25개 이상의 토픽을 선택하실 수 없습니다. Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112
  1. <?php
  2. namespace App\Controllers;
  3. use Myth\Auth\Entities\User;
  4. use Myth\Auth\Controllers\AuthController as MythAuthController;
  5. class Auth extends MythAuthController
  6. {
  7. /**
  8. * Attempt to register a new user.
  9. */
  10. public function attemptRegister()
  11. {
  12. // Check if registration is allowed
  13. if (!$this->config->allowRegistration) {
  14. return redirect()->back()->withInput()->with('error', lang('Auth.registerDisabled'));
  15. }
  16. $users = model(UserModel::class);
  17. // Validate basics first since some password rules rely on these fields
  18. $rules = config('Validation')->registrationRules ?? [
  19. 'email' => 'required|valid_email|is_unique[users.email]',
  20. ];
  21. if (!$this->validate($rules)) {
  22. return redirect()->back()->withInput()->with('errors', $this->validator->getErrors());
  23. }
  24. // Validate passwords since they can only be validated properly here
  25. $rules = [
  26. 'password' => 'required',
  27. 'pass_confirm' => 'required|matches[password]',
  28. ];
  29. if (!$this->validate($rules)) {
  30. return redirect()->back()->withInput()->with('errors', $this->validator->getErrors());
  31. }
  32. // Save the user
  33. $allowedPostFields = array_merge(['password'], $this->config->validFields, $this->config->personalFields);
  34. $user = new User($this->request->getPost($allowedPostFields));
  35. $this->config->requireActivation === null ? $user->activate() : $user->generateActivateHash();
  36. // Ensure default group gets assigned if set
  37. if (!empty($this->config->defaultUserGroup)) {
  38. $users = $users->withGroup($this->config->defaultUserGroup);
  39. }
  40. if (!$users->save($user)) {
  41. return redirect()->back()->withInput()->with('errors', $users->errors());
  42. }
  43. if ($this->config->requireActivation !== null) {
  44. $activator = service('activator');
  45. $sent = $activator->send($user);
  46. if (!$sent) {
  47. return redirect()->back()->withInput()->with('error', $activator->error() ?? lang('Auth.unknownError'));
  48. }
  49. // Success!
  50. return redirect()->route('login')->with('message', lang('Auth.activationSuccess'));
  51. }
  52. // Success!
  53. return redirect()->route('login')->with('message', lang('Auth.registerSuccess'));
  54. }
  55. public function attemptLogin()
  56. {
  57. $rules = [
  58. 'login' => 'required',
  59. 'password' => 'required',
  60. ];
  61. if ($this->config->validFields === ['email']) {
  62. $rules['login'] .= '|valid_email';
  63. }
  64. if (!$this->validate($rules)) {
  65. return redirect()->back()->withInput()->with('errors', $this->validator->getErrors());
  66. }
  67. $login = $this->request->getPost('login');
  68. $password = $this->request->getPost('password');
  69. $remember = (bool) $this->request->getPost('remember');
  70. // Determine credential type
  71. $type = filter_var($login, FILTER_VALIDATE_EMAIL) ? 'email' : 'username';
  72. // Try to log them in...
  73. if (!$this->auth->attempt([$type => $login, 'password' => $password], $remember)) {
  74. return redirect()->back()->withInput()->with('error', $this->auth->error() ?? lang('Auth.badAttempt'));
  75. }
  76. // Is the user being forced to reset their password?
  77. if ($this->auth->user()->force_pass_reset === true) {
  78. return redirect()->to(route_to('reset-password') . '?token=' . $this->auth->user()->reset_hash)->withCookies();
  79. }
  80. $redirectURL = session('redirect_url') ?? site_url('/');
  81. unset($_SESSION['redirect_url']);
  82. helper('auth');
  83. if (user()->in_groups('Admin'))
  84. $redirectURL = site_url('/admin');
  85. return redirect()->to($redirectURL)->withCookies()->with('message', lang('Auth.loginSuccess'));
  86. }
  87. }