sergio.hinojosa/eval-desempeno-v2
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Crear sistema de autenticación para administradores

Browse Source
This commit is contained in:
Sergio 2022-08-31 09:27:25 -05:00
parent c2bcf96a8d
commit a11c6eccbd
10 changed files with 257 additions and 55 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
app/Config/Auth.php
View File

@ -52,6 +52,11 @@ class Auth extends \Myth\Auth\Config\Auth
'resend-activate-account' => 'resend-activate-account',
'forgot' => 'forgot',
'reset-password' => 'reset-password',
// ADMIN AUTH
// 'custom_route' => 'custom_route',
'admin_login' => 'admin_login',
'admin_logout' => 'admin_logout',
];
/**

9
app/Config/Filters.php
View File

@ -2,6 +2,7 @@
namespace Config;
use App\Filters\AdminFilter;
use App\Filters\FormularioInicialFilter;
use App\Filters\InicioFilter;
use CodeIgniter\Config\BaseConfig;
@ -29,6 +30,7 @@ class Filters extends BaseConfig
'role' => \Myth\Auth\Filters\RoleFilter::class,
'inicio' => InicioFilter::class,
'formulario_inicial' => FormularioInicialFilter::class,
'admin_filter' => AdminFilter::class,
];
/**
@ -42,7 +44,7 @@ class Filters extends BaseConfig
// 'honeypot',
// 'csrf',
// 'invalidchars',
'login'
// 'login'
],
'after' => [
'toolbar',
@ -78,7 +80,8 @@ class Filters extends BaseConfig
* @var array
*/
public $filters = [
'inicio' => ['before' => ['/',]],
'formulario_inicial' => ['before' => ['registro/']]
'login' => ['before' => ['/', 'registro/', 'encuesta/*']],
'inicio' => ['before' => ['/']],
'formulario_inicial' => ['before' => ['registro/']],
];
}

9
app/Config/Routes.php
View File

@ -49,11 +49,14 @@ $routes->post('encuesta/submit/(:segment)', 'Encuesta::submit/$1', ['as' => 'enc
// utilizar m<EFBFBD>todo attemptRegister personalizdo (no requiere de username)
// utilizar método attemptRegister personalizdo (no requiere de username)
$routes->post('register/', 'Auth::attemptRegister');
// $routes->post('login/', 'Auth::attemptLogin');
$routes->group('admin', ['filter' => 'role:Admin'], static function ($routes) {
// ADMIN AUTH
$routes->match(['get', 'post'], 'admin/login/', 'AdminAuth::login', ['as' => 'admin_login']);
$routes->get('admin/logout', 'AdminAuth::logout', ['as' => 'admin_logout']);
$routes->group('admin', ['filter' => 'admin_filter'], static function ($routes) {
$routes->get('/', 'Admin::home', ['as' => 'admin_home']);
// SOLICITUDES

2
app/Controllers/Admin.php
View File

@ -58,8 +58,6 @@ class Admin extends BaseController
}
public function aprobarSolicitud($id)
{
$solicitudModel = model(ModelsPrestadorSolicitudModel::class);

68
app/Controllers/AdminAuth.php Normal file
View File

@ -0,0 +1,68 @@
<?php
namespace App\Controllers;
use App\Controllers\BaseController;
use App\Models\UsuarioModel;
class AdminAuth extends BaseController
{
public function login()
{
if ($this->request->getMethod() === 'post') {
$rules = [
'nombreusuario' => 'required',
'password' => 'required',
];
if (!$this->validate($rules)) {
return redirect()->back()->with('msg', array(
'type' => 'danger',
'body' => 'Es necesario llenar todos los campos'
));
}
// obtener datos
$data = $this->request->getPost();
// Buscar usuario
if (!$usuario = model(UsuarioModel::class)->findByUsername($data['nombreusuario'])) {
return redirect()->back()->with('msg', array(
'type' => 'danger',
'body' => 'Revisa tus credenciales e inténtalo nuevamente'
));
}
// Verificar contraseña
if (!password_verify($data['password'], $usuario['password'])) {
return redirect()->back()->with('msg', array(
'type' => 'danger',
'body' => 'Revisa tus credenciales e inténtalo nuevamente'
));
}
// Inicializar sesión
session()->set([
'id' => $usuario['idusuario'],
'usuario' => $usuario['nombreusuario'],
'is_logged' => true,
]);
return redirect()->route('admin_home')->with('msg', array(
'type' => 'success',
'body' => 'Inicio de sesión correcto'
));
}
return view('AdminAuth/login');
}
public function logout()
{
$session = session();
$session->remove(['id', 'usuario', 'is_logged']);
return redirect()->route('admin_login');
}
}

2
app/Controllers/BaseController.php
View File

@ -35,7 +35,7 @@ abstract class BaseController extends Controller
*
* @var array
*/
protected $helpers = ['auth'];
protected $helpers = ['auth', 'session'];
/**
* Constructor.

51
app/Filters/AdminFilter.php Normal file
View File

@ -0,0 +1,51 @@
<?php
namespace App\Filters;
use CodeIgniter\Filters\FilterInterface;
use CodeIgniter\HTTP\RequestInterface;
use CodeIgniter\HTTP\ResponseInterface;
class AdminFilter implements FilterInterface
{
/**
* Do whatever processing this filter needs to do.
* By default it should not return anything during
* normal execution. However, when an abnormal state
* is found, it should return an instance of
* CodeIgniter\HTTP\Response. If it does, script
* execution will end and that Response will be
* sent back to the client, allowing for error pages,
* redirects, etc.
*
* @param RequestInterface $request
* @param array|null $arguments
*
* @return mixed
*/
public function before(RequestInterface $request, $arguments = null)
{
$session = session();
$loggedIn = $session->is_logged;
if (!$loggedIn) {
return redirect()->route('admin_login');
}
}
/**
* Allows After filters to inspect and modify the response
* object as needed. This method does not allow any way
* to stop execution of other after filters, short of
* throwing an Exception or Error.
*
* @param RequestInterface $request
* @param ResponseInterface $response
* @param array|null $arguments
*
* @return mixed
*/
public function after(RequestInterface $request, ResponseInterface $response, $arguments = null)
{
//
}
}

23
app/Models/UsuarioModel.php Normal file
View File

@ -0,0 +1,23 @@
<?php
namespace App\Models;
use CodeIgniter\Model;
class UsuarioModel extends Model
{
protected $table = 'usuarios';
protected $primaryKey = 'idusuario';
protected $useAutoIncrement = true;
protected $insertID = 0;
protected $returnType = 'array';
protected $useSoftDeletes = false;
protected $protectFields = true;
protected $allowedFields = [];
public function findByUsername($username)
{
return $this->where('nombreusuario', $username)->first();
}
}

41
app/Views/AdminAuth/login.php Normal file
View File

@ -0,0 +1,41 @@
<?= $this->extend('templates/baseAdmin') ?>
<?= $this->section('content') ?>
<div class="card">
<h2 class="card-header"><?= lang('Auth.loginTitle') ?></h2>
<div class="card-body">
<?= view('Myth\Auth\Views\_message_block') ?>
<form action="<?= route_to('admin_login') ?>" method="post">
<?= csrf_field() ?>
<div class="form-group">
<label for="nombreusuario">Usuario</label>
<input type="text" class="form-control <?php if (session('errors.nombreusuario')) : ?>is-invalid<?php endif ?>" name="nombreusuario" placeholder="Usuario">
<div class="invalid-feedback">
<?= session('errors.nombreusuario') ?>
</div>
</div>
<div class="form-group">
<label for="password"><?= lang('Auth.password') ?></label>
<input type="password" name="password" class="form-control <?php if (session('errors.password')) : ?>is-invalid<?php endif ?>" placeholder="<?= lang('Auth.password') ?>">
<div class="invalid-feedback">
<?= session('errors.password') ?>
</div>
</div>
<br>
<button type="submit" class="btn btn-primary btn-block"><?= lang('Auth.loginAction') ?></button>
</form>
<hr>
</div>
</div>
<?= $this->endSection() ?>

10
app/Views/templates/baseAdmin.php
View File

@ -38,6 +38,8 @@ scratch. This page gets rid of all links and provides the needed markup only.
<!-- Sidebar Menu -->
<nav class="mt-2">
<?php $session = session();
if ($session->is_logged) : ?>
<ul class="nav nav-pills nav-sidebar flex-column" data-widget="treeview" role="menu" data-accordion="false">
<!-- Add icons to the links using the .nav-icon class
with font-awesome or any other icon font library -->
@ -85,7 +87,15 @@ scratch. This page gets rid of all links and provides the needed markup only.
</li>
</ul>
</li>
<li class="nav-item">
<a href="<?= route_to('admin_logout') ?>" class="nav-link">
<i class="nav-icon fas fa-sign-out-alt"></i>
Cerrar sesión
</a>
</li>
</ul>
<?php endif; ?>
</nav>
<!-- /.sidebar-menu -->