mirror of
				https://github.com/filegator/filegator.git
				synced 2025-10-25 20:06:04 +02:00 
			
		
		
		
	
		
			
				
	
	
		
			96 lines
		
	
	
		
			2.9 KiB
		
	
	
	
		
			PHP
		
	
	
	
	
	
			
		
		
	
	
			96 lines
		
	
	
		
			2.9 KiB
		
	
	
	
		
			PHP
		
	
	
	
	
	
| <?php
 | |
| 
 | |
| /*
 | |
|  * This file is part of the FileGator package.
 | |
|  *
 | |
|  * (c) Milos Stojanovic <alcalbg@gmail.com>
 | |
|  *
 | |
|  * For the full copyright and license information, please view the LICENSE file
 | |
|  */
 | |
| 
 | |
| namespace Filegator\Controllers;
 | |
| 
 | |
| use Filegator\Config\Config;
 | |
| use Filegator\Kernel\Request;
 | |
| use Filegator\Kernel\Response;
 | |
| use Filegator\Services\Auth\AuthInterface;
 | |
| use Filegator\Services\Tmpfs\TmpfsInterface;
 | |
| use Filegator\Services\Logger\LoggerInterface;
 | |
| use Rakit\Validation\Validator;
 | |
| 
 | |
| class AuthController
 | |
| {
 | |
|     protected $logger;
 | |
| 
 | |
|     public function __construct(LoggerInterface $logger)
 | |
|     {
 | |
|         $this->logger = $logger;
 | |
|     }
 | |
| 
 | |
|     public function login(Request $request, Response $response, AuthInterface $auth, TmpfsInterface $tmpfs, Config $config)
 | |
|     {
 | |
|         $username = $request->input('username');
 | |
|         $password = $request->input('password');
 | |
|         $ip = $request->getClientIp();
 | |
| 
 | |
|         $lockfile = md5($ip).'.lock';
 | |
|         $lockout_attempts = $config->get('lockout_attempts', 5);
 | |
|         $lockout_timeout = $config->get('lockout_timeout', 15);
 | |
| 
 | |
|         foreach ($tmpfs->findAll($lockfile) as $flock) {
 | |
|             if (time() - $flock['time'] >= $lockout_timeout) $tmpfs->remove($flock['name']);
 | |
|         }
 | |
| 
 | |
|         if ($tmpfs->exists($lockfile) && strlen($tmpfs->read($lockfile)) >= $lockout_attempts) {
 | |
|             $this->logger->log("Too many login attempts for {$username} from IP ".$ip);
 | |
| 
 | |
|             return $response->json('Not Allowed', 429);
 | |
|         }
 | |
| 
 | |
|         if ($auth->authenticate($username, $password)) {
 | |
|             $this->logger->log("Logged in {$username} from IP ".$ip);
 | |
| 
 | |
|             return $response->json($auth->user());
 | |
|         }
 | |
| 
 | |
|         $this->logger->log("Login failed for {$username} from IP ".$ip);
 | |
| 
 | |
|         $tmpfs->write($lockfile, 'x', true);
 | |
| 
 | |
|         return $response->json('Login failed, please try again', 422);
 | |
|     }
 | |
| 
 | |
|     public function logout(Response $response, AuthInterface $auth)
 | |
|     {
 | |
|         return $response->json($auth->forget());
 | |
|     }
 | |
| 
 | |
|     public function getUser(Response $response, AuthInterface $auth)
 | |
|     {
 | |
|         $user = $auth->user() ?: $auth->getGuest();
 | |
| 
 | |
|         return $response->json($user);
 | |
|     }
 | |
| 
 | |
|     public function changePassword(Request $request, Response $response, AuthInterface $auth, Validator $validator)
 | |
|     {
 | |
|         $validator->setMessage('required', 'This field is required');
 | |
|         $validation = $validator->validate($request->all(), [
 | |
|             'oldpassword' => 'required',
 | |
|             'newpassword' => 'required',
 | |
|         ]);
 | |
| 
 | |
|         if ($validation->fails()) {
 | |
|             $errors = $validation->errors();
 | |
| 
 | |
|             return $response->json($errors->firstOfAll(), 422);
 | |
|         }
 | |
| 
 | |
|         if (! $auth->authenticate($auth->user()->getUsername(), $request->input('oldpassword'))) {
 | |
|             return $response->json(['oldpassword' => 'Wrong password'], 422);
 | |
|         }
 | |
| 
 | |
|         return $response->json($auth->update($auth->user()->getUsername(), $auth->user(), $request->input('newpassword')));
 | |
|     }
 | |
| }
 |