Skip to content
Snippets Groups Projects
Verified Commit 41b92e82 authored by Damien's avatar Damien
Browse files

FEAT Logout + more info in cookie + auth control for non standard users

parent 9a93bccc
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
rest/index.php
+ 1
0
View file @ 41b92e82
...@@ -48,6 +48,7 @@ $app->add(function (\Slim\Http\Request $request, \Slim\Http\Response $response, ...@@ -48,6 +48,7 @@ $app->add(function (\Slim\Http\Request $request, \Slim\Http\Response $response,
//Authentication //Authentication
$app->post('/log', \SrcCore\controllers\AuthenticationController::class . ':log'); $app->post('/log', \SrcCore\controllers\AuthenticationController::class . ':log');
$app->get('/logout', \SrcCore\controllers\AuthenticationController::class . ':logout');
//Attachments //Attachments
$app->get('/attachments/{id}', \Attachment\controllers\AttachmentController::class . ':getById'); $app->get('/attachments/{id}', \Attachment\controllers\AttachmentController::class . ':getById');
......
src/core/controllers/AuthenticationController.php
+ 12
2
View file @ 41b92e82
...@@ -54,10 +54,20 @@ class AuthenticationController ...@@ -54,10 +54,20 @@ class AuthenticationController
return $response->withStatus(401)->withJson(['errors' => 'Authentication Failed']); return $response->withStatus(401)->withJson(['errors' => 'Authentication Failed']);
} }
AuthenticationModel::setCookieAuth(['email' => $data['email']]); $user = UserModel::getByEmail(['email' => $data['email'], 'select' => ['id', 'email', 'firstname', 'lastname', 'mode']]);
if ($user['mode'] != 'standard') {
return $response->withStatus(403)->withJson(['errors' => 'Login unauthorized']);
}
$user = UserModel::getByEmail(['email' => $data['email'], 'select' => ['id', 'email', 'firstname', 'lastname']]); AuthenticationModel::setCookieAuth(['email' => $data['email']]);
return $response->withJson(['user' => $user]); return $response->withJson(['user' => $user]);
} }
public static function logout(Request $request, Response $response)
{
AuthenticationModel::deleteCookieAuth();
return $response->withJson(['success' => 'success']);
}
} }
src/core/models/AuthenticationModel.php
+ 9
3
View file @ 41b92e82
...@@ -87,7 +87,7 @@ class AuthenticationModel ...@@ -87,7 +87,7 @@ class AuthenticationModel
} }
$user = UserModel::get([ $user = UserModel::get([
'select' => ['cookie_key'], 'select' => ['id', 'cookie_key', 'firstname', 'lastname'],
'where' => ['email = ?', 'cookie_date > CURRENT_TIMESTAMP'], 'where' => ['email = ?', 'cookie_date > CURRENT_TIMESTAMP'],
'data' => [$args['email']] 'data' => [$args['email']]
]); ]);
...@@ -110,8 +110,14 @@ class AuthenticationModel ...@@ -110,8 +110,14 @@ class AuthenticationModel
'data' => [$args['email']] 'data' => [$args['email']]
]); ]);
$cookieData = json_encode(['email' => $args['email'], 'cookieKey' => $cookieKey]); $cookieData = json_encode([
setcookie('maarchParapheurAuth', base64_encode($cookieData), $cookieTime, $cookiePath, '', false, true); 'id' => $user[0]['id'],
'email' => $args['email'],
'firstname' => $user[0]['firstname'],
'lastname' => $user[0]['lastname'],
'cookieKey' => $cookieKey
]);
setcookie('maarchParapheurAuth', base64_encode($cookieData), $cookieTime, $cookiePath, '', false, false);
return true; return true;
} }
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment