implemented cookie login
All checks were successful
Build and push / Pulling repo on server (push) Successful in 3s

This commit is contained in:
Chris 2023-10-29 09:41:02 +01:00
parent 460fb6b1ee
commit cfa964b4c5
3 changed files with 44 additions and 2 deletions

View File

@ -54,9 +54,9 @@ class User extends Model {
$u = new User(); $u = new User();
$u->load($id); $u->load($id);
if($filtered===true) if($filtered===true)
$users[] = $u->getDataFiltered(); $users[$id] = $u->getDataFiltered();
else else
$users[] = $u->data; $users[$id] = $u->data;
} }
return $users; return $users;
} }

View File

@ -11,6 +11,27 @@ class Err extends Page {
function notallowed() function notallowed()
{ {
//check if user has a cookie and if so, logg them in and refresh the page
if(isset($_COOKIE['token']))
{
$u = new User();
$allusers = $u->getAll(false);
foreach($allusers as $userid => $user)
{
if($user['token'] && $user['token'] == $_COOKIE['token'])
{
$u->id = $userid;
break;
}
}
if($u->id)
{
$u->login();
$this->redirect($_SERVER['REQUEST_URI']);
}
}
$this->set("loggedin",(isset($_SESSION['user']) && $_SESSION['user'] !== false)); $this->set("loggedin",(isset($_SESSION['user']) && $_SESSION['user'] !== false));
$this->set('template', "notallowed.html"); $this->set('template', "notallowed.html");
} }

View File

@ -43,6 +43,8 @@ class Login extends Page {
function logout() function logout()
{ {
//delete cookie
setcookie('token', '', time() - 3600, "/");
session_destroy(); session_destroy();
$this->redirect('/'); $this->redirect('/');
} }
@ -77,6 +79,25 @@ class Login extends Page {
$error = 'Dein Account ist noch nicht aktiviert'; $error = 'Dein Account ist noch nicht aktiviert';
else else
{ {
//if $remmeber is true, create and set cookie so the user will be automatically logged in next time
if($remember)
{
//check if user has a valid cookie
if(isset($_COOKIE['token']) && $u->token == $_COOKIE['token'])
{
$token =$u->token;
setcookie('token', $token, time() + (86400 * 30), "/");
}
else
{
//if no, create a new token
$token = uuid4();
$u->token = $token;
$u->save();
setcookie('token', $token, time() + (86400 * 30), "/");
}
}
$u->login(); $u->login();
if($_SERVER['HTTP_HX_CURRENT_URL'] && !endsWith($_SERVER['HTTP_HX_CURRENT_URL'],'/login')) if($_SERVER['HTTP_HX_CURRENT_URL'] && !endsWith($_SERVER['HTTP_HX_CURRENT_URL'],'/login'))
$this->redirect($_SERVER['HTTP_HX_CURRENT_URL']); $this->redirect($_SERVER['HTTP_HX_CURRENT_URL']);