diff --git a/public/index.php b/public/index.php index 8f9a00c..6eca6c3 100644 --- a/public/index.php +++ b/public/index.php @@ -39,6 +39,7 @@ $router->map("POST", "/submit-twig", fn() => $sampleFormController->submitFormTw $router->map("GET", "/register", fn() => $authController->displayRegister()); $router->map("POST", "/register", fn() => $authController->confirmRegister($_POST)); $router->map("GET", "/login", fn() => $authController->displayLogin()); +$router->map("POST", "/login", fn() => $authController->displayLoginPassed($_POST)); $router->map("GET", "/tactic/new", fn() => $editorController->makeNew()); $router->map("GET", "/tactic/[i:id]/edit", fn(int $id) => $editorController->openEditorFor($id)); diff --git a/src/Controller/AuthController.php b/src/Controller/AuthController.php index d2aba83..999a89b 100644 --- a/src/Controller/AuthController.php +++ b/src/Controller/AuthController.php @@ -50,7 +50,7 @@ class AuthController { $fails = $this->model->validationRegister($request['username'], $request["password"], $request['confirmpassword'], $request['email']); if (empty($fails)) { $results = $this->model->getUserFields($request['email']); - return ViewHttpResponse::twig("display_register_confirm.html.twig", ['username' => $results['username'], 'email' => $results['email']]); + return ViewHttpResponse::twig("display_auth_confirm.html.twig", ['username' => $results['username'], 'email' => $results['email']]); } $bad_fields = []; @@ -73,9 +73,19 @@ class AuthController { "email" => [Validators::regex("/@/")] ]); - $results = $this->model->getUserFields($request['email']); - return ViewHttpResponse::twig("display_login_passed.html.twig",[['username' => $results['username'], 'email' => $results['email']]]); + $fails = $this->model->validationLogin($request['email'],$request['password']); + $bad_fields = []; + foreach ($fails as $err){ + if ($err instanceof FieldValidationFail){ + $bad_fields [] = $err->getFieldName(); + } + } + if (empty($fails)){ + $results = $this->model->getUserFields($request['email']); + return ViewHttpResponse::twig("display_auth_confirm.html.twig",['username' => $results['username'], 'email' => $results['email']]); + } + return ViewHttpResponse::twig("display_login.html.twig",['bad_fields' => $bad_fields]); } } \ No newline at end of file diff --git a/src/Gateway/AuthGateway.php b/src/Gateway/AuthGateway.php index f128a20..c04e5e3 100644 --- a/src/Gateway/AuthGateway.php +++ b/src/Gateway/AuthGateway.php @@ -25,6 +25,11 @@ class AuthGateway { $this->con->exec("INSERT INTO AccountUser VALUES (:username,:hash,:email)", [':username' => [$username, PDO::PARAM_STR],':hash'=> [$hash, PDO::PARAM_STR],':email'=>[$email, PDO::PARAM_STR]]); } + public function getUserHash(string $email):string{ + $results = $this->con->fetch ("SELECT hash FROM AccountUser WHERE email = :email",[':email'=>[$email, PDO::PARAM_STR]]); + return $results[0]['hash']; + } + public function getUserFields (string $email): ?array { $results = $this->con->fetch ("SELECT username,email FROM AccountUser WHERE email = :email",[':email'=>[$email, PDO::PARAM_STR]]); diff --git a/src/Model/AuthModel.php b/src/Model/AuthModel.php index 8853962..febe186 100644 --- a/src/Model/AuthModel.php +++ b/src/Model/AuthModel.php @@ -20,6 +20,7 @@ class AuthModel { public function validationRegister(string $username, string $password, string $confirmPassword,string $email): array { $errors = []; + if ($password != $confirmPassword) { $errors[] = new FieldValidationFail("confirmpassword","passwords not equals"); } @@ -41,5 +42,24 @@ class AuthModel { } + public function validationLogin(string $email,string $password): array{ + $errors = []; + + if (!$this->gateway->mailExist($email)) { + $errors[] = new FieldValidationFail("email", "email doesnt exists"); + return $errors; + } + $hash = $this->gateway->getUserHash($email); + + if (!password_verify($password, $hash)) { + $errors[] = new FieldValidationFail("password", "invalid password"); + } + + return $errors; + } + + + + } \ No newline at end of file diff --git a/src/Views/display_register_confirm.html.twig b/src/Views/display_auth_confirm.html.twig similarity index 100% rename from src/Views/display_register_confirm.html.twig rename to src/Views/display_auth_confirm.html.twig diff --git a/src/Views/display_login_passed.html.twig b/src/Views/display_login_passed.html.twig deleted file mode 100644 index 1795479..0000000 --- a/src/Views/display_login_passed.html.twig +++ /dev/null @@ -1,19 +0,0 @@ - - -
- -username: {{ v.name }}
-description: {{ v.description }}
-{% endfor %} - - - - \ No newline at end of file