1d403609dSGreg Roach<?php 2d403609dSGreg Roach 3d403609dSGreg Roach/** 4d403609dSGreg Roach * webtrees: online genealogy 51fe542e9SGreg Roach * Copyright (C) 2021 webtrees development team 6d403609dSGreg Roach * This program is free software: you can redistribute it and/or modify 7d403609dSGreg Roach * it under the terms of the GNU General Public License as published by 8d403609dSGreg Roach * the Free Software Foundation, either version 3 of the License, or 9d403609dSGreg Roach * (at your option) any later version. 10d403609dSGreg Roach * This program is distributed in the hope that it will be useful, 11d403609dSGreg Roach * but WITHOUT ANY WARRANTY; without even the implied warranty of 12d403609dSGreg Roach * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13d403609dSGreg Roach * GNU General Public License for more details. 14d403609dSGreg Roach * You should have received a copy of the GNU General Public License 1589f7189bSGreg Roach * along with this program. If not, see <https://www.gnu.org/licenses/>. 16d403609dSGreg Roach */ 17fcfa147eSGreg Roach 18d403609dSGreg Roachdeclare(strict_types=1); 19d403609dSGreg Roach 20d403609dSGreg Roachnamespace Fisharebest\Webtrees\Http\RequestHandlers; 21d403609dSGreg Roach 22d403609dSGreg Roachuse Exception; 23d403609dSGreg Roachuse Fisharebest\Webtrees\Auth; 241fe542e9SGreg Roachuse Fisharebest\Webtrees\Contracts\UserInterface; 25d403609dSGreg Roachuse Fisharebest\Webtrees\FlashMessages; 26d403609dSGreg Roachuse Fisharebest\Webtrees\I18N; 27d403609dSGreg Roachuse Fisharebest\Webtrees\Log; 28d403609dSGreg Roachuse Fisharebest\Webtrees\Services\UpgradeService; 29d403609dSGreg Roachuse Fisharebest\Webtrees\Services\UserService; 30d403609dSGreg Roachuse Fisharebest\Webtrees\Session; 3186661454SGreg Roachuse Fisharebest\Webtrees\Tree; 328d9c2b68SGreg Roachuse Fisharebest\Webtrees\Validator; 33d403609dSGreg Roachuse Psr\Http\Message\ResponseInterface; 34d403609dSGreg Roachuse Psr\Http\Message\ServerRequestInterface; 3598b7e8b3SGreg Roachuse Psr\Http\Server\RequestHandlerInterface; 36d403609dSGreg Roach 3791c514e5SGreg Roachuse function route; 38d97083feSGreg Roachuse function time; 3991c514e5SGreg Roach 40d403609dSGreg Roach/** 41d403609dSGreg Roach * Perform a login. 42d403609dSGreg Roach */ 4398b7e8b3SGreg Roachclass LoginAction implements RequestHandlerInterface 44d403609dSGreg Roach{ 45c4943cffSGreg Roach private UpgradeService $upgrade_service; 46d403609dSGreg Roach 47c4943cffSGreg Roach private UserService $user_service; 48d403609dSGreg Roach 49d403609dSGreg Roach /** 50d403609dSGreg Roach * LoginController constructor. 51d403609dSGreg Roach * 52d403609dSGreg Roach * @param UpgradeService $upgrade_service 53d403609dSGreg Roach * @param UserService $user_service 54d403609dSGreg Roach */ 55d403609dSGreg Roach public function __construct(UpgradeService $upgrade_service, UserService $user_service) 56d403609dSGreg Roach { 57d403609dSGreg Roach $this->upgrade_service = $upgrade_service; 58d403609dSGreg Roach $this->user_service = $user_service; 59d403609dSGreg Roach } 60d403609dSGreg Roach 61d403609dSGreg Roach /** 62d403609dSGreg Roach * Perform a login. 63d403609dSGreg Roach * 64d403609dSGreg Roach * @param ServerRequestInterface $request 65d403609dSGreg Roach * 66d403609dSGreg Roach * @return ResponseInterface 67d403609dSGreg Roach */ 68d403609dSGreg Roach public function handle(ServerRequestInterface $request): ResponseInterface 69d403609dSGreg Roach { 70*b55cbc6bSGreg Roach $tree = Validator::attributes($request)->treeOptional(); 71*b55cbc6bSGreg Roach $base_url = Validator::attributes($request)->string('base_url'); 728d9c2b68SGreg Roach $default_url = route(HomePage::class); 73*b55cbc6bSGreg Roach $username = Validator::parsedBody($request)->optionalString('username') ?? ''; 74*b55cbc6bSGreg Roach $password = Validator::parsedBody($request)->optionalString('password') ?? ''; 75*b55cbc6bSGreg Roach $url = Validator::parsedBody($request)->isLocalUrl($base_url)->optionalString('url') ?? $default_url; 76d403609dSGreg Roach 77d403609dSGreg Roach try { 78d403609dSGreg Roach $this->doLogin($username, $password); 79d403609dSGreg Roach 80d403609dSGreg Roach if (Auth::isAdmin() && $this->upgrade_service->isUpgradeAvailable()) { 814b3ef6caSGreg Roach FlashMessages::addMessage(I18N::translate('A new version of webtrees is available.') . ' <a class="alert-link" href="' . e(route(UpgradeWizardPage::class)) . '">' . I18N::translate('Upgrade to webtrees %s.', '<span dir="ltr">' . $this->upgrade_service->latestVersion() . '</span>') . '</a>'); 82d403609dSGreg Roach } 83d403609dSGreg Roach 84d403609dSGreg Roach // Redirect to the target URL 85d403609dSGreg Roach return redirect($url); 86d403609dSGreg Roach } catch (Exception $ex) { 87d403609dSGreg Roach // Failed to log in. 88b089a1f5SGreg Roach FlashMessages::addMessage($ex->getMessage(), 'danger'); 89b089a1f5SGreg Roach 9056f9a9c1SGreg Roach return redirect(route(LoginPage::class, [ 9186661454SGreg Roach 'tree' => $tree instanceof Tree ? $tree->name() : null, 92d403609dSGreg Roach 'username' => $username, 93d403609dSGreg Roach 'url' => $url, 94d403609dSGreg Roach ])); 95d403609dSGreg Roach } 96d403609dSGreg Roach } 97d403609dSGreg Roach 98d403609dSGreg Roach /** 99d403609dSGreg Roach * Log in, if we can. Throw an exception, if we can't. 100d403609dSGreg Roach * 101d403609dSGreg Roach * @param string $username 102d403609dSGreg Roach * @param string $password 103d403609dSGreg Roach * 104d403609dSGreg Roach * @return void 105d403609dSGreg Roach * @throws Exception 106d403609dSGreg Roach */ 107d403609dSGreg Roach private function doLogin(string $username, string $password): void 108d403609dSGreg Roach { 10971359d06SGreg Roach if ($_COOKIE === []) { 110d403609dSGreg Roach Log::addAuthenticationLog('Login failed (no session cookies): ' . $username); 111d403609dSGreg Roach throw new Exception(I18N::translate('You cannot sign in because your browser does not accept cookies.')); 112d403609dSGreg Roach } 113d403609dSGreg Roach 114d403609dSGreg Roach $user = $this->user_service->findByIdentifier($username); 115d403609dSGreg Roach 116d403609dSGreg Roach if ($user === null) { 117d403609dSGreg Roach Log::addAuthenticationLog('Login failed (no such user/email): ' . $username); 118d403609dSGreg Roach throw new Exception(I18N::translate('The username or password is incorrect.')); 119d403609dSGreg Roach } 120d403609dSGreg Roach 121d403609dSGreg Roach if (!$user->checkPassword($password)) { 122d403609dSGreg Roach Log::addAuthenticationLog('Login failed (incorrect password): ' . $username); 123d403609dSGreg Roach throw new Exception(I18N::translate('The username or password is incorrect.')); 124d403609dSGreg Roach } 125d403609dSGreg Roach 1261fe542e9SGreg Roach if ($user->getPreference(UserInterface::PREF_IS_EMAIL_VERIFIED) !== '1') { 127d403609dSGreg Roach Log::addAuthenticationLog('Login failed (not verified by user): ' . $username); 128d403609dSGreg Roach throw new Exception(I18N::translate('This account has not been verified. Please check your email for a verification message.')); 129d403609dSGreg Roach } 130d403609dSGreg Roach 1311fe542e9SGreg Roach if ($user->getPreference(UserInterface::PREF_IS_ACCOUNT_APPROVED) !== '1') { 132d403609dSGreg Roach Log::addAuthenticationLog('Login failed (not approved by admin): ' . $username); 133d403609dSGreg Roach throw new Exception(I18N::translate('This account has not been approved. Please wait for an administrator to approve it.')); 134d403609dSGreg Roach } 135d403609dSGreg Roach 136d403609dSGreg Roach Auth::login($user); 137d403609dSGreg Roach Log::addAuthenticationLog('Login: ' . Auth::user()->userName() . '/' . Auth::user()->realName()); 138d97083feSGreg Roach Auth::user()->setPreference(UserInterface::PREF_TIMESTAMP_ACTIVE, (string) time()); 139d403609dSGreg Roach 1401fe542e9SGreg Roach Session::put('language', Auth::user()->getPreference(UserInterface::PREF_LANGUAGE)); 1411fe542e9SGreg Roach Session::put('theme', Auth::user()->getPreference(UserInterface::PREF_THEME)); 1421fe542e9SGreg Roach I18N::init(Auth::user()->getPreference(UserInterface::PREF_LANGUAGE)); 143d403609dSGreg Roach } 144d403609dSGreg Roach} 145