login-fixes #5
@ -29,7 +29,7 @@ if ($match !== null) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
if (!$authorized) {
|
if (!$authorized) {
|
||||||
Container::$request->session()->set('redirect_after_login', $url);
|
Container::$request->session()->set('redirect_after_login', '/' . $url);
|
||||||
$response = new Redirect(Container::$routeCollection->getRoute('login')->generateLink(), IRedirect::TEMPORARY);
|
$response = new Redirect(Container::$routeCollection->getRoute('login')->generateLink(), IRedirect::TEMPORARY);
|
||||||
header('Location: ' . $response->getUrl(), true, $response->getHttpCode());
|
header('Location: ' . $response->getUrl(), true, $response->getHttpCode());
|
||||||
return;
|
return;
|
||||||
|
|||||||
@ -41,7 +41,7 @@ class LoginController
|
|||||||
return new Redirect(\Container::$routeCollection->getRoute('index')->generateLink(), IRedirect::TEMPORARY);
|
return new Redirect(\Container::$routeCollection->getRoute('index')->generateLink(), IRedirect::TEMPORARY);
|
||||||
}
|
}
|
||||||
|
|
||||||
return new HtmlContent('login/login');
|
return new HtmlContent('login/login', ['redirectUrl' => $this->getRedirectUrl()]);
|
||||||
}
|
}
|
||||||
|
|
||||||
public function getGoogleLoginRedirect(): IRedirect
|
public function getGoogleLoginRedirect(): IRedirect
|
||||||
@ -91,12 +91,13 @@ class LoginController
|
|||||||
|
|
||||||
$user = $this->userRepository->getById($resetter->getUserId());
|
$user = $this->userRepository->getById($resetter->getUserId());
|
||||||
|
|
||||||
return new HtmlContent('login/reset_password', ['success' => true, 'token' => $token, 'email' => $user->getEmail()]);
|
return new HtmlContent('login/reset_password', ['success' => true, 'token' => $token, 'email' => $user->getEmail(), 'redirectUrl' => $this->getRedirectUrl()]);
|
||||||
}
|
}
|
||||||
|
|
||||||
public function login(): IContent
|
public function login(): IContent
|
||||||
{
|
{
|
||||||
if ($this->request->user() !== null) {
|
if ($this->request->user() !== null) {
|
||||||
|
$this->deleteRedirectUrl();
|
||||||
return new JsonContent(['success' => true]);
|
return new JsonContent(['success' => true]);
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -112,23 +113,21 @@ class LoginController
|
|||||||
|
|
||||||
$this->request->setUser($user);
|
$this->request->setUser($user);
|
||||||
|
|
||||||
|
$this->deleteRedirectUrl();
|
||||||
return new JsonContent(['success' => true]);
|
return new JsonContent(['success' => true]);
|
||||||
}
|
}
|
||||||
|
|
||||||
public function loginWithGoogle()
|
public function loginWithGoogle()
|
||||||
{
|
{
|
||||||
$redirectUrl = $this->request->session()->get('redirect_after_login');
|
$defaultError = 'Authentication with Google failed. Please <a href="/login/google" title="Login with Google">try again</a>!';
|
||||||
if ($redirectUrl === null) {
|
|
||||||
$redirectUrl = \Container::$routeCollection->getRoute('index')->generateLink();
|
|
||||||
}
|
|
||||||
|
|
||||||
if ($this->request->user() !== null) {
|
if ($this->request->user() !== null) {
|
||||||
$this->request->session()->delete('redirect_after_login');
|
$this->deleteRedirectUrl();
|
||||||
return new Redirect($redirectUrl, IRedirect::TEMPORARY);
|
return new Redirect($this->getRedirectUrl(), IRedirect::TEMPORARY);
|
||||||
}
|
}
|
||||||
|
|
||||||
if ($this->request->query('state') !== $this->request->session()->get('oauth_state')) {
|
if ($this->request->query('state') !== $this->request->session()->get('oauth_state')) {
|
||||||
return new HtmlContent('login/google_login');
|
return new HtmlContent('login/google_login_error', ['error' => $defaultError]);
|
||||||
}
|
}
|
||||||
|
|
||||||
$oAuth = new GoogleOAuth(new Request());
|
$oAuth = new GoogleOAuth(new Request());
|
||||||
@ -138,33 +137,29 @@ class LoginController
|
|||||||
);
|
);
|
||||||
|
|
||||||
if (!isset($tokenData['id_token'])) {
|
if (!isset($tokenData['id_token'])) {
|
||||||
return new HtmlContent('login/google_login');
|
return new HtmlContent('login/google_login_error', ['error' => $defaultError]);
|
||||||
}
|
}
|
||||||
|
|
||||||
$jwtParser = new JwtParser($tokenData['id_token']);
|
$jwtParser = new JwtParser($tokenData['id_token']);
|
||||||
$idToken = $jwtParser->getPayload();
|
$idToken = $jwtParser->getPayload();
|
||||||
|
|
||||||
if ($idToken['nonce'] !== $this->request->session()->get('oauth_nonce')) {
|
if ($idToken['nonce'] !== $this->request->session()->get('oauth_nonce')) {
|
||||||
return new HtmlContent('login/google_login');
|
return new HtmlContent('login/google_login_error', ['error' => $defaultError]);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!$idToken['email_verified']) {
|
if (!$idToken['email_verified']) {
|
||||||
return new HtmlContent('login/google_login');
|
return new HtmlContent('login/google_login_error', ['error' => $defaultError]);
|
||||||
}
|
}
|
||||||
|
|
||||||
$user = $this->userRepository->getByGoogleSub($idToken['sub']);
|
$user = $this->userRepository->getByGoogleSub($idToken['sub']);
|
||||||
if ($user === null) {
|
if ($user === null) {
|
||||||
return new JsonContent([
|
return new HtmlContent('login/google_login_error', ['error' => 'No user found for this Google account.']);
|
||||||
'error' => [
|
|
||||||
'errorText' => 'No user found for this Google account.'
|
|
||||||
]
|
|
||||||
]);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
$this->request->setUser($user);
|
$this->request->setUser($user);
|
||||||
|
|
||||||
$this->request->session()->delete('redirect_after_login');
|
$this->deleteRedirectUrl();
|
||||||
return new Redirect($redirectUrl, IRedirect::TEMPORARY);
|
return new Redirect($this->getRedirectUrl(), IRedirect::TEMPORARY);
|
||||||
}
|
}
|
||||||
|
|
||||||
public function logout(): IRedirect
|
public function logout(): IRedirect
|
||||||
@ -177,9 +172,10 @@ class LoginController
|
|||||||
public function requestPasswordReset(): IContent
|
public function requestPasswordReset(): IContent
|
||||||
{
|
{
|
||||||
if ($this->request->user() !== null) {
|
if ($this->request->user() !== null) {
|
||||||
|
$this->deleteRedirectUrl();
|
||||||
return new JsonContent([
|
return new JsonContent([
|
||||||
'redirect' => [
|
'redirect' => [
|
||||||
'target' => '/' . \Container::$routeCollection->getRoute('home')->generateLink()
|
'target' => $this->getRedirectUrl()
|
||||||
]
|
]
|
||||||
]);
|
]);
|
||||||
}
|
}
|
||||||
@ -240,9 +236,10 @@ class LoginController
|
|||||||
public function resetPassword(): IContent
|
public function resetPassword(): IContent
|
||||||
{
|
{
|
||||||
if ($this->request->user() !== null) {
|
if ($this->request->user() !== null) {
|
||||||
|
$this->deleteRedirectUrl();
|
||||||
return new JsonContent([
|
return new JsonContent([
|
||||||
'redirect' => [
|
'redirect' => [
|
||||||
'target' => '/' . \Container::$routeCollection->getRoute('home')->generateLink()
|
'target' => $this->getRedirectUrl()
|
||||||
]
|
]
|
||||||
]);
|
]);
|
||||||
}
|
}
|
||||||
@ -283,6 +280,7 @@ class LoginController
|
|||||||
|
|
||||||
$this->request->setUser($user);
|
$this->request->setUser($user);
|
||||||
|
|
||||||
|
$this->deleteRedirectUrl();
|
||||||
return new JsonContent(['success' => true]);
|
return new JsonContent(['success' => true]);
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -299,4 +297,18 @@ class LoginController
|
|||||||
]);
|
]);
|
||||||
$mail->send();
|
$mail->send();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
private function getRedirectUrl(): string
|
||||||
|
{
|
||||||
|
$redirectUrl = $this->request->session()->get('redirect_after_login');
|
||||||
|
if ($redirectUrl === null) {
|
||||||
|
return \Container::$routeCollection->getRoute('index')->generateLink();
|
||||||
|
}
|
||||||
|
return $redirectUrl;
|
||||||
|
}
|
||||||
|
|
||||||
|
private function deleteRedirectUrl(): void
|
||||||
|
{
|
||||||
|
$this->request->session()->delete('redirect_after_login');
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@ -1,8 +0,0 @@
|
|||||||
@extends(templates/layout_normal)
|
|
||||||
|
|
||||||
@section(main)
|
|
||||||
<h2>Login up with Google</h2>
|
|
||||||
<div class="box">
|
|
||||||
<p class="error justify">Authentication with Google failed. Please <a href="/login/google" title="Login with Google">try again</a>!</p>
|
|
||||||
</div>
|
|
||||||
@endsection
|
|
||||||
8
views/login/google_login_error.php
Normal file
8
views/login/google_login_error.php
Normal file
@ -0,0 +1,8 @@
|
|||||||
|
@extends(templates/layout_normal)
|
||||||
|
|
||||||
|
@section(main)
|
||||||
|
<h2>Login up with Google</h2>
|
||||||
|
<div class="box">
|
||||||
|
<p class="error justify"><?= $error ?></p>
|
||||||
|
</div>
|
||||||
|
@endsection
|
||||||
@ -3,7 +3,7 @@
|
|||||||
@section(main)
|
@section(main)
|
||||||
<h2>Login</h2>
|
<h2>Login</h2>
|
||||||
<div class="box">
|
<div class="box">
|
||||||
<form id="loginForm" action="/login" method="post" data-redirect-on-success="/">
|
<form id="loginForm" action="/login" method="post" data-redirect-on-success="<?= $redirectUrl ?>">
|
||||||
<input type="email" class="text big fullWidth" name="email" placeholder="Email address" required autofocus>
|
<input type="email" class="text big fullWidth" name="email" placeholder="Email address" required autofocus>
|
||||||
<input type="password" class="text big fullWidth marginTop" name="password" placeholder="Password" required minlength="6">
|
<input type="password" class="text big fullWidth marginTop" name="password" placeholder="Password" required minlength="6">
|
||||||
<p id="loginFormError" class="formError justify marginTop"></p>
|
<p id="loginFormError" class="formError justify marginTop"></p>
|
||||||
|
|||||||
@ -4,7 +4,7 @@
|
|||||||
<h2>Reset password</h2>
|
<h2>Reset password</h2>
|
||||||
<div class="box">
|
<div class="box">
|
||||||
<?php if ($success) : ?>
|
<?php if ($success) : ?>
|
||||||
<form id="resetPasswordForm" action="/password/reset/<?= $token ?>" method="post" data-redirect-on-success="/">
|
<form id="resetPasswordForm" action="/password/reset/<?= $token ?>" method="post" data-redirect-on-success="<?= $redirectUrl ?>">
|
||||||
<input type="email" class="text big fullWidth" name="email" placeholder="Email address" value="<?= $email ?>" disabled>
|
<input type="email" class="text big fullWidth" name="email" placeholder="Email address" value="<?= $email ?>" disabled>
|
||||||
<input type="password" class="text big fullWidth marginTop" name="password" placeholder="Password" required minlength="6" autofocus>
|
<input type="password" class="text big fullWidth marginTop" name="password" placeholder="Password" required minlength="6" autofocus>
|
||||||
<input type="password" class="text big fullWidth marginTop" name="password_confirm" placeholder="Password confirmation" required minlength="6">
|
<input type="password" class="text big fullWidth marginTop" name="password_confirm" placeholder="Password confirmation" required minlength="6">
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user