diff --git a/Web/Presenters/AuthPresenter.php b/Web/Presenters/AuthPresenter.php index 7153c15c..7ebead1c 100644 --- a/Web/Presenters/AuthPresenter.php +++ b/Web/Presenters/AuthPresenter.php @@ -87,8 +87,10 @@ final class AuthPresenter extends OpenVKPresenter function renderLogin(): void { + $redirUrl = $this->requestParam("jReturnTo"); + if(!is_null($this->user)) - $this->redirect("/id" . $this->user->id, static::REDIRECT_TEMPORARY); + $this->redirect($redirUrl ?? "/id" . $this->user->id, static::REDIRECT_TEMPORARY); if(!$this->hasPermission("user", "login", -1)) exit("Вас забанили"); @@ -101,8 +103,7 @@ final class AuthPresenter extends OpenVKPresenter if(!$this->authenticator->login($user->id, $this->postParam("password"))) $this->flashFail("err", "Не удалось войти", "Неверное имя пользователя или пароль. Забыли пароль?"); - $redirUrl = $_GET["jReturnTo"] ?? "/id" . $user->related("profiles.user")->fetch()->id; - $this->redirect($redirUrl, static::REDIRECT_TEMPORARY); + $this->redirect($redirUrl ?? "/id" . $user->related("profiles.user")->fetch()->id, static::REDIRECT_TEMPORARY); exit; } } diff --git a/Web/Presenters/OpenVKPresenter.php b/Web/Presenters/OpenVKPresenter.php index f352f8b3..9aedc6fa 100644 --- a/Web/Presenters/OpenVKPresenter.php +++ b/Web/Presenters/OpenVKPresenter.php @@ -6,8 +6,7 @@ use Chandler\Session\Session; use Chandler\Security\Authenticator; use Latte\Engine as TemplatingEngine; use openvk\Web\Models\Entities\IP; -use openvk\Web\Models\Repositories\IPs; -use openvk\Web\Models\Repositories\Users; +use openvk\Web\Models\Repositories\{IPs, Users, APITokens}; abstract class OpenVKPresenter extends SimplePresenter { @@ -44,6 +43,28 @@ abstract class OpenVKPresenter extends SimplePresenter exit; } + protected function logInUserWithToken(): void + { + $header = $_SERVER["HTTP_AUTHORIZATION"] ?? ""; + $token; + + preg_match("%Bearer (.*)$%", $header, $matches); + $token = $matches[1] ?? ""; + $token = (new APITokens)->getByCode($token); + if(!$token) { + header("HTTP/1.1 401 Unauthorized"); + header("Content-Type: application/json"); + exit(json_encode(["error" => "The access token is invalid"])); + } + + $this->user = (object) []; + $this->user->identity = $token->getUser(); + $this->user->raw = $this->user->identity->getChandlerUser(); + $this->user->id = $this->user->identity->getId(); + $this->template->thisUser = $this->user->identity; + $this->template->userTainted = false; + } + protected function assertUserLoggedIn(bool $returnUrl = true): void { if(is_null($this->user)) { diff --git a/Web/Presenters/templates/@layout.xml b/Web/Presenters/templates/@layout.xml index 8347a7c7..7417dab0 100644 --- a/Web/Presenters/templates/@layout.xml +++ b/Web/Presenters/templates/@layout.xml @@ -179,11 +179,12 @@ Выйти {/if} {else} -
+ + {_registration}