diff --git a/controllers/Auth.php b/controllers/Auth.php index 50e2dc8..d6e0b85 100644 --- a/controllers/Auth.php +++ b/controllers/Auth.php @@ -13,6 +13,17 @@ class Auth { return $response; } + public function logout(Request $request, Response $response) { + session_start(); + if(array_key_exists('user_id', $_SESSION)) { + $_SESSION['user_id'] = null; + session_destroy(); + } + $response->setStatusCode(302); + $response->headers->set('Location', '/login'); + return $response; + } + public function login_start(Request $request, Response $response) { if(!$request->get('url') || !($me = IndieAuth\Client::normalizeMeURL($request->get('url')))) { @@ -102,9 +113,35 @@ class Auth { } // Create or load the user + $user = ORM::for_table('users')->where('url', $token['auth']['me'])->find_one(); + if(!$user) { + $user = ORM::for_table('users')->create(); + $user->url = $token['auth']['me']; + $user->created_at = date('Y-m-d H:i:s'); + $user->last_login = date('Y-m-d H:i:s'); + $user->save(); + + // Create a site for them with the default role + $site = ORM::for_table('sites')->create(); + $site->name = 'My Website'; + $site->created_by = $user->id; + $site->created_at = date('Y-m-d H:i:s'); + $site->save(); + + $role = ORM::for_table('roles')->create(); + $role->site_id = $site->id; + $role->user_id = $user->id; + $role->role = 'owner'; + $role->token = random_string(32); + $role->save(); + + } else { + $user->last_login = date('Y-m-d H:i:s'); + $user->save(); + } session_start(); - $_SESSION['me'] = $token['auth']['me']; + $_SESSION['user_id'] = $user->id; $response->setStatusCode(302); $response->headers->set('Location', ($state->return_to ?: '/dashboard')); return $response; diff --git a/controllers/Controller.php b/controllers/Controller.php index 7f99b06..1ca2f7c 100644 --- a/controllers/Controller.php +++ b/controllers/Controller.php @@ -6,7 +6,7 @@ class Controller { private function _is_logged_in(&$request, &$response) { session_start(); - if(!array_key_exists('me', $_SESSION)) { + if(!array_key_exists('user_id', $_SESSION)) { session_destroy(); $response->setStatusCode(302); $response->headers->set('Location', '/login?return_to='.$request->getPathInfo()); diff --git a/lib/helpers.php b/lib/helpers.php index b22e412..994d861 100644 --- a/lib/helpers.php +++ b/lib/helpers.php @@ -24,3 +24,13 @@ function q() { } return $caterpillar; } + +function random_string($len) { + $charset='ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789'; + $str = ''; + $c = strlen($charset)-1; + for($i=0; $i<$len; $i++) { + $str .= $charset[mt_rand(0, $c)]; + } + return $str; +} diff --git a/public/index.php b/public/index.php index fc810dd..bfb8af2 100644 --- a/public/index.php +++ b/public/index.php @@ -15,6 +15,7 @@ $router->addRoute('POST', '/webmention', 'API::webmention'); $router->addRoute('GET', '/webmention/{code}', 'API::webmention_status'); $router->addRoute('GET', '/login', 'Auth::login'); +$router->addRoute('GET', '/logout', 'Auth::logout'); $router->addRoute('POST', '/login/start', 'Auth::login_start'); $router->addRoute('GET', '/login/callback', 'Auth::login_callback');