Skip to content

Commit 60a9a53

Browse files
PothercaPotherca
committed
Change LoginController to be cleaner
- Remove separate LoginPageController - Only attempt login on POST request - Show Login page for other request
1 parent 006b583 commit 60a9a53

File tree

3 files changed

+39
-46
lines changed

3 files changed

+39
-46
lines changed

src/Controller/LoginController.php

+38-29
Original file line numberDiff line numberDiff line change
@@ -12,37 +12,46 @@ final public function __invoke(ServerRequestInterface $request, array $args): Re
1212
$postBody = $request->getParsedBody();
1313
$response = $this->getResponse();
1414

15-
// var_dump($_SESSION);
16-
if (isset($_SESSION['userid'])) {
17-
$user = $_SESSION['userid'];
18-
if ($request->getQueryParams()['returnUrl']) {
19-
$response = $response->withStatus(302, "Redirecting");
20-
$response = $response->withHeader("Location", $request->getQueryParams()['returnUrl']);
21-
return $response;
22-
}
23-
$response->getBody()->write("<h1>Already logged in as $user</h1>");
24-
} else if (
25-
($postBody['username'] == $_ENV['USERNAME'] && $postBody['password'] == $_ENV['PASSWORD']) ||
26-
($postBody['username'] == $_SERVER['USERNAME'] && $postBody['password'] == $_SERVER['PASSWORD'])
27-
) {
28-
$user = $postBody['username'];
29-
$_SESSION['userid'] = $user;
30-
if ($request->getQueryParams()['returnUrl']) {
31-
$response = $response->withStatus(302, "Redirecting");
32-
$response = $response->withHeader("Location", $request->getQueryParams()['returnUrl']);
33-
return $response;
34-
}
35-
$response->getBody()->write("<h1>Welcome $user</h1>\n");
36-
// echo("session started\n");
37-
//var_dump($_SESSION);
15+
if ($request->getMethod() === 'POST') {
16+
if (isset($_SESSION['userid'])) {
17+
$user = $_SESSION['userid'];
18+
19+
if (isset($request->getQueryParams()['returnUrl'])) {
20+
return $response
21+
->withHeader("Location", $request->getQueryParams()['returnUrl'])
22+
->withStatus(302)
23+
;
24+
}
25+
26+
$response->getBody()->write("<h1>Already logged in as $user</h1>");
27+
} elseif ($postBody['username'] && $postBody['password']) {
28+
$user = $postBody['username'];
29+
$password = $postBody['password'];
30+
31+
if (
32+
($user === $_ENV['USERNAME'] && $password === $_ENV['PASSWORD'])
33+
|| ($user === $_SERVER['USERNAME'] && $password === $_SERVER['PASSWORD'])
34+
) {
35+
$_SESSION['userid'] = $user;
36+
37+
if (isset($request->getQueryParams()['returnUrl'])) {
38+
return $response
39+
->withHeader("Location", $request->getQueryParams()['returnUrl'])
40+
->withStatus(302)
41+
;
42+
}
43+
44+
$response->getBody()->write("<h1>Welcome $user</h1>\n");
45+
} else {
46+
$response->getBody()->write("<h1>Login as $user failed</h1>\n");
47+
}
48+
} else {
49+
$response->getBody()->write("<h1>Login failed</h1>\n");
50+
}
3851
} else {
39-
// var_dump($postBody);
40-
//echo("cookie:\n");
41-
//var_dump($_COOKIE);
42-
//echo("session:\n");
43-
//var_dump($_SESSION);
44-
$response->getBody()->write("<h1>No (try posting username=alice&password=alice123)</h1>\n");
52+
return $this->createTemplateResponse('login.html');
4553
}
54+
4655
return $response;
4756
}
4857
}

src/Controller/LoginPageController.php

-14
This file was deleted.

web/index.php

+1-3
Original file line numberDiff line numberDiff line change
@@ -26,7 +26,6 @@
2626
use Pdsinterop\Solid\Controller\HttpToHttpsController;
2727
use Pdsinterop\Solid\Controller\JwksController;
2828
use Pdsinterop\Solid\Controller\LoginController;
29-
use Pdsinterop\Solid\Controller\LoginPageController;
3029
use Pdsinterop\Solid\Controller\OpenidController;
3130
use Pdsinterop\Solid\Controller\Profile\CardController;
3231
use Pdsinterop\Solid\Controller\Profile\ProfileController;
@@ -128,7 +127,6 @@
128127
HttpToHttpsController::class,
129128
JwksController::class,
130129
LoginController::class,
131-
LoginPageController::class,
132130
OpenidController::class,
133131
ProfileController::class,
134132
RegisterController::class,
@@ -190,7 +188,7 @@
190188
$router->map('GET', '/profile', AddSlashToPathController::class);
191189
$router->map('GET', '/.well-known/openid-configuration', OpenidController::class);
192190
$router->map('GET', '/jwks', JwksController::class);
193-
$router->map('GET', '/login/', LoginPageController::class);
191+
$router->map('GET', '/login/', LoginController::class);
194192
$router->map('POST', '/login', LoginController::class);
195193
$router->map('POST', '/login/', LoginController::class);
196194
$router->map('POST', '/register', RegisterController::class);

0 commit comments

Comments
 (0)