docs/api/source-admin.controller.common.login.html
| 1: | <?php | | 2: | namespace Opencart\Admin\Controller\Common; | | 3: | /** | | 4: | * Class Login | | 5: | * | | 6: | * @package Opencart\Admin\Controller\Common | | 7: | */ | | 8: | class Login extends \Opencart\System\Engine\Controller { | | 9: | /** | | 10: | * Index | | 11: | * | | 12: | * @return void | | 13: | */ | | 14: | public function index(): void { | | 15: | $this->load->language('common/login'); | | 16: | | | 17: | $this->document->setTitle($this->language->get('heading_title')); | | 18: | | | 19: | // Check to see if user is already logged | | 20: | if ($this->user->isLogged() && isset($this->request->get['user_token']) && isset($this->session->data['user_token']) && ($this->request->get['user_token'] == $this->session->data['user_token'])) { | | 21: | $this->response->redirect($this->url->link('common/dashboard', 'user_token=' . $this->session->data['user_token'], true)); | | 22: | } | | 23: | | | 24: | // Check to see if user is using incorrect token | | 25: | if (isset($this->request->get['user_token']) && (!isset($this->session->data['user_token']) || ($this->request->get['user_token'] != $this->session->data['user_token']))) { | | 26: | $data['error_warning'] = $this->language->get('error_token'); | | 27: | } elseif (isset($this->session->data['error'])) { | | 28: | $data['error_warning'] = $this->session->data['error']; | | 29: | | | 30: | unset($this->session->data['error']); | | 31: | } else { | | 32: | $data['error_warning'] = ''; | | 33: | } | | 34: | | | 35: | if (isset($this->session->data['success'])) { | | 36: | $data['success'] = $this->session->data['success']; | | 37: | | | 38: | unset($this->session->data['success']); | | 39: | } else { | | 40: | $data['success'] = ''; | | 41: | } | | 42: | | | 43: | // Create a login token to prevent brute force attacks | | 44: | $this->session->data['login_token'] = oc_token(32); | | 45: | | | 46: | $data['login'] = $this->url->link('common/login.login', 'login_token=' . $this->session->data['login_token'], true); | | 47: | | | 48: | if ($this->config->get('config_mail_engine')) { | | 49: | $data['forgotten'] = $this->url->link('common/forgotten'); | | 50: | } else { | | 51: | $data['forgotten'] = ''; | | 52: | } | | 53: | | | 54: | if (isset($this->request->get['route']) && $this->request->get['route'] != 'common/login') { | | 55: | $args = $this->request->get; | | 56: | | | 57: | $route = $args['route']; | | 58: | | | 59: | unset($args['route']); | | 60: | unset($args['user_token']); | | 61: | | | 62: | $url = ''; | | 63: | | | 64: | $url .= http_build_query($args); | | 65: | | | 66: | $data['redirect'] = $this->url->link($route, $url); | | 67: | } else { | | 68: | $data['redirect'] = ''; | | 69: | } | | 70: | | | 71: | $data['header'] = $this->load->controller('common/header'); | | 72: | $data['footer'] = $this->load->controller('common/footer'); | | 73: | | | 74: | $this->response->setOutput($this->load->view('common/login', $data)); | | 75: | } | | 76: | | | 77: | /** | | 78: | * Login | | 79: | * | | 80: | * @return void | | 81: | */ | | 82: | public function login(): void { | | 83: | $this->load->language('common/login'); | | 84: | | | 85: | $json = []; | | 86: | | | 87: | // Stop any undefined index messages. | | 88: | $keys = [ | | 89: | 'username', | | 90: | 'password', | | 91: | 'redirect' | | 92: | ]; | | 93: | | | 94: | foreach ($keys as $key) { | | 95: | if (!isset($this->request->post[$key])) { | | 96: | $this->request->post[$key] = ''; | | 97: | } | | 98: | } | | 99: | | | 100: | if ($this->user->isLogged() && isset($this->request->get['user_token']) && isset($this->session->data['user_token']) && ($this->request->get['user_token'] == $this->session->data['user_token'])) { | | 101: | $json['redirect'] = $this->url->link('common/dashboard', 'user_token=' . $this->session->data['user_token'], true); | | 102: | } | | 103: | | | 104: | if (!isset($this->request->get['login_token']) || !isset($this->session->data['login_token']) || $this->request->get['login_token'] != $this->session->data['login_token']) { | | 105: | $this->session->data['error'] = $this->language->get('error_login'); | | 106: | | | 107: | $json['redirect'] = $this->url->link('common/login', '', true); | | 108: | } | | 109: | | | 110: | if (!$json && !$this->user->login($this->request->post['username'], html_entity_decode($this->request->post['password'], ENT_QUOTES, 'UTF-8'))) { | | 111: | $json['error'] = $this->language->get('error_login'); | | 112: | } | | 113: | | | 114: | if (!$json) { | | 115: | $this->session->data['user_token'] = oc_token(32); | | 116: | | | 117: | // Remove login token so it cannot be used again. | | 118: | unset($this->session->data['login_token']); | | 119: | | | 120: | $login_data = [ | | 121: | 'ip' => $this->request->server['REMOTE_ADDR'], | | 122: | 'user_agent' => $this->request->server['HTTP_USER_AGENT'] | | 123: | ]; | | 124: | | | 125: | $this->load->model('user/user'); | | 126: | | | 127: | $this->model_user_user->addLogin($this->user->getId(), $login_data); | | 128: | | | 129: | if ($this->request->post['redirect'] && str_starts_with(html_entity_decode($this->request->post['redirect'], ENT_QUOTES, 'UTF-8'), HTTP_SERVER)) { | | 130: | $json['redirect'] = html_entity_decode($this->request->post['redirect'], ENT_QUOTES, 'UTF-8') . '&user_token=' . $this->session->data['user_token']; | | 131: | } else { | | 132: | $json['redirect'] = $this->url->link('common/dashboard', 'user_token=' . $this->session->data['user_token'], true); | | 133: | } | | 134: | } | | 135: | | | 136: | $this->response->addHeader('Content-Type: application/json'); | | 137: | $this->response->setOutput(json_encode($json)); | | 138: | } | | 139: | } | | 140: | |
OpenCart API API documentation generated by ApiGen dev-master