRoutes(): array { - return []; + return [ + '/login' => [ + 'cl' => LoginRoute::class, + 'roles' => ['ROLE_GUEST'], + 'routes' => [ + '*' => [ + "POST" => 'login' + ], + '1' => [ + "GET" => 'handle' + ] + ] + ] + ]; } } \ No newline at end of file diff --git a/src/Venom/Admin/Routes/LoginRoute.php b/src/Venom/Admin/Routes/LoginRoute.php index c706c65..d33680f 100644 --- a/src/Venom/Admin/Routes/LoginRoute.php +++ b/src/Venom/Admin/Routes/LoginRoute.php @@ -4,12 +4,27 @@ namespace Venom\Admin\Routes; +use Venom\Core\ArgumentHandler; use Venom\Routing\Route; +use Venom\Security\Security; class LoginRoute implements Route { - public function getAll(): bool { + public function login(): bool + { + Security::get()->login(); + return true; + } + + public function handle($fnc): bool + { + if ($fnc === 'logout') { + Security::get()->logout(); + $url = ArgumentHandler::get()->getPostItem('REDIRECT_TO', '/admin/'); + header('Location: ' . $url); + die(); + } return true; } } \ No newline at end of file diff --git a/src/Venom/Models/User.php b/src/Venom/Models/User.php index 7f0b93e..27e054c 100644 --- a/src/Venom/Models/User.php +++ b/src/Venom/Models/User.php @@ -26,13 +26,13 @@ class User public function loadUser(): bool { - if (isset($_SESSION['userID'])) { + if (isset($_SESSION['userID']) || $this->username !== 'GUEST') { // try to load user from id! $user = DatabaseHandler::get()->getOne("SELECT * FROM users WHERE id = :id OR username = :name AND isActive = 1", [ ':id' => $_SESSION['userID'], ':name' => $this->username ]); - if ($user) { + if ($user !== null) { $this->username = $user->username ?? ''; $this->email = $user->email ?? ''; $this->password = $user->password ?? ''; diff --git a/src/Venom/Security/BaseLogin.php b/src/Venom/Security/BaseLogin.php index 6fc404b..e4de7e9 100644 --- a/src/Venom/Security/BaseLogin.php +++ b/src/Venom/Security/BaseLogin.php @@ -30,7 +30,9 @@ class BaseLogin implements Login public function redirect(): void { - http_redirect(URLHelper::getInstance()->getUrl(), ['redirect' => 'true'], true); + $url = ArgumentHandler::get()->getPostItem('REDIRECT_TO', URLHelper::getInstance()->getUrl()); + header('Location: ' . $url); + die(); } public function login(): bool diff --git a/src/Venom/Security/Security.php b/src/Venom/Security/Security.php index ab2742f..dcdacab 100644 --- a/src/Venom/Security/Security.php +++ b/src/Venom/Security/Security.php @@ -3,7 +3,7 @@ namespace Venom\Security; -use http\Exception\RuntimeException; +use \RuntimeException; use Venom\Core\Config; use Venom\Models\User; @@ -43,11 +43,11 @@ class Security public function login(): void { - if (!$this->user->isLoaded()) { + if ($this->user->isLoaded()) { throw new RuntimeException('Try to re-login!'); } $sec = Config::getInstance()->getSecurity(); - $login = new $sec->securityClass; + $login = new $sec->securityClass($this->user); if ($login instanceof Login) { if (!$login->checkCredentials() || !$login->login()) { http_response_code(401); diff --git a/tpl/admin/base.php b/tpl/admin/base.php index 626f2cf..d6eedb6 100644 --- a/tpl/admin/base.php +++ b/tpl/admin/base.php @@ -4,7 +4,16 @@ use Venom\Models\User; use \Venom\Security\Security; if (!Security::get()->hasRole(User::ADMIN_ROLE)) { + ?> +
+ + + + +
+ Ausloggen'; }