implemented cookie login

2023-10-29 09:41:02 +01:00
parent 460fb6b1ee
commit cfa964b4c5
3 changed files with 44 additions and 2 deletions
--- a/web/pages/login/controller.php
+++ b/web/pages/login/controller.php
@@ -43,6 +43,8 @@ class Login extends Page {

    function logout()
    {
+        //delete cookie
+        setcookie('token', '', time() - 3600, "/");
        session_destroy();
        $this->redirect('/');
    }
@@ -77,6 +79,25 @@ class Login extends Page {
                $error = 'Dein Account ist noch nicht aktiviert';
            else
            {
+                //if $remmeber is true, create and set cookie so the user will be automatically logged in next time
+                if($remember)
+                {
+                    //check if user has a valid cookie
+                    if(isset($_COOKIE['token']) && $u->token == $_COOKIE['token'])
+                    {
+                        $token =$u->token;
+                        setcookie('token', $token, time() + (86400 * 30), "/");
+                    }
+                    else
+                    {
+                        //if no, create a new token
+                        $token = uuid4();
+                        $u->token = $token;
+                        $u->save();
+                        setcookie('token', $token, time() + (86400 * 30), "/");
+                    }
+                }
+                    
                $u->login();
                if($_SERVER['HTTP_HX_CURRENT_URL'] && !endsWith($_SERVER['HTTP_HX_CURRENT_URL'],'/login'))
                    $this->redirect($_SERVER['HTTP_HX_CURRENT_URL']);