diff --git a/TODO.md b/TODO.md index 77f579c..8f0d2b9 100644 --- a/TODO.md +++ b/TODO.md @@ -2,7 +2,7 @@ ## Auth and User stuff - [x] signup -- [ ] signin +- [x] signin - [ ] edit user data - change password, mail... ## Core of the app diff --git a/app/controllers/AuthController.php b/app/controllers/AuthController.php index bc361b5..658497b 100644 --- a/app/controllers/AuthController.php +++ b/app/controllers/AuthController.php @@ -6,6 +6,19 @@ class AuthController extends Controller { $email = $_POST['email'] ?? ''; $password = $_POST['password'] ?? ''; + $validator = new Validator(); + $validator->required('email', $email); + $validator->email('email', $email); + $validator->required('password', $password); + + if (!$validator->passes()) { + $this->view('auth/signup', [ + 'error' => 'Please correct the errors below.', + 'validationErrors' => $validator->errors() ?: [], + ]); + return; + } + $user = new User(); $result = $user->login($email, $password); @@ -26,9 +39,7 @@ class AuthController extends Controller { $password = $_POST['password'] ?? ''; $password2 = $_POST['password-2'] ?? ''; - // Perform validations $validator = new Validator(); - $validator->required('username', $username); $validator->email('email', $email); $validator->required('password', $password); @@ -65,4 +76,10 @@ class AuthController extends Controller { ]); } } + + public function logout() { + session_unset(); + session_destroy(); + $this->redirect('/auth/signin'); + } } diff --git a/app/controllers/HomeController.php b/app/controllers/HomeController.php index 33bdcc7..129545f 100644 --- a/app/controllers/HomeController.php +++ b/app/controllers/HomeController.php @@ -1,22 +1,18 @@ 'Home' ]; - $view->render('home/index', $data); - //require_once views . 'home/index.php'; + $this->view('home/index', $data); } public function home() { $this->index(); } + + public function dashboard() { + $this->view("dashboard/index"); + } } diff --git a/app/models/User.php b/app/models/User.php index d860b58..e6ffffc 100644 --- a/app/models/User.php +++ b/app/models/User.php @@ -27,7 +27,6 @@ class User { return "Email is already registered"; } - // Hash the password $hashedPassword = password_hash($password, PASSWORD_BCRYPT); $stmt = $this->db->prepare("INSERT INTO users (username, email, password, points, created_at) VALUES (?, ?, ?, 0, NOW())"); @@ -39,7 +38,27 @@ class User { return "Error: " . $stmt->error; } } + + public function login($email, $password) { + $hashedPassword = password_hash($password, PASSWORD_BCRYPT); + + $stmt = $this->db->prepare("SELECT username, password FROM users WHERE email = ?"); + $stmt->bind_param("s", $email); + $stmt->execute(); + $result = $stmt->get_result(); + $stmt->close(); + + if ($result->num_rows === 1) { + $user = $result->fetch_assoc(); + if (password_verify($password, $user['password'])) { + $_SESSION['user'] = [ + 'username' => $user['username'], + 'email' => $email, + ]; + return true; + } + } + + return "Invalid email or password."; + } } - -?> - diff --git a/app/views/auth/signin.php b/app/views/auth/signin.php index c1ea56a..5cedda4 100644 --- a/app/views/auth/signin.php +++ b/app/views/auth/signin.php @@ -1,9 +1,21 @@
-
- - - - - -
+ get('error')): ?> +
get('error') ?>
+ + +
+ + + get('validationErrors')['email'])): ?> + get('validationErrors')['email'] ?> + + + + + get('validationErrors')['password'])): ?> + get('validationErrors')['password'] ?> + + + +
diff --git a/app/views/dashboard/index.php b/app/views/dashboard/index.php index e69de29..40f76c1 100644 --- a/app/views/dashboard/index.php +++ b/app/views/dashboard/index.php @@ -0,0 +1 @@ +

Welcome !

diff --git a/app/views/layouts/base.php b/app/views/layouts/base.php index 8b59e50..c1de6d1 100644 --- a/app/views/layouts/base.php +++ b/app/views/layouts/base.php @@ -8,6 +8,7 @@
Log In Sign Up + Log Out
diff --git a/app/views/shared/header.php b/app/views/shared/header.php deleted file mode 100644 index 1a9c6c2..0000000 --- a/app/views/shared/header.php +++ /dev/null @@ -1,4 +0,0 @@ -
- Log In - Sign Up -
diff --git a/core/Router.php b/core/Router.php index d373bb8..82f44f6 100644 --- a/core/Router.php +++ b/core/Router.php @@ -2,17 +2,40 @@ class Router { private $routes = []; + private $middlewares = []; - public function add($route, $action) { - $this->routes[$route] = $action; + /** + * Add a route with a specific action and optional middleware + * + * @param string $route + * @param string $action + * @param array $middlewares Optional middlewares for this route + */ + public function add($route, $action, $middlewares = []) { + $this->routes[$route] = ['action' => $action, 'middlewares' => $middlewares]; } + /** + * Dispatch the current request to the correct route and execute middlewares + */ public function dispatch() { $uri = $_SERVER['REQUEST_URI']; $uri = parse_url($uri, PHP_URL_PATH); if (array_key_exists($uri, $this->routes)) { - $action = $this->routes[$uri]; + $route = $this->routes[$uri]; + $middlewares = $route['middlewares']; + + // Execute middlewares + foreach ($middlewares as $middleware) { + $middlewareInstance = new $middleware(); + if (!$middlewareInstance->handle()) { + return; // Stop execution if middleware fails + } + } + + // Execute the route's controller and method + $action = $route['action']; list($controllerName, $methodName) = explode('@', $action); require_once controllers . "{$controllerName}.php"; diff --git a/core/middlewares/RequireAuth.php b/core/middlewares/RequireAuth.php new file mode 100644 index 0000000..6fbaf60 --- /dev/null +++ b/core/middlewares/RequireAuth.php @@ -0,0 +1,12 @@ +add('/', 'HomeController@index'); $router->add('/home', 'HomeController@home'); +$router->add('/dashboard', 'HomeController@dashboard', ['RequireAuth']); // auth routes $router->add('/auth/signin', 'AuthController@signin'); $router->add('/auth/signup', 'AuthController@signup'); +$router->add('/auth/logout', 'AuthController@logout'); $router->dispatch();