Make sidebar login redirect back

This commit is contained in:
Alma Armas 2021-01-27 18:00:30 +00:00
parent 080e918f11
commit 0bdca7a0ff
3 changed files with 29 additions and 6 deletions

View file

@ -87,8 +87,10 @@ final class AuthPresenter extends OpenVKPresenter
function renderLogin(): void function renderLogin(): void
{ {
$redirUrl = $this->requestParam("jReturnTo");
if(!is_null($this->user)) if(!is_null($this->user))
$this->redirect("/id" . $this->user->id, static::REDIRECT_TEMPORARY); $this->redirect($redirUrl ?? "/id" . $this->user->id, static::REDIRECT_TEMPORARY);
if(!$this->hasPermission("user", "login", -1)) exit("Вас забанили"); if(!$this->hasPermission("user", "login", -1)) exit("Вас забанили");
@ -101,8 +103,7 @@ final class AuthPresenter extends OpenVKPresenter
if(!$this->authenticator->login($user->id, $this->postParam("password"))) if(!$this->authenticator->login($user->id, $this->postParam("password")))
$this->flashFail("err", "Не удалось войти", "Неверное имя пользователя или пароль. <a href='/restore.pl'>Забыли пароль?</a>"); $this->flashFail("err", "Не удалось войти", "Неверное имя пользователя или пароль. <a href='/restore.pl'>Забыли пароль?</a>");
$redirUrl = $_GET["jReturnTo"] ?? "/id" . $user->related("profiles.user")->fetch()->id; $this->redirect($redirUrl ?? "/id" . $user->related("profiles.user")->fetch()->id, static::REDIRECT_TEMPORARY);
$this->redirect($redirUrl, static::REDIRECT_TEMPORARY);
exit; exit;
} }
} }

View file

@ -6,8 +6,7 @@ use Chandler\Session\Session;
use Chandler\Security\Authenticator; use Chandler\Security\Authenticator;
use Latte\Engine as TemplatingEngine; use Latte\Engine as TemplatingEngine;
use openvk\Web\Models\Entities\IP; use openvk\Web\Models\Entities\IP;
use openvk\Web\Models\Repositories\IPs; use openvk\Web\Models\Repositories\{IPs, Users, APITokens};
use openvk\Web\Models\Repositories\Users;
abstract class OpenVKPresenter extends SimplePresenter abstract class OpenVKPresenter extends SimplePresenter
{ {
@ -44,6 +43,28 @@ abstract class OpenVKPresenter extends SimplePresenter
exit; exit;
} }
protected function logInUserWithToken(): void
{
$header = $_SERVER["HTTP_AUTHORIZATION"] ?? "";
$token;
preg_match("%Bearer (.*)$%", $header, $matches);
$token = $matches[1] ?? "";
$token = (new APITokens)->getByCode($token);
if(!$token) {
header("HTTP/1.1 401 Unauthorized");
header("Content-Type: application/json");
exit(json_encode(["error" => "The access token is invalid"]));
}
$this->user = (object) [];
$this->user->identity = $token->getUser();
$this->user->raw = $this->user->identity->getChandlerUser();
$this->user->id = $this->user->identity->getId();
$this->template->thisUser = $this->user->identity;
$this->template->userTainted = false;
}
protected function assertUserLoggedIn(bool $returnUrl = true): void protected function assertUserLoggedIn(bool $returnUrl = true): void
{ {
if(is_null($this->user)) { if(is_null($this->user)) {

View file

@ -179,11 +179,12 @@
<a href="/logout" class="link">Выйти</a> <a href="/logout" class="link">Выйти</a>
{/if} {/if}
{else} {else}
<form id="fastLogin" action="login" method="POST" enctype="multipart/form-data"> <form id="fastLogin" action="/login" method="POST" enctype="multipart/form-data">
<label for="login"><span>{_"email"}:</span></label> <label for="login"><span>{_"email"}:</span></label>
<input id="login" type="text" name="login" required /> <input id="login" type="text" name="login" required />
<label for="password"><span>{_"password"}:</span></label> <label for="password"><span>{_"password"}:</span></label>
<input id="password" type="password" name="password" required /> <input id="password" type="password" name="password" required />
<input type="hidden" name="jReturnTo" value="{$_SERVER['REQUEST_URI']}" />
<input type="hidden" name="hash" value="{$csrfToken}" /> <input type="hidden" name="hash" value="{$csrfToken}" />
<input type="submit" value="{_'log_in'}" class="button" style="display: inline-block;" /> <input type="submit" value="{_'log_in'}" class="button" style="display: inline-block;" />
<a href="/reg" class="button" style="display: inline-block;" >{_registration}</a><br><br> <a href="/reg" class="button" style="display: inline-block;" >{_registration}</a><br><br>