Auth is almost complete
This commit is contained in:
parent
3229dc1108
commit
c70c7e058a
7 changed files with 73 additions and 20 deletions
|
@ -77,6 +77,10 @@ class Users {
|
||||||
// Log a user in
|
// Log a user in
|
||||||
public static function login($username, $password, $remember = false) {
|
public static function login($username, $password, $remember = false) {
|
||||||
|
|
||||||
|
// Check if authentication is disallowed
|
||||||
|
if(Configuration::getConfig('lock_authentication'))
|
||||||
|
return [0, 'AUTH_LOCKED'];
|
||||||
|
|
||||||
// Check if the user that's trying to log in actually exists
|
// Check if the user that's trying to log in actually exists
|
||||||
if(!$uid = self::userExists($username, false))
|
if(!$uid = self::userExists($username, false))
|
||||||
return [0, 'USER_NOT_EXIST'];
|
return [0, 'USER_NOT_EXIST'];
|
||||||
|
@ -145,6 +149,10 @@ class Users {
|
||||||
// Register user
|
// Register user
|
||||||
public static function register($username, $password, $confirmpass, $email, $tos, $captcha = null, $regkey = null) {
|
public static function register($username, $password, $confirmpass, $email, $tos, $captcha = null, $regkey = null) {
|
||||||
|
|
||||||
|
// Check if authentication is disallowed
|
||||||
|
if(Configuration::getConfig('lock_authentication'))
|
||||||
|
return [0, 'AUTH_LOCKED'];
|
||||||
|
|
||||||
// Check if registration is even enabled
|
// Check if registration is even enabled
|
||||||
if(Configuration::getConfig('disable_registration'))
|
if(Configuration::getConfig('disable_registration'))
|
||||||
return [0, 'DISABLED'];
|
return [0, 'DISABLED'];
|
||||||
|
@ -182,18 +190,6 @@ class Users {
|
||||||
if(strlen($username) > 16)
|
if(strlen($username) > 16)
|
||||||
return [0, 'NAME_TOO_LONG'];
|
return [0, 'NAME_TOO_LONG'];
|
||||||
|
|
||||||
// Password too short
|
|
||||||
if(strlen($password) < 8)
|
|
||||||
return [0, 'PASS_TOO_SHORT'];
|
|
||||||
|
|
||||||
// Password too long
|
|
||||||
if(strlen($password) > 256)
|
|
||||||
return [0, 'PASS_TOO_LONG'];
|
|
||||||
|
|
||||||
// Passwords do not match
|
|
||||||
if($password != $confirmpass)
|
|
||||||
return [0, 'PASS_NOT_MATCH'];
|
|
||||||
|
|
||||||
// Check if the given email address is formatted properly
|
// Check if the given email address is formatted properly
|
||||||
if(!filter_var($email, FILTER_VALIDATE_EMAIL))
|
if(!filter_var($email, FILTER_VALIDATE_EMAIL))
|
||||||
return [0, 'INVALID_EMAIL'];
|
return [0, 'INVALID_EMAIL'];
|
||||||
|
@ -202,6 +198,14 @@ class Users {
|
||||||
if(!Main::checkMXRecord($email))
|
if(!Main::checkMXRecord($email))
|
||||||
return [0, 'INVALID_MX'];
|
return [0, 'INVALID_MX'];
|
||||||
|
|
||||||
|
// Check password entropy
|
||||||
|
if(Main::pwdEntropy($password) < Configuration::getConfig('min_entropy'))
|
||||||
|
return [0, 'PASS_TOO_SHIT'];
|
||||||
|
|
||||||
|
// Passwords do not match
|
||||||
|
if($password != $confirmpass)
|
||||||
|
return [0, 'PASS_NOT_MATCH'];
|
||||||
|
|
||||||
// Set a few variables
|
// Set a few variables
|
||||||
$usernameClean = Main::cleanString($username, true);
|
$usernameClean = Main::cleanString($username, true);
|
||||||
$emailClean = Main::cleanString($email, true);
|
$emailClean = Main::cleanString($email, true);
|
||||||
|
@ -257,6 +261,10 @@ class Users {
|
||||||
// Check if a user exists and then resend the activation e-mail
|
// Check if a user exists and then resend the activation e-mail
|
||||||
public static function resendActivationMail($username, $email) {
|
public static function resendActivationMail($username, $email) {
|
||||||
|
|
||||||
|
// Check if authentication is disallowed
|
||||||
|
if(Configuration::getConfig('lock_authentication'))
|
||||||
|
return [0, 'AUTH_LOCKED'];
|
||||||
|
|
||||||
// Clean username string
|
// Clean username string
|
||||||
$usernameClean = Main::cleanString($username, true);
|
$usernameClean = Main::cleanString($username, true);
|
||||||
$emailClean = Main::cleanString($email, true);
|
$emailClean = Main::cleanString($email, true);
|
||||||
|
|
|
@ -8,7 +8,7 @@
|
||||||
namespace Sakura;
|
namespace Sakura;
|
||||||
|
|
||||||
// Define Sakura version
|
// Define Sakura version
|
||||||
define('SAKURA_VERSION', '20150421');
|
define('SAKURA_VERSION', '20150424');
|
||||||
|
|
||||||
// Define Sakura Path
|
// Define Sakura Path
|
||||||
define('ROOT', str_replace(basename(__DIR__), '', dirname(__FILE__)));
|
define('ROOT', str_replace(basename(__DIR__), '', dirname(__FILE__)));
|
||||||
|
@ -60,6 +60,7 @@ $renderData = array(
|
||||||
'recaptcha_enable' => Configuration::getConfig('recaptcha'),
|
'recaptcha_enable' => Configuration::getConfig('recaptcha'),
|
||||||
'resources' => '//'. Configuration::getLocalConfig('urls')['content'] .'/data/'. strtolower(Templates::$_TPL),
|
'resources' => '//'. Configuration::getLocalConfig('urls')['content'] .'/data/'. strtolower(Templates::$_TPL),
|
||||||
'disableregister' => Configuration::getConfig('disable_registration'),
|
'disableregister' => Configuration::getConfig('disable_registration'),
|
||||||
|
'lockauth' => Configuration::getConfig('lock_authentication'),
|
||||||
'requireregcodes' => Configuration::getConfig('require_registration_code'),
|
'requireregcodes' => Configuration::getConfig('require_registration_code'),
|
||||||
'requireactiveate' => Configuration::getConfig('require_activation'),
|
'requireactiveate' => Configuration::getConfig('require_activation'),
|
||||||
'sitename' => Configuration::getConfig('sitename')
|
'sitename' => Configuration::getConfig('sitename')
|
||||||
|
|
|
@ -17,7 +17,7 @@
|
||||||
<!-- JS -->
|
<!-- JS -->
|
||||||
<script type="text/javascript" src="{{ sakura.resources }}/js/yuuno.js?s={{ php.time }}"></script>
|
<script type="text/javascript" src="{{ sakura.resources }}/js/yuuno.js?s={{ php.time }}"></script>
|
||||||
<script type="text/javascript">
|
<script type="text/javascript">
|
||||||
{% if not user.checklogin %}
|
{% if not user.checklogin and not sakura.lockauth %}
|
||||||
|
|
||||||
// Setting the shit so clicking the login link doesn't redirect to /login
|
// Setting the shit so clicking the login link doesn't redirect to /login
|
||||||
function initHeaderLoginForm() {
|
function initHeaderLoginForm() {
|
||||||
|
@ -45,7 +45,7 @@
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
{% else %}
|
{% elseif user.checklogin %}
|
||||||
|
|
||||||
// Prepare header logout stuff
|
// Prepare header logout stuff
|
||||||
function initHeaderLoginForm() {
|
function initHeaderLoginForm() {
|
||||||
|
@ -74,7 +74,7 @@
|
||||||
// Login form under header and ajax logout
|
// Login form under header and ajax logout
|
||||||
initHeaderLoginForm();
|
initHeaderLoginForm();
|
||||||
|
|
||||||
{% if php.self == '/authenticate.php' %}
|
{% if php.self == '/authenticate.php' and not sakura.lockauth %}
|
||||||
// AJAX Form Submission
|
// AJAX Form Submission
|
||||||
var forms = {
|
var forms = {
|
||||||
{% if not auth.changingPass %}
|
{% if not auth.changingPass %}
|
||||||
|
@ -131,10 +131,14 @@
|
||||||
<a class="menu-item avatar" href="//{{ sakura.urls.main }}/u/{{ user.data.id }}" title="View and edit your own profile" style="background-image: url('//{{ sakura.urls.main }}/a/{{ user.data.id }}'); width: auto; color: {{ user.rank.colour }}; font-weight: 700;">{{ user.data.username }}</a>
|
<a class="menu-item avatar" href="//{{ sakura.urls.main }}/u/{{ user.data.id }}" title="View and edit your own profile" style="background-image: url('//{{ sakura.urls.main }}/a/{{ user.data.id }}'); width: auto; color: {{ user.rank.colour }}; font-weight: 700;">{{ user.data.username }}</a>
|
||||||
<a class="menu-item" href="//{{ sakura.urls.main }}/settings" title="Change your settings">Settings</a>
|
<a class="menu-item" href="//{{ sakura.urls.main }}/settings" title="Change your settings">Settings</a>
|
||||||
<a class="menu-item" href="//{{ sakura.urls.main }}/logout?mode=logout&time={{ php.time }}&session={{ php.sessionid }}&redirect={{ sakura.currentpage }}" title="End your login session" id="headerLogoutLink">Logout</a>
|
<a class="menu-item" href="//{{ sakura.urls.main }}/logout?mode=logout&time={{ php.time }}&session={{ php.sessionid }}&redirect={{ sakura.currentpage }}" title="End your login session" id="headerLogoutLink">Logout</a>
|
||||||
|
{% else %}
|
||||||
|
{% if sakura.lockauth %}
|
||||||
|
<div class="menu-item" style="padding-left: 10px; padding-right: 10px;">Authentication is locked</div>
|
||||||
{% else %}
|
{% else %}
|
||||||
<a class="menu-item" id="headerLoginLink" href="//{{ sakura.urls.main }}/login" title="Login to Flashii">Login</a>
|
<a class="menu-item" id="headerLoginLink" href="//{{ sakura.urls.main }}/login" title="Login to Flashii">Login</a>
|
||||||
<a class="menu-item" href="//{{ sakura.urls.main }}/register" title="Create an account">Register</a>
|
<a class="menu-item" href="//{{ sakura.urls.main }}/register" title="Create an account">Register</a>
|
||||||
{% endif %}
|
{% endif %}
|
||||||
|
{% endif %}
|
||||||
</div>
|
</div>
|
||||||
<div class="menu-mob">
|
<div class="menu-mob">
|
||||||
<a class="menu-item" id="mobileNavToggle" href="javascript:;" onclick="mobileMenu(true);">Open Menu</a>
|
<a class="menu-item" id="mobileNavToggle" href="javascript:;" onclick="mobileMenu(true);">Open Menu</a>
|
||||||
|
|
|
@ -1,4 +1,7 @@
|
||||||
{% include 'global/header.tpl' %}
|
{% include 'global/header.tpl' %}
|
||||||
|
{% if sakura.lockauth %}
|
||||||
|
<h1 class="stylised" style="line-height: 1.8em; text-align: center;">Authentication is currently disallowed, try again later.</h1>
|
||||||
|
{% else %}
|
||||||
<div class="loginPage">
|
<div class="loginPage">
|
||||||
{% if auth.redirect == sakura.urls.chat %}<h1 class="stylised" style="line-height: 1.8em; text-align: center;">You need to be logged in to use the chat.</h1>{% endif %}
|
{% if auth.redirect == sakura.urls.chat %}<h1 class="stylised" style="line-height: 1.8em; text-align: center;">You need to be logged in to use the chat.</h1>{% endif %}
|
||||||
<div class="loginCont">
|
<div class="loginCont">
|
||||||
|
@ -55,7 +58,7 @@
|
||||||
<input class="inputStyling" type="submit" name="submit" value="Request Password" />
|
<input class="inputStyling" type="submit" name="submit" value="Request Password" />
|
||||||
</div>
|
</div>
|
||||||
<div class="subLinks centreAlign">
|
<div class="subLinks centreAlign">
|
||||||
If you lost access to your e-mail address please <a href="/contact" class="default" target="_blank">contact us</a>.
|
If you lost access to the e-mail address you registered with then there's not much we can do, it's your own responsibility to keep track of it and attaching a working one to your account.
|
||||||
</div>
|
</div>
|
||||||
</form>
|
</form>
|
||||||
</div>
|
</div>
|
||||||
|
@ -179,7 +182,7 @@
|
||||||
<input class="inputStyling" type="submit" name="submit" value="Request Activation" />
|
<input class="inputStyling" type="submit" name="submit" value="Request Activation" />
|
||||||
</div>
|
</div>
|
||||||
<div class="subLinks centreAlign">
|
<div class="subLinks centreAlign">
|
||||||
If you lost access to your e-mail address please <a href="/contact" class="default" target="_blank">contact us</a>.
|
Read the footnote on the Lost Password form.
|
||||||
</div>
|
</div>
|
||||||
</form>
|
</form>
|
||||||
</div>
|
</div>
|
||||||
|
@ -187,4 +190,5 @@
|
||||||
</div>
|
</div>
|
||||||
<div class="clear"></div>
|
<div class="clear"></div>
|
||||||
</div>
|
</div>
|
||||||
|
{% endif %}
|
||||||
{% include 'global/footer.tpl' %}
|
{% include 'global/footer.tpl' %}
|
||||||
|
|
|
@ -10,12 +10,17 @@
|
||||||
<li><a href="//{{ sakura.urls.main }}/settings/sessions" class="underline">View active sessions</a></li>
|
<li><a href="//{{ sakura.urls.main }}/settings/sessions" class="underline">View active sessions</a></li>
|
||||||
</ul>
|
</ul>
|
||||||
<div class="clear"></div>
|
<div class="clear"></div>
|
||||||
|
{% else %}
|
||||||
|
{% if sakura.lockauth %}
|
||||||
|
<div class="head">Whoops!</div>
|
||||||
|
You caught the site at the wrong moment! Right now registration <i>and</i> logging in is disabled for unspecified reasons. Sorry for the inconvenience but please try again later!
|
||||||
{% else %}
|
{% else %}
|
||||||
<div class="head">Welcome!</div>
|
<div class="head">Welcome!</div>
|
||||||
Welcome to Flashii! This is a site for a bunch of friends to hang out, nothing special. Anyone is pretty much welcome to register so why not have a go?
|
Welcome to Flashii! This is a site for a bunch of friends to hang out, nothing special. Anyone is pretty much welcome to register so why not have a go?
|
||||||
<a class="button registerbutton" href="/register">Register!</a>
|
<a class="button registerbutton" href="/register">Register!</a>
|
||||||
<a class="button loginbutton" href="/login">Login</a>
|
<a class="button loginbutton" href="/login">Login</a>
|
||||||
{% endif %}
|
{% endif %}
|
||||||
|
{% endif %}
|
||||||
<div class="head">Stats</div>
|
<div class="head">Stats</div>
|
||||||
We have <b>{{ stats.userCount }}</b>,
|
We have <b>{{ stats.userCount }}</b>,
|
||||||
<b><a href="/u/{{ stats.newestUser.id }}" class="default">{{ stats.newestUser.username }}</a></b> is the newest user,
|
<b><a href="/u/{{ stats.newestUser.id }}" class="default">{{ stats.newestUser.username }}</a></b> is the newest user,
|
||||||
|
|
10
content/status-catch.html
Normal file
10
content/status-catch.html
Normal file
|
@ -0,0 +1,10 @@
|
||||||
|
<!DOCTYPE html>
|
||||||
|
<html>
|
||||||
|
<head>
|
||||||
|
<meta charset="utf-8" />
|
||||||
|
<title>Status Catcher</title>
|
||||||
|
</head>
|
||||||
|
<body>
|
||||||
|
This page is here so the status page doesn't give a 403 to the user when checking.
|
||||||
|
</body>
|
||||||
|
</html>
|
|
@ -134,6 +134,7 @@ if(isset($_REQUEST['mode'])) {
|
||||||
|
|
||||||
// Array containing "human understandable" messages
|
// Array containing "human understandable" messages
|
||||||
$messages = [
|
$messages = [
|
||||||
|
'AUTH_LOCKED' => 'Authentication is currently not allowed, try again later.',
|
||||||
'USER_NOT_EXIST' => 'The user you tried to activate does not exist (confirm the username/email combination).',
|
'USER_NOT_EXIST' => 'The user you tried to activate does not exist (confirm the username/email combination).',
|
||||||
'USER_ALREADY_ACTIVE' => 'The user you tried to activate is already active.',
|
'USER_ALREADY_ACTIVE' => 'The user you tried to activate is already active.',
|
||||||
'SUCCESS' => 'The activation e-mail has been sent to the address associated with your account.'
|
'SUCCESS' => 'The activation e-mail has been sent to the address associated with your account.'
|
||||||
|
@ -157,6 +158,7 @@ if(isset($_REQUEST['mode'])) {
|
||||||
|
|
||||||
// Array containing "human understandable" messages
|
// Array containing "human understandable" messages
|
||||||
$messages = [
|
$messages = [
|
||||||
|
'AUTH_LOCKED' => 'Authentication is currently not allowed, try again later.',
|
||||||
'USER_NOT_EXIST' => 'The user you tried to log into does not exist.',
|
'USER_NOT_EXIST' => 'The user you tried to log into does not exist.',
|
||||||
'INCORRECT_PASSWORD' => 'The password you entered was invalid.',
|
'INCORRECT_PASSWORD' => 'The password you entered was invalid.',
|
||||||
'DEACTIVATED' => 'Your account is deactivated.',
|
'DEACTIVATED' => 'Your account is deactivated.',
|
||||||
|
@ -199,6 +201,7 @@ if(isset($_REQUEST['mode'])) {
|
||||||
|
|
||||||
// Array containing "human understandable" messages
|
// Array containing "human understandable" messages
|
||||||
$messages = [
|
$messages = [
|
||||||
|
'AUTH_LOCKED' => 'Authentication is currently not allowed, try again later.',
|
||||||
'DISABLED' => 'Registration is currently disabled.',
|
'DISABLED' => 'Registration is currently disabled.',
|
||||||
'INVALID_REG_KEY' => 'The given registration code was invalid.',
|
'INVALID_REG_KEY' => 'The given registration code was invalid.',
|
||||||
'TOS' => 'You are required to agree to the Terms of Service.',
|
'TOS' => 'You are required to agree to the Terms of Service.',
|
||||||
|
@ -206,8 +209,7 @@ if(isset($_REQUEST['mode'])) {
|
||||||
'USER_EXISTS' => 'A user with this username already exists, if you lost your password try using the Lost Password form.',
|
'USER_EXISTS' => 'A user with this username already exists, if you lost your password try using the Lost Password form.',
|
||||||
'NAME_TOO_SHORT' => 'Your name must be at least 3 characters long.',
|
'NAME_TOO_SHORT' => 'Your name must be at least 3 characters long.',
|
||||||
'NAME_TOO_LONG' => 'Your name can\'t be longer than 16 characters.',
|
'NAME_TOO_LONG' => 'Your name can\'t be longer than 16 characters.',
|
||||||
'PASS_TOO_SHORT' => 'Your password is too short, it must be at least 8 characters.',
|
'PASS_TOO_SHIT' => 'Your password is too weak, try adding some special characters.',
|
||||||
'PASS_TOO_LONG' => 'A password longer than 256 characters? Seriously?',
|
|
||||||
'PASS_NOT_MATCH' => 'Passwords do not match.',
|
'PASS_NOT_MATCH' => 'Passwords do not match.',
|
||||||
'INVALID_EMAIL' => 'Your e-mail address is formatted incorrectly.',
|
'INVALID_EMAIL' => 'Your e-mail address is formatted incorrectly.',
|
||||||
'INVALID_MX' => 'No valid MX-Record found on the e-mail address you supplied.',
|
'INVALID_MX' => 'No valid MX-Record found on the e-mail address you supplied.',
|
||||||
|
@ -301,5 +303,24 @@ if(isset($_REQUEST['pw']) && $_REQUEST['pw']) {
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Check if the user is already logged in
|
||||||
|
if(Users::checkLogin()) {
|
||||||
|
|
||||||
|
// Add page specific things
|
||||||
|
$renderData['page'] = [
|
||||||
|
'title' => 'Authentication',
|
||||||
|
'redirect' => (
|
||||||
|
isset($_SERVER['HTTP_REFERER']) ?
|
||||||
|
$_SERVER['HTTP_REFERER'] :
|
||||||
|
'/'
|
||||||
|
),
|
||||||
|
'message' => 'You are already logged in, log out to access this page.'
|
||||||
|
];
|
||||||
|
|
||||||
|
print Templates::render('errors/information.tpl', $renderData);
|
||||||
|
exit;
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
// Print page contents
|
// Print page contents
|
||||||
print Templates::render('main/authenticate.tpl', $renderData);
|
print Templates::render('main/authenticate.tpl', $renderData);
|
||||||
|
|
Reference in a new issue