byecorps/id
1
0
Fork 0
mirror of https://github.com/byecorps/id.git synced 2024-09-20 08:30:14 +01:00
Code Issues Packages Projects Releases Wiki Activity

Signing out and logging in work

Browse source
This commit is contained in:
bye 2024-07-01 22:15:51 +01:00
parent 6d280e4920
commit a5e968cef8
11 changed files with 160 additions and 32 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

33
common/account_utils.php
View file

@ -40,6 +40,35 @@ function format_bcid ($bcid): string
}
function get_user_by_id($bcid) {
$user = db_execute('SELECT * FROM accounts WHERE id = ? LIMIT 1', [$bcid]);
return $user;
return db_execute('SELECT * FROM accounts WHERE id = ? LIMIT 1', [$bcid]);
}
function get_user_display_name($userId, $escape = true) {
global $user;
if (!$_SESSION['auth']) {
return '';
}
$target = array();
if ($userId == $user['id']) {
$target = $user;
} else {
$target = get_user_by_id($userId);
}
if (is_null($user['display_name'])) {
try {
return format_bcid($user['id']);
} catch (Exception $e) {
return 'Invalid BCID';
}
}
$display_name = $user['display_name'];
if ($escape) {
$display_name = htmlspecialchars($display_name);
}
return $display_name;
}

15
index.php
View file

@ -38,7 +38,7 @@ $uri_explode = explode('?', $uri_string);
$path_raw = $uri_explode[0]; // `/foo/bar`
$path = explode('/', $path_raw);
$query = array();
if(isset($uri_explode[1])) {
$uri_string = $uri_explode[0];
$uri_explode = explode('&', $uri_explode[1]);
@ -63,17 +63,18 @@ $routes = [
'' => function () { require 'views/home.php'; },
'api' => function () { require 'api.php'; /* Handoff further routing to API script. */ },
'auth' => function () {
global $path;
global $path, $query;
if ($path[2] == 'signup') {
if ($path[2] == 'signout') {
require 'views/signedout.php';
} else if ($path[2] == 'signup') {
require 'views/signup.php';
exit;
} else if ($path[2] == 'login') {
require 'views/login.php';
exit;
}
} else {
return 404;
}
exit();
},
'profile' => function () {
global $path, $user, $profile_owner; // don't forget this lol

2
strings

@ -1 +1 @@
Subproject commit 9e538d7e87b6cae822bfa77f3636335cbd505352
Subproject commit 729d95f1310a930ab57c8983d9c35cc63d8f233d

13
styles/base.css
View file

@ -30,6 +30,15 @@ header {
color: var(--dark-slate-gray);
}
header > .section {
display: flex;
gap: 1em;
}
.largeicon {
font-size: 48px;
}
main {
flex: 1;
@ -90,3 +99,7 @@ body > .errorbox {
.bc-3 {
font-weight: 400;
}
.center {
text-align: center;
}

25
styles/colours.css
View file

@ -10,4 +10,29 @@
--fern-green: #65743a;
--flax: #efdd8d;
--mindaro: #f4fdaf;
--grey-5: #adb5bd;
--red-2: #ffc9c9;
--red-3: #ffa8a8;
--red-7: #f03e3e;
--red-9: #c92a2a;
--link-fg: var(--dark-slate-gray);
--error-fg: var(--red-9);
}
@media screen and (prefers-color-scheme: dark) {
:root {
--link-fg: var(--flax);
--error-fg: var(--red-3);
}
}
.error-fg {
color: var(--error-fg);
}
a {
color: var(--link-fg);
}

2
views/404.php
View file

@ -12,7 +12,7 @@ http_response_code(404);
<?php include "partials/header.php"; ?>
<main>
<div id="content">
<div id="content" class="center">
<h1>404</h1>
<p>Sorry, but that doesn't exist anymore.</p>
<p><small>(or it never existed)</small></p>

37
views/login.php
View file

@ -9,6 +9,29 @@ if ($_SESSION['auth']) {
exit();
}
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
// Figure out if it's a user
$user_to_log_in_as = db_execute('SELECT id, email, password FROM accounts WHERE email = ?', [$_POST['email']]);
if (!$user_to_log_in_as) {
$error_body = get_string('error.incorrectAuth');
goto skip;
}
if (password_verify($_POST['password'], $user_to_log_in_as['password'])) {
$_SESSION['auth'] = true;
$_SESSION['id'] = $user_to_log_in_as['id'];
if (key_exists('callback', $query)) {
header('Location: ' . $query['callback']);
} else {
header('Location: /dashboard');
}
exit();
}
}
skip:
?>
<!doctype html>
@ -23,18 +46,20 @@ if ($_SESSION['auth']) {
if ($_SESSION['auth']) {
$error_body = get_string('error.loggedIn');
include 'partials/error.php';
}
?>
<h1>Sign up</h1>
<h1><?= get_string('page.login') ?></h1>
<?php
if (isset($error_body)) {
include 'partials/error.php';
}
?>
<form method="post">
<p><label for="email">Email</label>
<p><label for="email"><?= get_string("auth.email") ?></label>
<input type="email" name="email" id="email" /></p>
<p><label for="password">Password</label>
<p><label for="password"><?= get_string("auth.password") ?></label>
<input type="password" name="password" id="password" /></p>
<p><label for="repeat_password">Confirm password</label>
<input type="password" name="repeat_password" id="repeat_password" /></p>
<button type="submit">Submit</button>
</form>

2
views/partials/error.php
View file

@ -8,6 +8,6 @@ $error_body = $error_body ?? "No message provided.";
<div class="icon">
<span class="fa-solid fa-fw fa-circle-xmark"></span>
</div>
<h2>An error occurred.</h2>
<h2><?= get_string("generic.error") ?></h2>
<p><?= htmlspecialchars($error_body) ?></p>
</div>

14
views/partials/header.php
View file

@ -6,8 +6,16 @@
</a>
</div>
<div>
<a href="/auth/signup"><?= get_string("auth.signup") ?></a>
<a href="/auth/login"><?= get_string("auth.login") ?></a>
<div class="section">
<?php
if ($_SESSION['auth']) {
echo '<div class="item">Hey hey ' . htmlspecialchars(get_user_display_name($_SESSION['id'])) . '!</div>';
echo '<div class="item"><a href="/auth/signout">'. get_string('auth.signout') .'</a></div>';
}
else {
echo '<a href="/auth/signup">' . get_string("auth.signup")
. '</a> <a href="/auth/login">'. get_string("auth.login") . '</a>';
}
?>
</div>
</header>

26
views/signedout.php Normal file
View file

@ -0,0 +1,26 @@
<?php
$_SESSION['auth'] = false;
session_destroy();
?>
<!doctype html>
<html lang="$lang_code">
<head>
<title>Signed out ~> ByeCorps ID</title>
<?php include 'partials/head.php'; ?>
</head>
<body>
<?php include 'partials/header.php'; ?>
<main>
<center>
<div class="largeicon">
<span class="fa-fw fa-solid fa-person-through-window"></span>
</div>
<p><?= get_string('auth.signedout'); ?></p>
</center>
</main>
<?php include 'partials/footer.php'; ?>
</body>
</html>

23
views/signup.php
View file

@ -16,17 +16,18 @@
}
?>
<h1>Sign up</h1>
<form method="post">
<p><label for="email">Email</label>
<input type="email" name="email" id="email" /></p>
<p><label for="password">Password</label>
<input type="password" name="password" id="password" /></p>
<p><label for="repeat_password">Confirm password</label>
<input type="password" name="repeat_password" id="repeat_password" /></p>
<button type="submit">Submit</button>
</form>
<h1><?= get_string('page.signup'); ?></h1>
<p>Sign ups are disabled.</p>
<!-- <form method="post">-->
<!-- <p><label for="email">--><?php //= get_string("auth.email") ?><!--</label>-->
<!-- <input type="email" name="email" id="email" /></p>-->
<!-- <p><label for="password">--><?php //= get_string("auth.password") ?><!--</label>-->
<!-- <input type="password" name="password" id="password" /></p>-->
<!-- <p><label for="repeat_password">--><?php //= get_string("auth.confirmPassword") ?><!--</label>-->
<!-- <input type="password" name="repeat_password" id="repeat_password" /></p>-->
<!---->
<!-- <button type="submit">Submit</button>-->
<!-- </form>-->
</main>
<?php include 'partials/footer.php' ?>