Jingga/oms-Admin
1
0
Fork 0
mirror of https://github.com/Karaka-Management/oms-Admin.git synced 2026-02-15 20:18:40 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Allow temp login (for admin)

Browse Source
This commit is contained in:
Dennis Eichhorn 2018-08-18 12:44:36 +02:00
parent ca7df21c0c
commit 738b2277ee
2 changed files with 14 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
Admin/Installer.php
View File

@ -156,6 +156,7 @@ class Installer extends InstallerAbstract
`account_name2` varchar(50) NOT NULL, `account_name2` varchar(50) NOT NULL,
`account_name3` varchar(50) NOT NULL, `account_name3` varchar(50) NOT NULL,
`account_password` varchar(64) DEFAULT NULL, `account_password` varchar(64) DEFAULT NULL,
`account_temp` varchar(64) DEFAULT NULL,
`account_email` varchar(70) NOT NULL, `account_email` varchar(70) NOT NULL,
`account_tries` tinyint(2) NOT NULL DEFAULT 0, `account_tries` tinyint(2) NOT NULL DEFAULT 0,
`account_lactive` datetime DEFAULT NULL, `account_lactive` datetime DEFAULT NULL,

34
Models/AccountMapper.php
View File

@ -99,8 +99,6 @@ class AccountMapper extends DataMapperAbstract
* *
* @return int Login code * @return int Login code
* *
* @todo move this to the admin accountMapper
*
* @since 1.0.0 * @since 1.0.0
*/ */
public static function login(string $login, string $password) : int public static function login(string $login, string $password) : int
@ -112,24 +110,12 @@ class AccountMapper extends DataMapperAbstract
try { try {
$result = null; $result = null;
switch (self::$db->getType()) { $query = new Builder(self::$db);
case DatabaseType::MYSQL: $result = $query->prefix(self::$db->getPrefix())
$sth = self::$db->con->prepare( ->select('*')
'SELECT ->from('account')
`' . self::$db->prefix . 'account`.* ->where('account_login', '=', $login)
FROM ->execute()->fetchAll();
`' . self::$db->prefix . 'account`
WHERE
`account_login` = :login'
);
$sth->bindValue(':login', $login, \PDO::PARAM_STR);
$sth->execute();
$result = $sth->fetchAll();
break;
}
// TODO: check if user is allowed to login on THIS page (backend|frontend|etc...)
if (!isset($result[0])) { if (!isset($result[0])) {
return LoginReturnType::WRONG_USERNAME; return LoginReturnType::WRONG_USERNAME;
@ -145,7 +131,13 @@ class AccountMapper extends DataMapperAbstract
return LoginReturnType::EMPTY_PASSWORD; return LoginReturnType::EMPTY_PASSWORD;
} }
if (password_verify($password, $result['account_password'])) { if (\password_verify($password, $result['account_password'])) {
return $result['account_id'];
}
if ($result['account_password_temp'] !== '' && \password_verify($password, $result['account_password_temp'])) {
$query->update('account')->set(['account_password_temp' => ''])->where('account_login', '=', $login)->execute();
return $result['account_id']; return $result['account_id'];
} }