MAPG-69 add active flag for users and check if user is active before login

2020-06-14 17:16:08 +02:00 · 2020-06-14 17:16:08 +02:00 · 66b21ec710
commit 66b21ec710
parent 28ed02091a
5 changed files with 42 additions and 3 deletions
--- a/database/migrations/data/20200614_1328_user_confirmation.php
+++ b/database/migrations/data/20200614_1328_user_confirmation.php
@ -0,0 +1,17 @@
+<?php
+
+use MapGuesser\Database\Query\Modify;
+use MapGuesser\Database\Query\Select;
+use MapGuesser\Interfaces\Database\IResultSet;
+
+$select = new Select(\Container::$dbConnection, 'users');
+$select->columns(['id']);
+
+$result = $select->execute();
+
+while ($map = $result->fetch(IResultSet::FETCH_ASSOC)) {
+    $modify = new Modify(\Container::$dbConnection, 'users');
+    $modify->setId($map['id']);
+    $modify->set('active', true);
+    $modify->save();
+}
--- a/database/migrations/structure/20200614_1328_user_confirmation.sql
+++ b/database/migrations/structure/20200614_1328_user_confirmation.sql
@ -0,0 +1,14 @@
+CREATE TABLE `user_confirmations` (
+  `id` int(10) unsigned NOT NULL AUTO_INCREMENT,
+  `user_id` int(10) unsigned NOT NULL,
+  `token` varchar(64) NOT NULL,
+  PRIMARY KEY (`id`),
+  KEY `user_id` (`user_id`),
+  KEY `token` (`token`),
+  CONSTRAINT `user_confirmations_user_id` FOREIGN KEY (`user_id`) REFERENCES `users` (`id`)
+) ENGINE = InnoDB DEFAULT CHARSET = utf8mb4;
+
+ALTER TABLE
+  `users`
+ADD
+  `active` tinyint(1) NOT NULL DEFAULT 0;
--- a/public/static/js/login.js
+++ b/public/static/js/login.js
@ -13,7 +13,10 @@
                var errorText;
                switch (this.response.error) {
                    case 'user_not_found':
-                        errorText = 'No user found with the given email address.';
+                        errorText = 'No user found with the given email address. You can <a href="/signup" title="Sign up">sign up here</a>!';
+                        break;
+                    case 'user_not_active':
+                        errorText = 'User found with the given email address, but the account is not activated. Please check your email and click on the activation link!';
                        break;
                    case 'password_not_match':
                        errorText = 'The given password is wrong.'
--- a/src/Controller/LoginController.php
+++ b/src/Controller/LoginController.php
@ -53,6 +53,11 @@ class LoginController

        $user = new User($userData);

+        if (!$user->getActive()) {
+            $data = ['error' => 'user_not_active'];
+            return new JsonContent($data);
+        }
+
        if (!$user->checkPassword($this->request->post('password'))) {
            $data = ['error' => 'password_not_match'];
            return new JsonContent($data);
@ -68,6 +73,6 @@ class LoginController
    {
        $this->request->session()->delete('user');

-        return new Redirect([\Container::$routeCollection->getRoute('login'), []], IRedirect::TEMPORARY);
+        return new Redirect([\Container::$routeCollection->getRoute('index'), []], IRedirect::TEMPORARY);
    }
 }
--- a/views/login.php
+++ b/views/login.php
@ -11,7 +11,7 @@ $jsFiles = [
        <form id="loginForm" action="/login" method="post">
            <input class="big fullWidth" type="email" name="email" placeholder="Email address" autofocus>
            <input class="big fullWidth marginTop" type="password" name="password" placeholder="Password">
-            <p id="loginFormError" class="formError marginTop"></p>
+            <p id="loginFormError" class="formError justify marginTop"></p>
            <div class="right marginTop">
                <button type="submit">Login</button>
            </div>