Compare commits
No commits in common. "26d6c0922c971eac540d88842a24dd7a476b68c4" and "703966f8f7b8f8f179180cd3a7c7677537756ea6" have entirely different histories.
26d6c0922c
...
703966f8f7
@ -1,13 +0,0 @@
|
||||
<?php
|
||||
|
||||
use Faker\Factory;
|
||||
use MapGuesser\PersistentData\Model\User;
|
||||
use SokoWeb\Database\Query\Select;
|
||||
|
||||
$select = new Select(Container::$dbConnection);
|
||||
$users = Container::$persistentDataManager->selectMultipleFromDb($select, User::class);
|
||||
|
||||
foreach ($users as $user) {
|
||||
$user->setUsername(Factory::create()->userName);
|
||||
Container::$persistentDataManager->saveToDb($user);
|
||||
}
|
@ -1,3 +0,0 @@
|
||||
ALTER TABLE `users`
|
||||
ADD `username` VARCHAR(255) CHARACTER SET ascii COLLATE ascii_bin DEFAULT NULL AFTER `email`,
|
||||
ADD UNIQUE `username` (`username`);
|
@ -183,23 +183,12 @@ var MapGuesser = {
|
||||
document.getElementById('cover').style.visibility = 'hidden';
|
||||
},
|
||||
|
||||
observeInput: function (form, observedInputs) {
|
||||
var anyChanged = false;
|
||||
|
||||
for (var i = 0; i < observedInputs.length; i++) {
|
||||
var input = form.elements[observedInputs[i]];
|
||||
if (input.type === 'checkbox') {
|
||||
if (input.defaultChecked !== input.checked) {
|
||||
anyChanged = true;
|
||||
}
|
||||
} else {
|
||||
observeInput: function (input, buttonToToggle) {
|
||||
if (input.defaultValue !== input.value) {
|
||||
anyChanged = true;
|
||||
buttonToToggle.disabled = false;
|
||||
} else {
|
||||
buttonToToggle.disabled = true;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
form.elements['submit_button'].disabled = !anyChanged;
|
||||
},
|
||||
|
||||
observeInputsInForm: function (form, observedInputs) {
|
||||
@ -210,19 +199,19 @@ var MapGuesser = {
|
||||
case 'INPUT':
|
||||
case 'TEXTAREA':
|
||||
input.oninput = function () {
|
||||
MapGuesser.observeInput(form, observedInputs);
|
||||
MapGuesser.observeInput(this, form.elements.submit);
|
||||
};
|
||||
break;
|
||||
case 'SELECT':
|
||||
input.onchange = function () {
|
||||
MapGuesser.observeInput(form, observedInputs);
|
||||
MapGuesser.observeInput(this, form.elements.submit);
|
||||
};
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
form.onreset = function () {
|
||||
form.elements['submit_button'].disabled = true;
|
||||
form.elements.submit.disabled = true;
|
||||
}
|
||||
}
|
||||
};
|
||||
|
@ -2,7 +2,6 @@
|
||||
|
||||
use DateInterval;
|
||||
use DateTime;
|
||||
use Faker\Factory;
|
||||
use SokoWeb\Http\Request;
|
||||
use SokoWeb\Interfaces\Response\IContent;
|
||||
use SokoWeb\Interfaces\Response\IRedirect;
|
||||
@ -92,11 +91,6 @@ class LoginController
|
||||
|
||||
public function getSignupSuccess(): IContent
|
||||
{
|
||||
if (\Container::$request->user() !== null) {
|
||||
$this->deleteRedirectUrl();
|
||||
return new Redirect($this->redirectUrl, IRedirect::TEMPORARY);
|
||||
}
|
||||
|
||||
return new HtmlContent('login/signup_success');
|
||||
}
|
||||
|
||||
@ -159,7 +153,7 @@ class LoginController
|
||||
return new JsonContent(['success' => true]);
|
||||
}
|
||||
|
||||
$user = $this->userRepository->getByEmailOrUsername(\Container::$request->post('email'));
|
||||
$user = $this->userRepository->getByEmail(\Container::$request->post('email'));
|
||||
|
||||
if ($user === null) {
|
||||
if (strlen(\Container::$request->post('password')) < 6) {
|
||||
@ -190,7 +184,7 @@ class LoginController
|
||||
|
||||
return new JsonContent([
|
||||
'error' => [
|
||||
'errorText' => 'User found with the given email address / username, but the account is not activated. ' .
|
||||
'errorText' => 'User found with the given email address, but the account is not activated. ' .
|
||||
'Please check your email and click on the activation link!'
|
||||
]
|
||||
]);
|
||||
@ -271,32 +265,14 @@ class LoginController
|
||||
return new JsonContent(['redirect' => ['target' => $this->redirectUrl]]);
|
||||
}
|
||||
|
||||
$googleUserData = \Container::$request->session()->get('google_user_data');
|
||||
if ($googleUserData !== null) {
|
||||
$user = $this->userRepository->getByEmail($googleUserData['email']);
|
||||
|
||||
if ($user !== null) {
|
||||
return new JsonContent([
|
||||
'error' => [
|
||||
'errorText' => 'There is a user already registered with the email address of this Google account, ' .
|
||||
'but Google account is not linked to the user. Please <a href="/login?email=' .
|
||||
urlencode($googleUserData['email']) . '" title="Login">login</a> first to link your Google account!'
|
||||
]
|
||||
]);
|
||||
}
|
||||
|
||||
$active = true;
|
||||
$email = $googleUserData['email'];
|
||||
$googleSub = $googleUserData['sub'];
|
||||
} else {
|
||||
$user = $this->userRepository->getByEmailOrUsername(\Container::$request->post('email'));
|
||||
$user = $this->userRepository->getByEmail(\Container::$request->post('email'));
|
||||
|
||||
if ($user !== null) {
|
||||
if ($user->getActive()) {
|
||||
if (!$user->checkPassword(\Container::$request->post('password'))) {
|
||||
return new JsonContent([
|
||||
'error' => [
|
||||
'errorText' => 'There is a user already registered with the given email address / username, ' .
|
||||
'errorText' => 'There is a user already registered with the given email address, ' .
|
||||
'but the given password is wrong. You can <a href="/password/requestReset?email=' .
|
||||
urlencode($user->getEmail()) . '" title="Request password reset">request password reset</a>!'
|
||||
]
|
||||
@ -310,7 +286,7 @@ class LoginController
|
||||
} else {
|
||||
$data = [
|
||||
'error' => [
|
||||
'errorText' => 'There is a user already registered with the given email address / username. ' .
|
||||
'errorText' => 'There is a user already registered with the given email address. ' .
|
||||
'Please check your email and click on the activation link!'
|
||||
]
|
||||
];
|
||||
@ -357,26 +333,13 @@ class LoginController
|
||||
}
|
||||
}
|
||||
|
||||
$active = false;
|
||||
$email = \Container::$request->post('email');
|
||||
$googleSub = null;
|
||||
}
|
||||
|
||||
$user = new User();
|
||||
$user->setActive($active);
|
||||
$user->setEmail($email);
|
||||
$user->setUsername(strlen(\Container::$request->post('username')) > 0 ? \Container::$request->post('username') : Factory::create()->userName);
|
||||
$user->setEmail(\Container::$request->post('email'));
|
||||
$user->setPlainPassword(\Container::$request->post('password'));
|
||||
$user->setGoogleSub($googleSub);
|
||||
$user->setCreatedDate(new DateTime());
|
||||
|
||||
\Container::$persistentDataManager->saveToDb($user);
|
||||
|
||||
if ($active) {
|
||||
$this->sendWelcomeEmail($user->getEmail());
|
||||
|
||||
\Container::$request->setUser($user);
|
||||
} else {
|
||||
$token = bin2hex(random_bytes(16));
|
||||
|
||||
$confirmation = new UserConfirmation();
|
||||
@ -387,14 +350,49 @@ class LoginController
|
||||
\Container::$persistentDataManager->saveToDb($confirmation);
|
||||
|
||||
$this->sendConfirmationEmail($user->getEmail(), $token, $user->getCreatedDate());
|
||||
}
|
||||
|
||||
\Container::$request->session()->delete('tmp_user_data');
|
||||
\Container::$request->session()->delete('google_user_data');
|
||||
|
||||
return new JsonContent(['success' => true]);
|
||||
}
|
||||
|
||||
public function signupWithGoogle(): IContent
|
||||
{
|
||||
if (\Container::$request->user() !== null) {
|
||||
$this->deleteRedirectUrl();
|
||||
return new JsonContent(['success' => true]);
|
||||
}
|
||||
|
||||
$userData = \Container::$request->session()->get('google_user_data');
|
||||
|
||||
$user = $this->userRepository->getByEmail($userData['email']);
|
||||
|
||||
if ($user === null) {
|
||||
$sendWelcomeEmail = true;
|
||||
|
||||
$user = new User();
|
||||
$user->setEmail($userData['email']);
|
||||
$user->setCreatedDate(new DateTime());
|
||||
} else {
|
||||
$sendWelcomeEmail = false;
|
||||
}
|
||||
|
||||
$user->setActive(true);
|
||||
$user->setGoogleSub($userData['sub']);
|
||||
|
||||
\Container::$persistentDataManager->saveToDb($user);
|
||||
|
||||
if ($sendWelcomeEmail) {
|
||||
$this->sendWelcomeEmail($user->getEmail());
|
||||
}
|
||||
|
||||
\Container::$request->session()->delete('google_user_data');
|
||||
\Container::$request->setUser($user);
|
||||
|
||||
$this->deleteRedirectUrl();
|
||||
return new JsonContent(['success' => true]);
|
||||
}
|
||||
|
||||
public function resetSignup(): IContent
|
||||
{
|
||||
\Container::$request->session()->delete('tmp_user_data');
|
||||
@ -484,12 +482,12 @@ class LoginController
|
||||
}
|
||||
}
|
||||
|
||||
$user = $this->userRepository->getByEmailOrUsername(\Container::$request->post('email'));
|
||||
$user = $this->userRepository->getByEmail(\Container::$request->post('email'));
|
||||
|
||||
if ($user === null) {
|
||||
return new JsonContent([
|
||||
'error' => [
|
||||
'errorText' => 'No user found with the given email address / username. You can <a href="/signup" title="Sign up">sign up</a>!'
|
||||
'errorText' => 'No user found with the given email address. You can <a href="/signup" title="Sign up">sign up</a>!'
|
||||
]
|
||||
]);
|
||||
}
|
||||
@ -499,7 +497,7 @@ class LoginController
|
||||
|
||||
return new JsonContent([
|
||||
'error' => [
|
||||
'errorText' => 'User found with the given email address / username, but the account is not activated. ' .
|
||||
'errorText' => 'User found with the given email address, but the account is not activated. ' .
|
||||
'Please check your email and click on the activation link!'
|
||||
]
|
||||
]);
|
||||
|
@ -8,7 +8,6 @@ use SokoWeb\Interfaces\Response\IRedirect;
|
||||
use SokoWeb\OAuth\GoogleOAuth;
|
||||
use MapGuesser\PersistentData\Model\User;
|
||||
use MapGuesser\Repository\GuessRepository;
|
||||
use MapGuesser\Repository\UserRepository;
|
||||
use MapGuesser\Repository\UserConfirmationRepository;
|
||||
use MapGuesser\Repository\UserInChallengeRepository;
|
||||
use MapGuesser\Repository\UserPasswordResetterRepository;
|
||||
@ -20,8 +19,6 @@ use SokoWeb\Util\JwtParser;
|
||||
|
||||
class UserController implements IAuthenticationRequired
|
||||
{
|
||||
private UserRepository $userRepository;
|
||||
|
||||
private UserConfirmationRepository $userConfirmationRepository;
|
||||
|
||||
private UserPasswordResetterRepository $userPasswordResetterRepository;
|
||||
@ -34,7 +31,6 @@ class UserController implements IAuthenticationRequired
|
||||
|
||||
public function __construct()
|
||||
{
|
||||
$this->userRepository = new UserRepository();
|
||||
$this->userConfirmationRepository = new UserConfirmationRepository();
|
||||
$this->userPasswordResetterRepository = new UserPasswordResetterRepository();
|
||||
$this->userPlayedPlaceRepository = new UserPlayedPlaceRepository();
|
||||
@ -152,32 +148,6 @@ class UserController implements IAuthenticationRequired
|
||||
return new JsonContent(['error' => ['errorText' => $error]]);
|
||||
}
|
||||
|
||||
$newEmail = \Container::$request->post('email');
|
||||
if ($newEmail !== $user->getEmail()) {
|
||||
if (!filter_var($newEmail, FILTER_VALIDATE_EMAIL)) {
|
||||
return new JsonContent(['error' => ['errorText' => 'The given email address is not valid.']]);
|
||||
}
|
||||
|
||||
if ($this->userRepository->getByEmail($newEmail) !== null) {
|
||||
return new JsonContent(['error' => ['errorText' => 'The given email address belongs to another account.']]);
|
||||
}
|
||||
|
||||
$user->setEmail($newEmail);
|
||||
}
|
||||
|
||||
$newUsername = \Container::$request->post('username');
|
||||
if (strlen($newUsername) > 0 && $newUsername !== $user->getUsername()) {
|
||||
if (filter_var($newUsername, FILTER_VALIDATE_EMAIL)) {
|
||||
return new JsonContent(['error' => ['errorText' => 'Please select a username that is not a valid email address.']]);
|
||||
}
|
||||
|
||||
if ($this->userRepository->getByUsername($newUsername) !== null) {
|
||||
return new JsonContent(['error' => ['errorText' => 'The given username is already taken.']]);
|
||||
}
|
||||
|
||||
$user->setUsername($newUsername);
|
||||
}
|
||||
|
||||
if (strlen(\Container::$request->post('password_new')) > 0) {
|
||||
if (strlen(\Container::$request->post('password_new')) < 6) {
|
||||
return new JsonContent([
|
||||
|
@ -8,14 +8,12 @@ class User extends Model implements IUser
|
||||
{
|
||||
protected static string $table = 'users';
|
||||
|
||||
protected static array $fields = ['email', 'username', 'password', 'type', 'active', 'google_sub', 'created'];
|
||||
protected static array $fields = ['email', 'password', 'type', 'active', 'google_sub', 'created'];
|
||||
|
||||
private static array $types = ['user', 'admin'];
|
||||
|
||||
private string $email = '';
|
||||
|
||||
private string $username = '';
|
||||
|
||||
private ?string $password = null;
|
||||
|
||||
private string $type = 'user';
|
||||
@ -31,11 +29,6 @@ class User extends Model implements IUser
|
||||
$this->email = $email;
|
||||
}
|
||||
|
||||
public function setUsername(string $username): void
|
||||
{
|
||||
$this->username = $username;
|
||||
}
|
||||
|
||||
public function setPassword(?string $hashedPassword): void
|
||||
{
|
||||
$this->password = $hashedPassword;
|
||||
@ -78,11 +71,6 @@ class User extends Model implements IUser
|
||||
return $this->email;
|
||||
}
|
||||
|
||||
public function getUsername(): string
|
||||
{
|
||||
return $this->username;
|
||||
}
|
||||
|
||||
public function getPassword(): ?string
|
||||
{
|
||||
return $this->password;
|
||||
|
@ -22,23 +22,6 @@ class UserRepository implements IUserRepository
|
||||
return \Container::$persistentDataManager->selectFromDb($select, User::class);
|
||||
}
|
||||
|
||||
public function getByUsername(string $username): ?User
|
||||
{
|
||||
$select = new Select(\Container::$dbConnection);
|
||||
$select->where('username', '=', $username);
|
||||
|
||||
return \Container::$persistentDataManager->selectFromDb($select, User::class);
|
||||
}
|
||||
|
||||
public function getByEmailOrUsername(string $emailOrUsername): ?User
|
||||
{
|
||||
if (filter_var($emailOrUsername, FILTER_VALIDATE_EMAIL)) {
|
||||
return $this->getByEmail($emailOrUsername);
|
||||
}
|
||||
|
||||
return $this->getByUsername($emailOrUsername);
|
||||
}
|
||||
|
||||
public function getByGoogleSub(string $sub): ?User
|
||||
{
|
||||
$select = new Select(\Container::$dbConnection);
|
||||
|
@ -5,11 +5,11 @@
|
||||
@section(main)
|
||||
<h2>Account</h2>
|
||||
<div class="box">
|
||||
<form id="accountForm" action="/account" method="post" data-reload-on-success="true" data-observe-inputs="email,username,password_new,password_new_confirm">
|
||||
<form id="accountForm" action="/account" method="post" data-observe-inputs="password_new,password_new_confirm">
|
||||
<?php if ($user['password'] !== null && $user['google_sub'] !== null): ?>
|
||||
<p class="justify small">Please confirm your identity with your password or with Google to modify your account.</p>
|
||||
<div class="inputWithButton">
|
||||
<input type="password" class="text" name="password" placeholder="Current password" autocomplete="current-password" required minlength="6" autofocus><!--
|
||||
<input type="password" class="text name="password" placeholder="Current password" autocomplete="current-password" required minlength="6" autofocus><!--
|
||||
--><button id="authenticateWithGoogleButton" class="yellow" type="button">Google</button>
|
||||
</div>
|
||||
<?php elseif ($user['password'] !== null): ?>
|
||||
@ -23,13 +23,13 @@
|
||||
</div>
|
||||
<?php endif; ?>
|
||||
<hr>
|
||||
<input type="email" class="text big fullWidth" name="email" placeholder="Email address" autocomplete="username" value="<?= $user['email'] ?>">
|
||||
<input type="username" class="text big fullWidth marginTop" name="username" placeholder="Username" value="<?= $user['username'] ?>">
|
||||
<?php /* TODO: disabled for the time being, email modification should be implemented */ ?>
|
||||
<input type="email" class="text big fullWidth" name="email" placeholder="Email address" autocomplete="username" value="<?= $user['email'] ?>" disabled>
|
||||
<input type="password" class="text big fullWidth marginTop" name="password_new" placeholder="New password" autocomplete="new-password" minlength="6">
|
||||
<input type="password" class="text big fullWidth marginTop" name="password_new_confirm" placeholder="New password confirmation" autocomplete="new-password" minlength="6">
|
||||
<p id="accountFormError" class="formError justify marginTop"></p>
|
||||
<div class="right marginTop">
|
||||
<button type="submit" name="submit_button" disabled>Save</button>
|
||||
<button type="submit" name="submit" disabled>Save</button>
|
||||
</div>
|
||||
<hr>
|
||||
<div class="center">
|
||||
|
@ -26,7 +26,7 @@
|
||||
<?php endif; ?>
|
||||
<p id="deleteAccountFormError" class="formError justify marginTop"></p>
|
||||
<div class="right marginTop">
|
||||
<button class="red marginRight" type="submit" name="submit_button">Delete account</button><!--
|
||||
<button class="red marginRight" type="submit" name="submit">Delete account</button><!--
|
||||
--><a class="button gray marginTop" href="/account" title="Back to account">Cancel</a>
|
||||
</div>
|
||||
</form>
|
||||
|
@ -5,12 +5,21 @@
|
||||
@section(main)
|
||||
<h2>Sign up</h2>
|
||||
<div class="box">
|
||||
<form id="googleSignupForm" action="/signup" method="post" data-redirect-on-success="/signup/success">
|
||||
<form id="googleSignupForm" action="/signup/google" method="post" data-redirect-on-success="<?= $redirectUrl ?>">
|
||||
<?php if ($found): ?>
|
||||
<p class="justify">Please confirm that you link your account to your Google account.</p>
|
||||
<?php else: ?>
|
||||
<p class="justify">Please confirm your sign up request. Your account will be linked to your Google account.</p>
|
||||
<?php endif; ?>
|
||||
<input type="email" class="text big fullWidth marginTop" name="email" placeholder="Email address" value="<?= $email ?>" disabled>
|
||||
<input type="username" class="text big fullWidth marginTop" name="username" placeholder="Username">
|
||||
<div class="right">
|
||||
<button class="marginTop marginRight" type="submit">Sign up</button><!--
|
||||
<button class="marginTop marginRight" type="submit">
|
||||
<?php if ($found): ?>
|
||||
Link
|
||||
<?php else: ?>
|
||||
Sign up
|
||||
<?php endif; ?>
|
||||
</button><!--
|
||||
--><button id="cancelGoogleSignupButton" class="gray marginTop" type="button">Cancel</button>
|
||||
</div>
|
||||
</form>
|
||||
|
@ -4,7 +4,7 @@
|
||||
<h2>Login</h2>
|
||||
<div class="box">
|
||||
<form id="loginForm" action="/login" method="post" data-redirect-on-success="<?= $redirectUrl ?>">
|
||||
<input type="email" class="text big fullWidth" name="email" placeholder="Email address / username" autocomplete="username" required autofocus>
|
||||
<input type="email" class="text big fullWidth" name="email" placeholder="Email address" autocomplete="username" required autofocus>
|
||||
<input type="password" class="text big fullWidth marginTop" name="password" placeholder="Password" autocomplete="current-password" required minlength="6">
|
||||
<p id="loginFormError" class="formError justify marginTop"></p>
|
||||
<div class="right marginTop">
|
||||
|
@ -6,7 +6,7 @@
|
||||
<h2>Request password reset</h2>
|
||||
<div class="box">
|
||||
<form id="passwordResetForm" action="/password/requestReset" method="post" data-redirect-on-success="/password/requestReset/success">
|
||||
<input type="email" class="text big fullWidth" name="email" placeholder="Email address / username" autocomplete="username" value="<?= isset($email) ? $email : '' ?>" required autofocus>
|
||||
<input type="email" class="text big fullWidth" name="email" placeholder="Email address" autocomplete="username" value="<?= isset($email) ? $email : '' ?>" required autofocus>
|
||||
<?php if (!empty($_ENV['RECAPTCHA_SITEKEY'])): ?>
|
||||
<div class="marginTop">
|
||||
<div class="g-recaptcha" data-sitekey="<?= $_ENV['RECAPTCHA_SITEKEY'] ?>"></div>
|
||||
|
@ -8,7 +8,7 @@
|
||||
<div class="box">
|
||||
<form id="signupForm" action="/signup" method="post" data-redirect-on-success="/signup/success">
|
||||
<?php if (isset($email)): ?>
|
||||
<p class="justify">No user found with the given email address / username. Sign up with one click!</p>
|
||||
<p class="justify">No user found with the given email address. Sign up with one click!</p>
|
||||
<input type="email" class="text big fullWidth marginTop" name="email" placeholder="Email address" autocomplete="username" value="<?= $email ?>" required>
|
||||
<input type="password" class="text big fullWidth marginTop" name="password" placeholder="Password confirmation" autocomplete="new-password" required minlength="6" autofocus>
|
||||
<?php else: ?>
|
||||
@ -16,7 +16,6 @@
|
||||
<input type="password" class="text big fullWidth marginTop" name="password" placeholder="Password" autocomplete="new-password" required minlength="6">
|
||||
<input type="password" class="text big fullWidth marginTop" name="password_confirm" placeholder="Password confirmation" autocomplete="new-password" minlength="6">
|
||||
<?php endif; ?>
|
||||
<input type="username" class="text big fullWidth marginTop" name="username" placeholder="Username">
|
||||
<?php if (!empty($_ENV['RECAPTCHA_SITEKEY'])): ?>
|
||||
<div class="marginTop">
|
||||
<div class="g-recaptcha" data-sitekey="<?= $_ENV['RECAPTCHA_SITEKEY'] ?>"></div>
|
||||
|
1
web.php
1
web.php
@ -38,6 +38,7 @@ Container::$routeCollection->group('signup', function (RouteCollection $routeCol
|
||||
$routeCollection->get('signup', '', [LoginController::class, 'getSignupForm']);
|
||||
$routeCollection->post('signup-action', '', [LoginController::class, 'signup']);
|
||||
$routeCollection->get('signup-google', 'google', [LoginController::class, 'getSignupWithGoogleForm']);
|
||||
$routeCollection->post('signup-google-action', 'google', [LoginController::class, 'signupWithGoogle']);
|
||||
$routeCollection->post('signup.reset', 'reset', [LoginController::class, 'resetSignup']);
|
||||
$routeCollection->post('signup-google.reset', 'google/reset', [LoginController::class, 'resetGoogleSignup']);
|
||||
$routeCollection->get('signup.success', 'success', [LoginController::class, 'getSignupSuccess']);
|
||||
|
Loading…
Reference in New Issue
Block a user