-
Notifications
You must be signed in to change notification settings - Fork 127
/
LoginController.php
117 lines (97 loc) · 3.71 KB
/
LoginController.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
<?php
declare(strict_types=1);
namespace CodeIgniter\Shield\Controllers;
use App\Controllers\BaseController;
use CodeIgniter\HTTP\RedirectResponse;
use CodeIgniter\Shield\Authentication\Authenticators\Session;
use CodeIgniter\Shield\Authentication\Passwords;
use CodeIgniter\Shield\Traits\Viewable;
class LoginController extends BaseController
{
use Viewable;
protected $helpers = ['setting'];
/**
* Displays the form the login to the site.
*
* @return RedirectResponse|string
*/
public function loginView()
{
if (auth()->loggedIn()) {
return redirect()->to(config('Auth')->loginRedirect());
}
/** @var Session $authenticator */
$authenticator = auth('session')->getAuthenticator();
// If an action has been defined, start it up.
if ($authenticator->hasAction()) {
return redirect()->route('auth-action-show');
}
return $this->view(setting('Auth.views')['login']);
}
/**
* Attempts to log the user in.
*/
public function loginAction(): RedirectResponse
{
// Validate here first, since some things,
// like the password, can only be validated properly here.
$rules = $this->getValidationRules();
if (! $this->validateData($this->request->getPost(), $rules)) {
return redirect()->back()->withInput()->with('errors', $this->validator->getErrors());
}
/** @var array $credentials */
$credentials = $this->request->getPost(setting('Auth.validFields')) ?? [];
$credentials = array_filter($credentials);
$credentials['password'] = $this->request->getPost('password');
$remember = (bool) $this->request->getPost('remember');
/** @var Session $authenticator */
$authenticator = auth('session')->getAuthenticator();
// Attempt to login
$result = $authenticator->remember($remember)->attempt($credentials);
if (! $result->isOK()) {
return redirect()->route('login')->withInput()->with('error', $result->reason());
}
// If an action has been defined for login, start it up.
if ($authenticator->hasAction()) {
return redirect()->route('auth-action-show')->withCookies();
}
return redirect()->to(config('Auth')->loginRedirect())->withCookies();
}
/**
* Returns the rules that should be used for validation.
*
* @return array<string, array<string, array<string>|string>>
* @phpstan-return array<string, array<string, string|list<string>>>
*/
protected function getValidationRules(): array
{
return setting('Validation.login') ?? [
// 'username' => [
// 'label' => 'Auth.username',
// 'rules' => config('AuthSession')->usernameValidationRules,
// ],
'email' => [
'label' => 'Auth.email',
'rules' => config('AuthSession')->emailValidationRules,
],
'password' => [
'label' => 'Auth.password',
'rules' => 'required|' . Passwords::getMaxLengthRule(),
'errors' => [
'max_byte' => 'Auth.errorPasswordTooLongBytes',
],
],
];
}
/**
* Logs the current user out.
*/
public function logoutAction(): RedirectResponse
{
// Capture logout redirect URL before auth logout,
// otherwise you cannot check the user in `logoutRedirect()`.
$url = config('Auth')->logoutRedirect();
auth()->logout();
return redirect()->to($url)->with('message', lang('Auth.successLogout'));
}
}