gregorio/lepisi-pengumuman
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Added login function

Browse Source
This commit is contained in:
Gregorio Chiko Putra 2017-09-05 13:36:19 +07:00
parent 47d455063f
commit f8f4398007
5 changed files with 102 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
App/Controllers/Home.php
View File

@ -2,9 +2,18 @@
namespace App\Controllers;
use Core\View;
use App\Models\Access;
use Core\Token;
use Core\Session;
use Core\Redirect;
class Home
{
private $access;
public function __construct()
{
$this->access = new Access();
}
public function index()
{
// echo "This is index of home"; // Nanti di replace sama twig view ke App\Views\Data\pengumuman.html
@ -16,7 +25,20 @@ class Home
public function login()
{
// echo "You have to login"; // Nanti di replace sama twig view ke App\Views\Access\login.html
View::render('Access/login.html');
View::render('Access/login.html', [
'token' => Token::generate()
]);
return true;
}
public function put($args = [])
{
if ($this->access->login($args)) {
$table = 'user';
$id = Session::get('userid');
if ($this->access->update($table, ['status' => 1], $id)) {
Redirect::to('/');
}
}
}
}

46
App/Models/Access.php
View File

@ -11,8 +11,10 @@ class Access extends \Core\Model
'id int(3) NOT NULL AUTO_INCREMENT',
'username varchar(25) NOT NULL',
'password char(13)',
'salt char(23)',
'name varchar(50)',
'registered_at timestamp DEFAULT CURRENT_TIMESTAMP',
'status tinyint DEFAULT 1',
'PRIMARY KEY (id)'
]
);
@ -46,7 +48,7 @@ class Access extends \Core\Model
if ($query->execute([$id])) {
if ($query->rowCount() === 1) {
$result = $query->fetchAll(\PDO::FETCH_ASSOC);
$result = $query->fetch(\PDO::FETCH_ASSOC);
return $result;
}
}
@ -55,4 +57,46 @@ class Access extends \Core\Model
echo $e->getMessage();
}
}
public function login($args = [])
{
try {
$username = $args['username'];
$password = $args['password'];
$db = static::connectDB();
$sql = "SELECT id, password, salt FROM user WHERE username = ?";
$query = $db->prepare($sql);
$query->bindValue(1, $username);
if ($query->execute()) {
if ($query->rowCount() === 1) {
$result = $query->fetch(\PDO::FETCH_ASSOC);
$id = $result['id'];
$salt = $result['salt'];
$hash = $result['password'];
if (\Core\Hash::compare($password, $salt, $hash)) {
$user = $this->showSingle($id);
\Core\Session::put('userid', $user['id']);
\Core\Session::put('username', $user['username']);
\Core\Session::put('name', $user['name']);
$user_now = $user['username'];
\Core\Session::flash('info', "$user_now logged in");
return true;
}
}
}
return false;
} catch (PDOException $e) {
echo $e->getMessage();
}
}
}

6
App/Views/Access/login.html
View File

@ -17,14 +17,16 @@
<input type="password" name="password" value="" placeholder="Type your password">
<!-- method -->
<input type="hidden" name="_method" value="post">
<input type="hidden" name="_method" value="put">
<!-- Token -->
<input type="hidden" name="_token" value="##TOKEN##">
<input type="hidden" name="_token" value="{{ token }}">
<br>
<button type="submit" name="login">Login</button>
</form>
<a href="/">-> Alternative route</a>
</body>
</html>

30
Core/Hash.php Normal file
View File

@ -0,0 +1,30 @@
<?php
namespace Core;
class Hash
{
public static function make($string, $salt = '')
{
// return hash('sha256', $string . $salt);
// return password_hash($string, PASSWORD_BCRYPT);
return crypt($string, $salt);
}
public static function salt()
{
// return mcrypt_create_iv($length);
return uniqid(mt_rand());
}
public static function unique()
{
return self::make(uniqid());
}
public static function compare($string, $salt, $hash)
{
// return (Hash::make($string, $salt) === $hash) ? true : false;
// return password_verify($string, $hash);
return hash_equals($hash, Hash::make($string, $salt));
}
}

3
Core/Redirect.php
View File

@ -8,9 +8,6 @@ class Redirect
if($url)
{
$url = htmlspecialchars($url);
$url = rtrim($url, '/');
$url = substr_replace($url, '', 0, 1);
var_dump($url);
header("Location:$url");
return true;