MajenkoProjects/decpdf.site
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
940191502e2c93f76ec6e6ed67d592304faccfd0
decpdf.site/lib/Auth.php
Matt Jenkins 940191502e Initial import
2026-01-18 00:53:18 +00:00

175 lines
5.2 KiB
PHP
Executable File
Raw Blame History

<?php
class Auth {
static function routes() {
Routes::add_web("GET", "/register", ["Auth", "register"]);
Routes::add_web("POST", "/register", ["Auth", "do_register"]);
Routes::add_web("GET", "/login", ["Auth", "login"]);
Routes::add_web("POST", "/login", ["Auth", "do_login"]);
Routes::add_web("GET", "/logout", ["Auth", "logout"]);
Routes::add_web("GET", "/account", ["Auth", "account"], ["Auth", "logged_in"]);
Routes::add_web("POST", "/account/chpass", ["Auth", "chpass"], ["Auth", "logged_in"]);
Routes::add_web("GET", "/account/{tab}", ["Auth", "account"], ["Auth", "logged_in"]);
}
static function chpass($_request) {
$session = Session::all_data();
$user = get_user();
$current = $_request->post("current");
$chash = hash("sha256", $current);
if ($chash != $user->password) {
flash("error", "Wrong password. Try again.");
return redirect("/account");
}
$p1 = $_request->post("pass1");
$p2 = $_request->post("pass2");
if ($p1 != $p2) {
flash("error", "Your new passwords don't match.");
return redirect("/account");
}
if (strlen($p1) < 6) {
flash("error", "Your new password is too short. Pick one that is 6 characters or more.");
return redirect("/account");
}
$user->password = hash("sha256", $p1);
$user->save();
flash("success", "Your password has been changed.");
return redirect("/account");
}
static function account($tab = "account") {
$session = Session::all_data();
return blade("account", ["tab" => $tab, "session" => $session, "user" => get_user()]);
}
static function can_upload() {
$user = get_user();
if (!$user) return false;
return $user->can_upload == "Y";
}
static function can_moderate() {
$user = get_user();
if (!$user) return false;
return $user->can_moderate == "Y";
}
static function register() {
if (array_key_exists("HTTP_REFERER", $_SERVER)) {
Session::set("login_return", $_SERVER['HTTP_REFERER']);
} else {
Session::set("login_return", "/");
}
return blade("register");
}
static function do_register($_request) {
$username = $_request->post("username");
$email = $_request->post("email");
$password = $_request->post("password");
$confirm = $_request->post("confirm");
if ($username == "") {
flash("error", "You haven't provided a username.");
return blade("register", ["username" => $username, "email" => $email, "password" => $password, "confirm" => $confirm]);
}
if ($email == "") {
flash("error", "You haven't provided an email address.");
return blade("register", ["username" => $username, "email" => $email, "password" => $password, "confirm" => $confirm]);
}
if (strlen($password) < 6) {
flash("error", "You need to give a password of at least 6 characters.");
return blade("register", ["username" => $username, "email" => $email, "password" => $password, "confirm" => $confirm]);
}
if ($password != $confirm) {
flash("error", "Your two passwords do not match.");
return blade("register", ["username" => $username, "email" => $email, "password" => $password, "confirm" => $confirm]);
}
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
flash("error", "Your email address doesn't appear to be valid.");
return blade("register", ["username" => $username, "email" => $email, "password" => $password, "confirm" => $confirm]);
}
$exist = User::find([["username", "=", strtolower($username)]])->first();
if ($exist) {
flash("error", "That username has already been taken. Pick another.");
return blade("register", ["username" => $username, "email" => $email, "password" => $password, "confirm" => $confirm]);
}
$exist = User::find([["email", "=", $email]])->first();
if ($exist) {
flash("error", "An account with that email address already exists.");
return blade("register", ["username" => $username, "email" => $email, "password" => $password, "confirm" => $confirm]);
}
$u = new User;
$u->username = $username;
$u->email = $email;
$u->password = hash("sha256", $password);
$u->save();
Session::set("user", $u->id);
flash("success", "Registration successful. You have also been automatically logged in.");
$ret = Session::get("login_return");
return redirect($ret);
}
static function logged_in() {
$user = get_user();
return $user !== false;
}
static function do_login() {
$username = $_POST['username'];
$password = $_POST['password'];
if (!$username) return blade("login");
if (!$password) return blade("login");
$user = User::find([["username", "=", $username]])->first();
if (!$user) {
$user = User::find([["email", "=", $username]])->first();
}
$pwe = hash("sha256", $password);
if ($pwe == $user->password) {
Session::set("user", $user->id);
flash("success", "Log in successful");
$ret = Session::get("login_return");
return redirect($ret);
}
flash("error", "Invalid username or password.");
return blade("login");
}
public static function login() {
if (array_key_exists("HTTP_REFERER", $_SERVER)) {
Session::set("login_return", $_SERVER['HTTP_REFERER']);
} else {
Session::set("login_return", "/");
}
return blade("login");
}
public static function logout() {
Session::unset("user");
return redirect($_SERVER['HTTP_REFERER']);
}
}
Reference in New Issue View Git Blame Copy Permalink