2019-10-26 23:35:24 +00:00
< ? php
namespace App\Controller\Frontend\Account ;
use App\Entity\Repository\SettingsRepository ;
use App\Entity\Settings ;
use App\Entity\User ;
2020-06-23 08:48:29 +00:00
use App\Exception\RateLimitExceededException ;
2019-10-26 23:35:24 +00:00
use App\Http\Response ;
use App\Http\ServerRequest ;
2020-02-06 02:35:13 +00:00
use App\RateLimit ;
use App\Session\Flash ;
2020-06-26 20:22:53 +00:00
use Doctrine\ORM\EntityManagerInterface ;
2019-10-26 23:35:24 +00:00
use Psr\Http\Message\ResponseInterface ;
class LoginAction
{
public function __invoke (
ServerRequest $request ,
Response $response ,
2020-06-26 20:22:53 +00:00
EntityManagerInterface $em ,
2019-10-26 23:35:24 +00:00
RateLimit $rateLimit ,
SettingsRepository $settingsRepo
) : ResponseInterface {
2020-07-10 04:15:27 +00:00
$auth = $request -> getAuth ();
$acl = $request -> getAcl ();
2019-10-26 23:35:24 +00:00
// Check installation completion progress.
if ( $settingsRepo -> getSetting ( Settings :: SETUP_COMPLETE , 0 ) === 0 ) {
$num_users = ( int ) $em -> createQuery ( /** @lang DQL */ 'SELECT COUNT(u.id) FROM App\Entity\User u' )
-> getSingleScalarResult ();
if ( 0 === $num_users ) {
return $response -> withRedirect ( $request -> getRouter () -> named ( 'setup:index' ));
}
}
if ( $auth -> isLoggedIn ()) {
return $response -> withRedirect ( $request -> getRouter () -> named ( 'dashboard' ));
}
$flash = $request -> getFlash ();
if ( $request -> isPost ()) {
try {
$rateLimit -> checkRateLimit ( $request , 'login' , 30 , 5 );
} catch ( RateLimitExceededException $e ) {
$flash -> addMessage ( '<b>' . __ ( 'Too many login attempts' ) . '</b><br>' . __ ( 'You have attempted to log in too many times. Please wait 30 seconds and try again.' ),
Flash :: ERROR );
return $response -> withRedirect ( $request -> getUri () -> getPath ());
}
$user = $auth -> authenticate ( $request -> getParam ( 'username' ), $request -> getParam ( 'password' ));
if ( $user instanceof User ) {
// Reload ACL permissions.
$acl -> reload ();
// Persist user as database entity.
$em -> persist ( $user );
$em -> flush ();
// Redirect for 2FA.
if ( ! $auth -> isLoginComplete ()) {
return $response -> withRedirect ( $request -> getRouter () -> named ( 'account:login:2fa' ));
}
2020-06-26 20:22:53 +00:00
2020-06-23 08:48:29 +00:00
// Redirect to complete setup if it's not completed yet.
if ( $settingsRepo -> getSetting ( Settings :: SETUP_COMPLETE , 0 ) === 0 ) {
$flash -> addMessage ( '<b>' . __ ( 'Logged in successfully.' ) . '</b><br>' . __ ( 'Complete the setup process to get started.' ),
Flash :: SUCCESS );
return $response -> withRedirect ( $request -> getRouter () -> named ( 'setup:index' ));
}
2019-10-26 23:35:24 +00:00
$flash -> addMessage ( '<b>' . __ ( 'Logged in successfully.' ) . '</b><br>' . $user -> getEmail (),
Flash :: SUCCESS );
$referrer = $request -> getSession () -> get ( 'login_referrer' );
if ( ! empty ( $referrer )) {
return $response -> withRedirect ( $referrer );
}
return $response -> withRedirect ( $request -> getRouter () -> named ( 'dashboard' ));
}
$flash -> addMessage ( '<b>' . __ ( 'Login unsuccessful' ) . '</b><br>' . __ ( 'Your credentials could not be verified.' ),
Flash :: ERROR );
return $response -> withRedirect ( $request -> getUri ());
}
return $request -> getView () -> renderToResponse ( $response , 'frontend/account/login' );
}
}