fixed login

added example login
This commit is contained in:
Maurice Grönwoldt 2020-09-25 22:33:35 +02:00
parent f00bdc99ec
commit c7984873c0
6 changed files with 48 additions and 8 deletions

View file

@ -4,6 +4,7 @@
namespace Venom\Admin; namespace Venom\Admin;
use Venom\Admin\Routes\LoginRoute;
use Venom\Routing\Router; use Venom\Routing\Router;
use Venom\Venom; use Venom\Venom;
@ -18,6 +19,19 @@ class AdminRouterInit
public static function getRoutes(): array public static function getRoutes(): array
{ {
return []; return [
'/login' => [
'cl' => LoginRoute::class,
'roles' => ['ROLE_GUEST'],
'routes' => [
'*' => [
"POST" => 'login'
],
'1' => [
"GET" => 'handle'
]
]
]
];
} }
} }

View file

@ -4,12 +4,27 @@
namespace Venom\Admin\Routes; namespace Venom\Admin\Routes;
use Venom\Core\ArgumentHandler;
use Venom\Routing\Route; use Venom\Routing\Route;
use Venom\Security\Security;
class LoginRoute implements Route class LoginRoute implements Route
{ {
public function getAll(): bool { public function login(): bool
{
Security::get()->login();
return true;
}
public function handle($fnc): bool
{
if ($fnc === 'logout') {
Security::get()->logout();
$url = ArgumentHandler::get()->getPostItem('REDIRECT_TO', '/admin/');
header('Location: ' . $url);
die();
}
return true; return true;
} }
} }

View file

@ -26,13 +26,13 @@ class User
public function loadUser(): bool public function loadUser(): bool
{ {
if (isset($_SESSION['userID'])) { if (isset($_SESSION['userID']) || $this->username !== 'GUEST') {
// try to load user from id! // try to load user from id!
$user = DatabaseHandler::get()->getOne("SELECT * FROM users WHERE id = :id OR username = :name AND isActive = 1", [ $user = DatabaseHandler::get()->getOne("SELECT * FROM users WHERE id = :id OR username = :name AND isActive = 1", [
':id' => $_SESSION['userID'], ':id' => $_SESSION['userID'],
':name' => $this->username ':name' => $this->username
]); ]);
if ($user) { if ($user !== null) {
$this->username = $user->username ?? ''; $this->username = $user->username ?? '';
$this->email = $user->email ?? ''; $this->email = $user->email ?? '';
$this->password = $user->password ?? ''; $this->password = $user->password ?? '';

View file

@ -30,7 +30,9 @@ class BaseLogin implements Login
public function redirect(): void public function redirect(): void
{ {
http_redirect(URLHelper::getInstance()->getUrl(), ['redirect' => 'true'], true); $url = ArgumentHandler::get()->getPostItem('REDIRECT_TO', URLHelper::getInstance()->getUrl());
header('Location: ' . $url);
die();
} }
public function login(): bool public function login(): bool

View file

@ -3,7 +3,7 @@
namespace Venom\Security; namespace Venom\Security;
use http\Exception\RuntimeException; use \RuntimeException;
use Venom\Core\Config; use Venom\Core\Config;
use Venom\Models\User; use Venom\Models\User;
@ -43,11 +43,11 @@ class Security
public function login(): void public function login(): void
{ {
if (!$this->user->isLoaded()) { if ($this->user->isLoaded()) {
throw new RuntimeException('Try to re-login!'); throw new RuntimeException('Try to re-login!');
} }
$sec = Config::getInstance()->getSecurity(); $sec = Config::getInstance()->getSecurity();
$login = new $sec->securityClass; $login = new $sec->securityClass($this->user);
if ($login instanceof Login) { if ($login instanceof Login) {
if (!$login->checkCredentials() || !$login->login()) { if (!$login->checkCredentials() || !$login->login()) {
http_response_code(401); http_response_code(401);

View file

@ -4,7 +4,16 @@ use Venom\Models\User;
use \Venom\Security\Security; use \Venom\Security\Security;
if (!Security::get()->hasRole(User::ADMIN_ROLE)) { if (!Security::get()->hasRole(User::ADMIN_ROLE)) {
?>
<form method="post" action="/admin/api/login">
<input type="text" name="USERNAME" placeholder="Username">
<input type="password" name="PASSWORD" placeholder="Password">
<input type="hidden" name="REDIRECT_TO" value="/admin/">
<input type="submit" value="Login">
</form>
<?php
echo 'Login!'; echo 'Login!';
} else { } else {
echo 'Admin Interface!'; echo 'Admin Interface!';
echo '<a href="/admin/api/login/logout">Ausloggen</a>';
} }