1:  2:  3:  4:  5:  6:  7:  8:  9: 10: 11: 12: 13: 14: 15: 16: 17: 18: 19: 20: 21: 22: 23: 24: 25: 26: 27: 28: 29: 30: 31: 32: 33: 34: 35: 36: 37: 38: 39: 40: 41: 42: 43: 44: 45: 46: 47: 48: 49: 50: 51: 52: 53: 54: 55: 56: 57: 58: 59: 60: 61: 62: 63: 64: 65: 66: 67: 68: 69: 70: 71: 72: 73: 74: 75: 76: 77: 78: 79: 80: 81: 82: 83: 84: 85: 86: 87: 88: 89: 90: 91: 92: 

<?php

/**
 * MvcCore
 *
 * This source file is subject to the BSD 3 License
 * For the full copyright and license information, please view
 * the LICENSE.md file that are distributed with this source code.
 *
 * @copyright   Copyright (c) 2016 Tom Flídr (https://github.com/mvccore/mvccore)
 * @license     https://mvccore.github.io/docs/mvccore/4.0.0/LICENCE.md
 */

namespace MvcCore\Ext\Auth;

use \MvcCore\Ext\Auth,
    \MvcCore\Ext\Form;

class SignInForm extends Virtual\Form {

    /** @var string */
    public $CssClass = 'sign-in';

    /**
     * Initialize all form fields, initialize hidden field with
     * sourceUrl for cases when in request params is any source url param.
     * To return there after form is submitted.
     * @return \MvcCore\Ext\Auth\SignInForm
     */
    public function Init () {
        parent::Init();

        $cfg = Auth::GetInstance()->GetConfig();
        $this->addSuccessAndErrorUrlHiddens($cfg->signedInUrl, $cfg->errorUrl);

        $this->AddField(new Form\Text(array(
            'name'          => 'username',
            'placeholder'   => 'User',
        )));
        $this->AddField(new Form\Password(array(
            'name'          => 'password',
            'placeholder'   => 'Password',
        )));
        $this->AddField(new Form\SubmitButton(array(
            'name'          => 'send',
            'value'         => 'Sign In',
            'cssClasses'    => array('button'),
        )));

        $params = \MvcCore::GetInstance()->GetRequest()->Params;

        $sourceUrl = isset($params['sourceUrl']) ? $params['sourceUrl'] : '' ;
        $sourceUrl = filter_var($sourceUrl, FILTER_VALIDATE_URL);
        $this->AddField(new Form\Hidden(array(
            'name'          => 'sourceUrl',
            'value'         => $sourceUrl,
        )));

        return $this;
    }

    /**
     * Sign in submit - if there is any user with the same password imprint
     * store user in session for next requests, if there is not - wait for
     * three seconds and then go to error page.
     * @param array $rawParams
     * @return array
     */
    public function Submit ($rawParams = array()) {
        parent::Submit();
        $userClass = Auth::GetInstance()->GetConfig()->userClass;
        if ($this->Result === Form::RESULT_SUCCESS) {
            // now sended values are safe strings, 
            // try to get use by username and compare password hashes:
            $user = $userClass::Authenticate(
                $this->Data['username'], $this->Data['password']
            );
            if (is_null($user)) {
                $this->AddError('User name or password is incorrect.');
            } else {
                $userClass::StoreInSession($user);
            }
        }
        $data = (object) $this->Data;
        $this->SuccessUrl = $data->sourceUrl ? urldecode($data->sourceUrl) : $data->successUrl;
        $this->ErrorUrl = $data->errorUrl;
        if ($this->Result !== Form::RESULT_SUCCESS) {
            sleep(3);
        }
        return array($this->Result, $this->Data, $this->Errors);
    }
}