MAPG-69 add active flag for users and check if user is active before login

This commit is contained in:
Bence Pőcze 2020-06-14 17:16:08 +02:00
parent 28ed02091a
commit 66b21ec710
5 changed files with 42 additions and 3 deletions

View File

@ -0,0 +1,17 @@
<?php
use MapGuesser\Database\Query\Modify;
use MapGuesser\Database\Query\Select;
use MapGuesser\Interfaces\Database\IResultSet;
$select = new Select(\Container::$dbConnection, 'users');
$select->columns(['id']);
$result = $select->execute();
while ($map = $result->fetch(IResultSet::FETCH_ASSOC)) {
$modify = new Modify(\Container::$dbConnection, 'users');
$modify->setId($map['id']);
$modify->set('active', true);
$modify->save();
}

View File

@ -0,0 +1,14 @@
CREATE TABLE `user_confirmations` (
`id` int(10) unsigned NOT NULL AUTO_INCREMENT,
`user_id` int(10) unsigned NOT NULL,
`token` varchar(64) NOT NULL,
PRIMARY KEY (`id`),
KEY `user_id` (`user_id`),
KEY `token` (`token`),
CONSTRAINT `user_confirmations_user_id` FOREIGN KEY (`user_id`) REFERENCES `users` (`id`)
) ENGINE = InnoDB DEFAULT CHARSET = utf8mb4;
ALTER TABLE
`users`
ADD
`active` tinyint(1) NOT NULL DEFAULT 0;

View File

@ -13,7 +13,10 @@
var errorText; var errorText;
switch (this.response.error) { switch (this.response.error) {
case 'user_not_found': case 'user_not_found':
errorText = 'No user found with the given email address.'; errorText = 'No user found with the given email address. You can <a href="/signup" title="Sign up">sign up here</a>!';
break;
case 'user_not_active':
errorText = 'User found with the given email address, but the account is not activated. Please check your email and click on the activation link!';
break; break;
case 'password_not_match': case 'password_not_match':
errorText = 'The given password is wrong.' errorText = 'The given password is wrong.'

View File

@ -53,6 +53,11 @@ class LoginController
$user = new User($userData); $user = new User($userData);
if (!$user->getActive()) {
$data = ['error' => 'user_not_active'];
return new JsonContent($data);
}
if (!$user->checkPassword($this->request->post('password'))) { if (!$user->checkPassword($this->request->post('password'))) {
$data = ['error' => 'password_not_match']; $data = ['error' => 'password_not_match'];
return new JsonContent($data); return new JsonContent($data);
@ -68,6 +73,6 @@ class LoginController
{ {
$this->request->session()->delete('user'); $this->request->session()->delete('user');
return new Redirect([\Container::$routeCollection->getRoute('login'), []], IRedirect::TEMPORARY); return new Redirect([\Container::$routeCollection->getRoute('index'), []], IRedirect::TEMPORARY);
} }
} }

View File

@ -11,7 +11,7 @@ $jsFiles = [
<form id="loginForm" action="/login" method="post"> <form id="loginForm" action="/login" method="post">
<input class="big fullWidth" type="email" name="email" placeholder="Email address" autofocus> <input class="big fullWidth" type="email" name="email" placeholder="Email address" autofocus>
<input class="big fullWidth marginTop" type="password" name="password" placeholder="Password"> <input class="big fullWidth marginTop" type="password" name="password" placeholder="Password">
<p id="loginFormError" class="formError marginTop"></p> <p id="loginFormError" class="formError justify marginTop"></p>
<div class="right marginTop"> <div class="right marginTop">
<button type="submit">Login</button> <button type="submit">Login</button>
</div> </div>