tinyqc/app/Controllers/Auth/AuthController.php

<?php

namespace App\Controllers\Auth;

use CodeIgniter\API\ResponseTrait;
use App\Controllers\BaseController;
use App\Models\Auth\UsersModel;

class AuthController extends BaseController
{
    use ResponseTrait;

    protected $model;

    public function __construct()
    {
        $this->model = new UsersModel();
    }

    public function login()
    {
        if ($this->session->get('isLoggedIn')) {
            return redirect()->to('/');
        }

        return view('auth/login');
    }

    public function processLogin()
    {
        $input = $this->request->getJSON(true);

        if (!$input) {
            return $this->respond([
                'status' => 'error',
                'message' => 'Invalid request'
            ], 400);
        }

        $username = $input['username'] ?? '';
        $password = $input['password'] ?? '';
        $remember = $input['remember'] ?? false;

        if (empty($username) || empty($password)) {
            return $this->respond([
                'status' => 'error',
                'message' => 'Username and password are required'
            ], 400);
        }

        $user = $this->model->findByUsername($username);

        if (!$user) {
            return $this->respond([
                'status' => 'error',
                'message' => 'Invalid username or password'
            ], 401);
        }

        if (!password_verify($password, $user['password'])) {
            return $this->respond([
                'status' => 'error',
                'message' => 'Invalid username or password'
            ], 401);
        }

        $this->session->set([
            'isLoggedIn' => true,
            'userId' => $user['userId'],
            'username' => $user['username']
        ]);

        if ($remember) {
            $token = bin2hex(random_bytes(32));
            $this->model->setRememberToken($user['userId'], $token);
            set_cookie('remember_token', $token, 60 * 60 * 24 * 30);
        }

        return $this->respond([
            'status' => 'success',
            'message' => 'Login successful',
            'redirect' => base_url('/')
        ], 200);
    }

    public function logout()
    {
        $userId = $this->session->get('userId');

        if ($userId) {
            $this->model->setRememberToken($userId, null);
        }

        delete_cookie('remember_token');
        $this->session->destroy();

        return redirect()->to('/login');
    }
}
feat: Add user authentication system and secure all routes - Implement AuthController with login/logout functionality - Create UsersModel with bcrypt password hashing - Add AuthFilter to protect all application routes - Create login page with error handling - Add users database migration with email/username fields - Rename ResultComments to TestComments for consistency - Update all routes to require authentication filter - Enhance EntryApiController with comment deletion and better error handling - Update seeder to include demo users and improved test data - Fix BaseController to handle auth sessions properly - Update entry views (daily/monthly) with new API endpoints - Update layout with logout button and user info display - Refactor control test index view for better organization 2026-02-09 11:12:12 +07:00			`<?php`

			`namespace App\Controllers\Auth;`

			`use CodeIgniter\API\ResponseTrait;`
			`use App\Controllers\BaseController;`
			`use App\Models\Auth\UsersModel;`

			`class AuthController extends BaseController`
			`{`
			`use ResponseTrait;`

			`protected $model;`

			`public function __construct()`
			`{`
			`$this->model = new UsersModel();`
			`}`

			`public function login()`
			`{`
			`if ($this->session->get('isLoggedIn')) {`
			`return redirect()->to('/');`
			`}`

			`return view('auth/login');`
			`}`

			`public function processLogin()`
			`{`
			`$input = $this->request->getJSON(true);`

			`if (!$input) {`
			`return $this->respond([`
			`'status' => 'error',`
			`'message' => 'Invalid request'`
			`], 400);`
			`}`

			`$username = $input['username'] ?? '';`
			`$password = $input['password'] ?? '';`
			`$remember = $input['remember'] ?? false;`

			`if (empty($username) \|\| empty($password)) {`
			`return $this->respond([`
			`'status' => 'error',`
			`'message' => 'Username and password are required'`
			`], 400);`
			`}`

			`$user = $this->model->findByUsername($username);`

			`if (!$user) {`
			`return $this->respond([`
			`'status' => 'error',`
			`'message' => 'Invalid username or password'`
			`], 401);`
			`}`

			`if (!password_verify($password, $user['password'])) {`
			`return $this->respond([`
			`'status' => 'error',`
			`'message' => 'Invalid username or password'`
			`], 401);`
			`}`

			`$this->session->set([`
			`'isLoggedIn' => true,`
			`'userId' => $user['userId'],`
			`'username' => $user['username']`
			`]);`

			`if ($remember) {`
			`$token = bin2hex(random_bytes(32));`
			`$this->model->setRememberToken($user['userId'], $token);`
			`set_cookie('remember_token', $token, 60 * 60 * 24 * 30);`
			`}`

			`return $this->respond([`
			`'status' => 'success',`
			`'message' => 'Login successful',`
			`'redirect' => base_url('/')`
			`], 200);`
			`}`

			`public function logout()`
			`{`
			`$userId = $this->session->get('userId');`

			`if ($userId) {`
			`$this->model->setRememberToken($userId, null);`
			`}`

			`delete_cookie('remember_token');`
			`$this->session->destroy();`

			`return redirect()->to('/login');`
			`}`
			`}`