23386290410

Committed 21 Mar 2026 06:48PM UTC coverage: 64.989% (+1.2%) from 63.76%

Build # 23386290410

Build Type

push

github

Committed by

web-flow

Commit Message

Merge pull request #43 from daycry/development

v5.0.0

Coverage Stats

302 of 465 new or added lines in 26 files covered. (64.95%)

19 existing lines in 3 files now uncovered.

3306 of 5087 relevant lines covered (64.99%)

47.04 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

0.0

/src/Controllers/BaseAuthController.php

<?php

declare(strict_types=1);

/**
 * This file is part of Daycry Auth.
 *
 * (c) Daycry <daycry9@proton.me>
 *
 * For the full copyright and license information, please view
 * the LICENSE file that was distributed with this source code.
 */

namespace Daycry\Auth\Controllers;

use App\Controllers\BaseController;
use CodeIgniter\HTTP\RedirectResponse;
use Daycry\Auth\Authentication\Authenticators\Session;
use Daycry\Auth\Interfaces\AuthController;
use Daycry\Auth\Models\LoginModel;
use Daycry\Auth\Result;
use Daycry\Auth\Traits\BaseControllerTrait;
use Daycry\Auth\Traits\Viewable;

/**
 * Base Auth Controller that provides common functionality for all auth controllers
 *
 * Uses BaseControllerTrait for core functionality and implements
 * common patterns used across auth controllers.
 */
abstract class BaseAuthController extends BaseController implements AuthController
{
    use BaseControllerTrait;
    use Viewable;

    /**
     * Get CSRF token array for forms
     */
    protected function getTokenArray(): array
    {
        return $this->getToken();
    }

    /**
     * Check if user is already logged in and redirect if needed
     */
    protected function redirectIfLoggedIn(?string $redirectUrl = null): ?RedirectResponse
    {
        if (auth()->loggedIn()) {
            $url = $redirectUrl ?? config('Auth')->loginRedirect();

            return redirect()->to($url);
        }

        return null;
    }

    /**
     * Get validation rules for the specific controller
     * Must be implemented by child classes
     */
    abstract protected function getValidationRules(): array;

    /**
     * Validate request data with given rules
     */
    protected function validateRequest(array $data, array $rules): bool
    {
        return $this->validateData($data, $rules, [], config('Auth')->DBGroup);
    }

    /**
     * Handle validation errors with redirect
     */
    protected function handleValidationError(?string $route = null): RedirectResponse
    {
        $route ??= $this->request->getUri()->getPath();

        return redirect()->to($route)
            ->withInput()
            ->with('errors', $this->validator->getErrors());
    }

    /**
     * Handle successful action with redirect
     */
    protected function handleSuccess(string $redirectUrl, ?string $message = null): RedirectResponse
    {
        $redirect = redirect()->to($redirectUrl);

        if ($message) {
            $redirect = $redirect->with('message', $message);
        }

        return $redirect;
    }

    /**
     * Handle error with redirect
     */
    protected function handleError(string $route, string $error, bool $withInput = true): RedirectResponse
    {
        $redirect = redirect()->to($route);

        if ($withInput) {
            $redirect = $redirect->withInput();
        }

        return $redirect->with('error', $error);
    }

    /**
     * Get current session authenticator
     */
    protected function getSessionAuthenticator(): Session
    {
        return auth('session')->getAuthenticator();
    }

    /**
     * Check if current request has post-authentication action
     */
    protected function hasPostAuthAction(): bool
    {
        return $this->getSessionAuthenticator()->hasAction();
    }

    /**
     * Redirect to auth action if one exists
     */
    protected function redirectToAuthAction(): RedirectResponse
    {
        return redirect()->route('auth-action-show')->withCookies();
    }

    /**
     * Extract credentials from POST data for login
     */
    protected function extractLoginCredentials(): array
    {
        $credentials             = $this->request->getPost(setting('Auth.validFields')) ?? [];
        $credentials             = array_filter($credentials);
        $credentials['password'] = $this->request->getPost('password');

        return $credentials;
    }

    /**
     * Check if remember me is requested
     */
    protected function shouldRememberUser(): bool
    {
        return (bool) $this->request->getPost('remember');
    }

    /**
     * Handle authentication result
     */
    protected function handleAuthResult(Result $result, string $failureRoute): RedirectResponse
    {
        if (! $result->isOK()) {
            return $this->handleError($failureRoute, $result->reason());
        }

        // Handle post-authentication action if exists
        if ($this->hasPostAuthAction()) {
            return $this->redirectToAuthAction();
        }

        // Redirect to success page
        return $this->handleSuccess(
            config('Auth')->loginRedirect(),
        )->withCookies();
    }

    /**
     * Records a login/action attempt in the login log.
     *
     * @param string          $type       Identity type (e.g. Session::ID_TYPE_MAGIC_LINK)
     * @param string          $identifier The identifier used (email, token, etc.)
     * @param bool            $success    Whether the attempt was successful
     * @param int|string|null $userId     The user ID if known
     */
    protected function recordLoginAttempt(
        string $type,
        string $identifier,
        bool $success,
        $userId = null,
    ): void {
        /** @var LoginModel $loginModel */
        $loginModel = model(LoginModel::class);

        $loginModel->recordLoginAttempt(
            $type,
            $identifier,
            $success,
            $this->request->getIPAddress(),
            (string) $this->request->getUserAgent(),
            $userId,
        );
    }
}

1	<?php
2
3	declare(strict_types=1);
4
5	/**
6	* This file is part of Daycry Auth.
7	*
8	* (c) Daycry <daycry9@proton.me>
9	*
10	* For the full copyright and license information, please view
11	* the LICENSE file that was distributed with this source code.
12	*/
13
14	namespace Daycry\Auth\Controllers;
15
16	use App\Controllers\BaseController;
17	use CodeIgniter\HTTP\RedirectResponse;
18	use Daycry\Auth\Authentication\Authenticators\Session;
19	use Daycry\Auth\Interfaces\AuthController;
20	use Daycry\Auth\Models\LoginModel;
21	use Daycry\Auth\Result;
22	use Daycry\Auth\Traits\BaseControllerTrait;
23	use Daycry\Auth\Traits\Viewable;
24
25	/**
26	* Base Auth Controller that provides common functionality for all auth controllers
27	*
28	* Uses BaseControllerTrait for core functionality and implements
29	* common patterns used across auth controllers.
30	*/
31	abstract class BaseAuthController extends BaseController implements AuthController
32	{
33	use BaseControllerTrait;
34	use Viewable;
35
36	/**
37	* Get CSRF token array for forms
38	*/
39	protected function getTokenArray(): array	×
40	{
41	return $this->getToken();	×
42	}
43
44	/**
45	* Check if user is already logged in and redirect if needed
46	*/
47	protected function redirectIfLoggedIn(?string $redirectUrl = null): ?RedirectResponse	×
48	{
49	if (auth()->loggedIn()) {	×
50	$url = $redirectUrl ?? config('Auth')->loginRedirect();	×
51
52	return redirect()->to($url);	×
53	}
54
55	return null;	×
56	}
57
58	/**
59	* Get validation rules for the specific controller
60	* Must be implemented by child classes
61	*/
62	abstract protected function getValidationRules(): array;
63
64	/**
65	* Validate request data with given rules
66	*/
67	protected function validateRequest(array $data, array $rules): bool	×
68	{
69	return $this->validateData($data, $rules, [], config('Auth')->DBGroup);	×
70	}
71
72	/**
73	* Handle validation errors with redirect
74	*/
75	protected function handleValidationError(?string $route = null): RedirectResponse	×
76	{
77	$route ??= $this->request->getUri()->getPath();	×
78
79	return redirect()->to($route)	×
80	->withInput()	×
81	->with('errors', $this->validator->getErrors());	×
82	}
83
84	/**
85	* Handle successful action with redirect
86	*/
87	protected function handleSuccess(string $redirectUrl, ?string $message = null): RedirectResponse	×
88	{
89	$redirect = redirect()->to($redirectUrl);	×
90
91	if ($message) {	×
92	$redirect = $redirect->with('message', $message);	×
93	}
94
95	return $redirect;	×
96	}
97
98	/**
99	* Handle error with redirect
100	*/
101	protected function handleError(string $route, string $error, bool $withInput = true): RedirectResponse	×
102	{
103	$redirect = redirect()->to($route);	×
104
105	if ($withInput) {	×
106	$redirect = $redirect->withInput();	×
107	}
108
109	return $redirect->with('error', $error);	×
110	}
111
112	/**
113	* Get current session authenticator
114	*/
115	protected function getSessionAuthenticator(): Session	×
116	{
117	return auth('session')->getAuthenticator();	×
118	}
119
120	/**
121	* Check if current request has post-authentication action
122	*/
123	protected function hasPostAuthAction(): bool	×
124	{
125	return $this->getSessionAuthenticator()->hasAction();	×
126	}
127
128	/**
129	* Redirect to auth action if one exists
130	*/
131	protected function redirectToAuthAction(): RedirectResponse	×
132	{
133	return redirect()->route('auth-action-show')->withCookies();	×
134	}
135
136	/**
137	* Extract credentials from POST data for login
138	*/
139	protected function extractLoginCredentials(): array	×
140	{
141	$credentials = $this->request->getPost(setting('Auth.validFields')) ?? [];	×
142	$credentials = array_filter($credentials);	×
143	$credentials['password'] = $this->request->getPost('password');	×
144
145	return $credentials;	×
146	}
147
148	/**
149	* Check if remember me is requested
150	*/
151	protected function shouldRememberUser(): bool	×
152	{
153	return (bool) $this->request->getPost('remember');	×
154	}
155
156	/**
157	* Handle authentication result
158	*/
159	protected function handleAuthResult(Result $result, string $failureRoute): RedirectResponse	×
160	{
161	if (! $result->isOK()) {	×
162	return $this->handleError($failureRoute, $result->reason());	×
163	}
164
165	// Handle post-authentication action if exists
166	if ($this->hasPostAuthAction()) {	×
167	return $this->redirectToAuthAction();	×
168	}
169
170	// Redirect to success page
171	return $this->handleSuccess(	×
172	config('Auth')->loginRedirect(),	×
173	)->withCookies();	×
174	}
175
176	/**
177	* Records a login/action attempt in the login log.
178	*
179	* @param string $type Identity type (e.g. Session::ID_TYPE_MAGIC_LINK)
180	* @param string $identifier The identifier used (email, token, etc.)
181	* @param bool $success Whether the attempt was successful
182	* @param int\|string\|null $userId The user ID if known
183	*/
NEW 184	protected function recordLoginAttempt(	×
185	string $type,
186	string $identifier,
187	bool $success,
188	$userId = null,
189	): void {
190	/** @var LoginModel $loginModel */
NEW 191	$loginModel = model(LoginModel::class);	×
192
NEW 193	$loginModel->recordLoginAttempt(	×
NEW 194	$type,	×
NEW 195	$identifier,	×
NEW 196	$success,	×
NEW 197	$this->request->getIPAddress(),	×
NEW 198	(string) $this->request->getUserAgent(),	×
NEW 199	$userId,	×
NEW 200	);	×
201	}
202	}

daycry / auth / 23386290410

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous