Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- require 'snoken/drivers/driver.php';
- require 'snoken/drivers/mysql.php';
- require 'snoken/base.php';
- require 'snoken/manager.php';
- require 'Models.php';
- require 'Session.php';
- Slim_Route::setDefaultConditions(array(
- // 'ad' refers to advertisement ID's in the URL.
- // should always be numeric, and atleast 1 character.
- 'ad' => '[0-9]{1,}'
- ));
- // Database settings, herpaderp.
- $databaseSettings = array(
- 'host' => 'localhost',
- 'dbname' => 'test',
- 'user' => 'root',
- 'pass' => ''
- );
- // Starts the Snoken driver and assigns it to the Manager:
- Snoken\Manager::setDriver(
- new Snoken\Drivers\MySQLDriver("host={$databaseSettings['host']};dbname={$databaseSettings['dbname']}",
- $databaseSettings['user'], $databaseSettings['pass'])
- );
- /*
- * Look for a session cookie. If it's set, use it to
- * start the active session, otherwise the default
- * behavior is to start a new empty session.
- */
- Session::start(Slim::getEncryptedCookie('adpanelSession'));
- /*
- * Landing page:
- * - Check if the user is logged in. If not,
- * redirect to the login page.
- */
- Slim::get('/', function() {
- if( !Session::param('logged_in') )
- Slim::redirect('login');
- render('home', array('title' => 'Oh teehee!'));
- });
- /*
- * Log-in page for ADPanel.
- *
- * Flashes errors, if any. POST's to /login.
- */
- Slim::get('/login', function() {
- // Skip the login page if we're already logged in.
- if( Session::param('logged_in') )
- Slim::redirect('.', 302);
- render('login', array(
- 'title' => 'Please log-in to your account.',
- 'csrf_token' => Session::csrf_token(),
- 'error' => Session::flash('login_error')
- ));
- });
- /*
- * The actual login process takes place here.
- * Redirects to / on success, or back to /login
- * with an error component, if there's a reason to.
- */
- Slim::post('/login', function() {
- $login_error = function($message) {
- Session::param('login_error', $message);
- Slim::redirect('login', 302);
- };
- $request = Slim::request();
- // Verify the csrf token:
- if( !Session::csrf_token($request->post('csrf_token')) )
- $login_error('An error has ocurred with your request, please try again.');
- // Return to the login page with an error:
- if(!$user = $request->post('username') or !$pass = $request->post('password'))
- $login_error('Please provide a username and a password.');
- // Get the User related to this name:
- $user = User::select(array('name' => strtolower($user)), null, 1)->one();
- if( !$user )
- $login_error('No user was found with that name.');
- // Hash the provided password and compare it:
- $hashedPass = User::hash($pass, $user->salt);
- if( $hashedPass !== $user->pass )
- $login_error('Invalid password provided for that user.');
- Session::param('logged_in', true);
- Session::param('started', time());
- Session::param('user', $user);
- Slim::redirect('.', 302);
- });
- Slim::get('/logout', function() {
- Session::clear();
- Slim::redirect('.');
- });
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement