113 lines
3.9 KiB
PHP
113 lines
3.9 KiB
PHP
<?php
|
|
|
|
namespace App\Controllers;
|
|
|
|
use Myth\Auth\Entities\User;
|
|
use Myth\Auth\Controllers\AuthController as MythAuthController;
|
|
|
|
class Auth extends MythAuthController
|
|
{
|
|
/**
|
|
* Attempt to register a new user.
|
|
*/
|
|
public function attemptRegister()
|
|
{
|
|
// Check if registration is allowed
|
|
if (!$this->config->allowRegistration) {
|
|
return redirect()->back()->withInput()->with('error', lang('Auth.registerDisabled'));
|
|
}
|
|
|
|
$users = model(UserModel::class);
|
|
|
|
// Validate basics first since some password rules rely on these fields
|
|
$rules = config('Validation')->registrationRules ?? [
|
|
'email' => 'required|valid_email|is_unique[users.email]',
|
|
];
|
|
|
|
if (!$this->validate($rules)) {
|
|
return redirect()->back()->withInput()->with('errors', $this->validator->getErrors());
|
|
}
|
|
|
|
// Validate passwords since they can only be validated properly here
|
|
$rules = [
|
|
'password' => 'required',
|
|
'pass_confirm' => 'required|matches[password]',
|
|
];
|
|
|
|
if (!$this->validate($rules)) {
|
|
return redirect()->back()->withInput()->with('errors', $this->validator->getErrors());
|
|
}
|
|
|
|
// Save the user
|
|
$allowedPostFields = array_merge(['password'], $this->config->validFields, $this->config->personalFields);
|
|
$user = new User($this->request->getPost($allowedPostFields));
|
|
|
|
$this->config->requireActivation === null ? $user->activate() : $user->generateActivateHash();
|
|
|
|
// Ensure default group gets assigned if set
|
|
if (!empty($this->config->defaultUserGroup)) {
|
|
$users = $users->withGroup($this->config->defaultUserGroup);
|
|
}
|
|
|
|
if (!$users->save($user)) {
|
|
return redirect()->back()->withInput()->with('errors', $users->errors());
|
|
}
|
|
|
|
if ($this->config->requireActivation !== null) {
|
|
$activator = service('activator');
|
|
$sent = $activator->send($user);
|
|
|
|
if (!$sent) {
|
|
return redirect()->back()->withInput()->with('error', $activator->error() ?? lang('Auth.unknownError'));
|
|
}
|
|
|
|
// Success!
|
|
return redirect()->route('login')->with('message', lang('Auth.activationSuccess'));
|
|
}
|
|
|
|
// Success!
|
|
return redirect()->route('login')->with('message', lang('Auth.registerSuccess'));
|
|
}
|
|
|
|
public function attemptLogin()
|
|
{
|
|
$rules = [
|
|
'login' => 'required',
|
|
'password' => 'required',
|
|
];
|
|
if ($this->config->validFields === ['email']) {
|
|
$rules['login'] .= '|valid_email';
|
|
}
|
|
|
|
if (!$this->validate($rules)) {
|
|
return redirect()->back()->withInput()->with('errors', $this->validator->getErrors());
|
|
}
|
|
|
|
$login = $this->request->getPost('login');
|
|
$password = $this->request->getPost('password');
|
|
$remember = (bool) $this->request->getPost('remember');
|
|
|
|
// Determine credential type
|
|
$type = filter_var($login, FILTER_VALIDATE_EMAIL) ? 'email' : 'username';
|
|
|
|
// Try to log them in...
|
|
if (!$this->auth->attempt([$type => $login, 'password' => $password], $remember)) {
|
|
return redirect()->back()->withInput()->with('error', $this->auth->error() ?? lang('Auth.badAttempt'));
|
|
}
|
|
|
|
// Is the user being forced to reset their password?
|
|
if ($this->auth->user()->force_pass_reset === true) {
|
|
return redirect()->to(route_to('reset-password') . '?token=' . $this->auth->user()->reset_hash)->withCookies();
|
|
}
|
|
|
|
$redirectURL = session('redirect_url') ?? site_url('/');
|
|
unset($_SESSION['redirect_url']);
|
|
|
|
helper('auth');
|
|
if (user()->in_groups('Admin'))
|
|
$redirectURL = site_url('/admin');
|
|
|
|
return redirect()->to($redirectURL)->withCookies()->with('message', lang('Auth.loginSuccess'));
|
|
}
|
|
}
|