This commit is contained in:
Jaybe
2025-03-05 14:02:29 +09:00
commit 247a7808d3
357 changed files with 161196 additions and 0 deletions
@@ -0,0 +1,94 @@
<?php
namespace App\Controllers\Auth;
use App\Controllers\BaseController;
use App\Controllers\User\UserController;
use CodeIgniter\Shield\Controllers\MagicLinkController as ShieldMagicLinkController;
use CodeIgniter\Events\Events;
use CodeIgniter\HTTP\RedirectResponse;
use CodeIgniter\I18n\Time;
use CodeIgniter\Shield\Authentication\Authenticators\Session;
use CodeIgniter\Shield\Config\Auth;
use CodeIgniter\Shield\Models\LoginModel;
use CodeIgniter\Shield\Models\UserIdentityModel;
class MagicLinkController extends ShieldMagicLinkController
{
public function verify(): RedirectResponse
{
$token = $this->request->getGet('token');
/** @var UserIdentityModel $identityModel */
$identityModel = model(UserIdentityModel::class);
$identity = $identityModel->getIdentityBySecret(Session::ID_TYPE_MAGIC_LINK, $token);
$identifier = $token ?? '';
// No token found?
if ($identity === null) {
$this->recordLoginAttempt($identifier, false);
$credentials = ['magicLinkToken' => $token];
Events::trigger('failedLogin', $credentials);
return redirect()->route('magic-link')->with('error', lang('Auth.magicTokenNotFound'));
}
// Delete the db entry so it cannot be used again.
$identityModel->delete($identity->id);
// Token expired?
if (Time::now()->isAfter($identity->expires)) {
$this->recordLoginAttempt($identifier, false);
$credentials = ['magicLinkToken' => $token];
Events::trigger('failedLogin', $credentials);
return redirect()->route('magic-link')->with('error', lang('Auth.magicLinkExpired'));
}
/** @var Session $authenticator */
$authenticator = auth('session')->getAuthenticator();
// If an action has been defined
if ($authenticator->hasAction($identity->user_id)) {
return redirect()->route('auth-action-show')->with('error', lang('Auth.forcePasswordChange'));
}
// Log the user in
$authenticator->loginById($identity->user_id);
$user = $authenticator->getUser();
$this->recordLoginAttempt($identifier, true, $user->id);
// Give the developer a way to know the user
// logged in via a magic link.
session()->setTempdata('magicLogin', true);
Events::trigger('magicLogin');
$user->forcePasswordReset();
// Get our login redirect url
return redirect()->to('/set-password');
}
private function recordLoginAttempt(
string $identifier,
bool $success,
$userId = null
): void {
/** @var LoginModel $loginModel */
$loginModel = model(LoginModel::class);
$loginModel->recordLoginAttempt(
Session::ID_TYPE_MAGIC_LINK,
$identifier,
$success,
$this->request->getIPAddress(),
(string) $this->request->getUserAgent(),
$userId
);
}
}
@@ -0,0 +1,65 @@
<?php
namespace App\Controllers\Auth;
use App\Controllers\BaseController;
use App\Controllers\User\UserController;
use App\Models\Api\UserModel;
use CodeIgniter\Shield\Authentication\Passwords;
class PasswordChangeController extends BaseController
{
private $user, $userModel;
protected $helpers = ['setting'];
public function __construct()
{
if (!auth()->loggedIn()) {
return redirect()->to('/login');
}
$this->user = auth()->user();
$this->userModel = model(UserModel::class);
}
public function changePasswordView()
{
/* if (!session('magicLogin')) {
throw \CodeIgniter\Exceptions\PageNotFoundException::forPageNotFound();
} */
return view(setting('Auth.views')['set-password']);
}
public function changePasswordAction(){
$data = $this->request->getPost();
$rules = [
'password' => [
'label' => 'Auth.password',
'rules' => 'required|' . Passwords::getMaxLengthRule() . '|strong_password[]',
'errors' => [
'max_byte' => 'Auth.errorPasswordTooLongBytes',
],
],
'password_confirm' => [
'label' => 'Auth.passwordConfirm',
'rules' => 'required|matches[password]',
],
];
if (! $this->validateData($data, $rules, [], config('Auth')->DBGroup)) {
return redirect()->back()->withInput()->with('errors', $this->validator->getErrors());
}
$this->user->fill($data);
$result = $this->userModel->save($this->user);
if($result == true){
$this->user->undoForcePasswordReset();
$userController = new UserController;
$userController->setPasswordChangedAt(true);
session()->removeTempdata('magicLogin');
}
return redirect()->to("/");
}
}