esoko/mapguesser
esoko/mapguesser
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 18 Wiki Activity

identify user by username as well

Browse Source
This commit is contained in:
Bence Pőcze 2023-09-24 00:48:24 +02:00
parent 1156f84065
commit 69575fabf5
Signed by: bence
GPG Key ID: DC5BD6E95A333E6D
3 changed files with 73 additions and 72 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

141
src/Controller/LoginController.php
View File

@ -2,6 +2,7 @@
use DateInterval;
use DateTime;
use Faker\Factory;
use SokoWeb\Http\Request;
use SokoWeb\Interfaces\Response\IContent;
use SokoWeb\Interfaces\Response\IRedirect;
@ -158,7 +159,7 @@ class LoginController
return new JsonContent(['success' => true]);
}
$user = $this->userRepository->getByEmail(\Container::$request->post('email'));
$user = $this->userRepository->getByEmailOrUsername(\Container::$request->post('email'));
if ($user === null) {
if (strlen(\Container::$request->post('password')) < 6) {
@ -189,7 +190,7 @@ class LoginController
return new JsonContent([
'error' => [
'errorText' => 'User found with the given email address, but the account is not activated. ' .
'errorText' => 'User found with the given email address / username, but the account is not activated. ' .
'Please check your email and click on the activation link!'
]
]);
@ -290,71 +291,71 @@ class LoginController
} else {
$user = $this->userRepository->getByEmailOrUsername(\Container::$request->post('email'));
if ($user !== null) {
if ($user->getActive()) {
if (!$user->checkPassword(\Container::$request->post('password'))) {
if ($user !== null) {
if ($user->getActive()) {
if (!$user->checkPassword(\Container::$request->post('password'))) {
return new JsonContent([
'error' => [
'errorText' => 'There is a user already registered with the given email address / username, ' .
'but the given password is wrong. You can <a href="/password/requestReset?email=' .
urlencode($user->getEmail()) . '" title="Request password reset">request password reset</a>!'
]
]);
}
\Container::$request->setUser($user);
$this->deleteRedirectUrl();
$data = ['redirect' => ['target' => $this->redirectUrl]];
} else {
$data = [
'error' => [
'errorText' => 'There is a user already registered with the given email address / username. ' .
'Please check your email and click on the activation link!'
]
];
}
return new JsonContent($data);
}
if (!empty($_ENV['RECAPTCHA_SITEKEY'])) {
if (!\Container::$request->post('g-recaptcha-response')) {
return new JsonContent(['error' => ['errorText' => 'Please check "I\'m not a robot" in the reCAPTCHA box!']]);
}
$captchaValidator = new CaptchaValidator();
$captchaResponse = $captchaValidator->validate(\Container::$request->post('g-recaptcha-response'));
if (!$captchaResponse['success']) {
return new JsonContent(['error' => ['errorText' => 'reCAPTCHA challenge failed. Please try again!']]);
}
}
if (filter_var(\Container::$request->post('email'), FILTER_VALIDATE_EMAIL) === false) {
return new JsonContent(['error' => ['errorText' => 'The given email address is not valid.']]);
}
if (\Container::$request->session()->has('tmp_user_data')) {
$tmpUserData = \Container::$request->session()->get('tmp_user_data');
$tmpUser = new User();
$tmpUser->setPassword($tmpUserData['password_hashed']);
if (!$tmpUser->checkPassword(\Container::$request->post('password'))) {
return new JsonContent(['error' => ['errorText' => 'The given passwords do not match.']]);
}
} else {
if (strlen(\Container::$request->post('password')) < 6) {
return new JsonContent([
'error' => [
'errorText' => 'There is a user already registered with the given email address / username, ' .
'but the given password is wrong. You can <a href="/password/requestReset?email=' .
urlencode($user->getEmail()) . '" title="Request password reset">request password reset</a>!'
'errorText' => 'The given password is too short. Please choose a password that is at least 6 characters long!'
]
]);
}
\Container::$request->setUser($user);
$this->deleteRedirectUrl();
$data = ['redirect' => ['target' => $this->redirectUrl]];
} else {
$data = [
'error' => [
'errorText' => 'There is a user already registered with the given email address / username. ' .
'Please check your email and click on the activation link!'
]
];
if (\Container::$request->post('password') !== \Container::$request->post('password_confirm')) {
return new JsonContent(['error' => ['errorText' => 'The given passwords do not match.']]);
}
}
return new JsonContent($data);
}
if (!empty($_ENV['RECAPTCHA_SITEKEY'])) {
if (!\Container::$request->post('g-recaptcha-response')) {
return new JsonContent(['error' => ['errorText' => 'Please check "I\'m not a robot" in the reCAPTCHA box!']]);
}
$captchaValidator = new CaptchaValidator();
$captchaResponse = $captchaValidator->validate(\Container::$request->post('g-recaptcha-response'));
if (!$captchaResponse['success']) {
return new JsonContent(['error' => ['errorText' => 'reCAPTCHA challenge failed. Please try again!']]);
}
}
if (filter_var(\Container::$request->post('email'), FILTER_VALIDATE_EMAIL) === false) {
return new JsonContent(['error' => ['errorText' => 'The given email address is not valid.']]);
}
if (\Container::$request->session()->has('tmp_user_data')) {
$tmpUserData = \Container::$request->session()->get('tmp_user_data');
$tmpUser = new User();
$tmpUser->setPassword($tmpUserData['password_hashed']);
if (!$tmpUser->checkPassword(\Container::$request->post('password'))) {
return new JsonContent(['error' => ['errorText' => 'The given passwords do not match.']]);
}
} else {
if (strlen(\Container::$request->post('password')) < 6) {
return new JsonContent([
'error' => [
'errorText' => 'The given password is too short. Please choose a password that is at least 6 characters long!'
]
]);
}
if (\Container::$request->post('password') !== \Container::$request->post('password_confirm')) {
return new JsonContent(['error' => ['errorText' => 'The given passwords do not match.']]);
}
}
$active = false;
$email = \Container::$request->post('email');
@ -376,16 +377,16 @@ class LoginController
\Container::$request->setUser($user);
} else {
$token = bin2hex(random_bytes(16));
$token = bin2hex(random_bytes(16));
$confirmation = new UserConfirmation();
$confirmation->setUser($user);
$confirmation->setToken($token);
$confirmation->setLastSentDate(new DateTime());
$confirmation = new UserConfirmation();
$confirmation->setUser($user);
$confirmation->setToken($token);
$confirmation->setLastSentDate(new DateTime());
\Container::$persistentDataManager->saveToDb($confirmation);
\Container::$persistentDataManager->saveToDb($confirmation);
$this->sendConfirmationEmail($user->getEmail(), $token, $user->getCreatedDate());
$this->sendConfirmationEmail($user->getEmail(), $token, $user->getCreatedDate());
}
\Container::$request->session()->delete('tmp_user_data');
@ -483,12 +484,12 @@ class LoginController
}
}
$user = $this->userRepository->getByEmail(\Container::$request->post('email'));
$user = $this->userRepository->getByEmailOrUsername(\Container::$request->post('email'));
if ($user === null) {
return new JsonContent([
'error' => [
'errorText' => 'No user found with the given email address. You can <a href="/signup" title="Sign up">sign up</a>!'
'errorText' => 'No user found with the given email address / username. You can <a href="/signup" title="Sign up">sign up</a>!'
]
]);
}
@ -498,7 +499,7 @@ class LoginController
return new JsonContent([
'error' => [
'errorText' => 'User found with the given email address, but the account is not activated. ' .
'errorText' => 'User found with the given email address / username, but the account is not activated. ' .
'Please check your email and click on the activation link!'
]
]);

2
views/login/login.php
View File

@ -4,7 +4,7 @@
<h2>Login</h2>
<div class="box">
<form id="loginForm" action="/login" method="post" data-redirect-on-success="<?= $redirectUrl ?>">
<input type="email" class="text big fullWidth" name="email" placeholder="Email address" autocomplete="username" required autofocus>
<input type="email" class="text big fullWidth" name="email" placeholder="Email address / username" autocomplete="username" required autofocus>
<input type="password" class="text big fullWidth marginTop" name="password" placeholder="Password" autocomplete="current-password" required minlength="6">
<p id="loginFormError" class="formError justify marginTop"></p>
<div class="right marginTop">

2
views/login/password_reset_request.php
View File

@ -6,7 +6,7 @@
<h2>Request password reset</h2>
<div class="box">
<form id="passwordResetForm" action="/password/requestReset" method="post" data-redirect-on-success="/password/requestReset/success">
<input type="email" class="text big fullWidth" name="email" placeholder="Email address" autocomplete="username" value="<?= isset($email) ? $email : '' ?>" required autofocus>
<input type="email" class="text big fullWidth" name="email" placeholder="Email address / username" autocomplete="username" value="<?= isset($email) ? $email : '' ?>" required autofocus>
<?php if (!empty($_ENV['RECAPTCHA_SITEKEY'])): ?>
<div class="marginTop">
<div class="g-recaptcha" data-sitekey="<?= $_ENV['RECAPTCHA_SITEKEY'] ?>"></div>