1 package Newslash::Web::Controller::Login;
2 use Mojo::Base 'Mojolicious::Controller';
3 use Mojo::Util qw(b64_encode);
5 use Crypt::OpenSSL::Random qw(random_seed random_bytes );
8 if (!random_seed(time())) {
9 die 'random seed is not sufficient';
14 my $randoms = random_bytes(128);
16 return b64_encode($randoms);
24 my $nickname = $c->param('nickname') || '';
25 my $passwd = $c->param('passwd') || '';
26 my $users = $c->model('users');
28 if (length($nickname) == 0) {
29 $c->render(msg => 'SRAD login');
33 # TODO: if user already logged-in, force logout?
34 my $user = $users->authentification($nickname, $passwd);
36 # convert old preferences
37 my $new_cfg = $users->convert_old_prefs($user->{uid});
39 # if convert executed, update conf
40 $user->{config} = $new_cfg;
41 $user->{configJSON} = encode_json($new_cfg);
44 my $token = $c->_generate_token;
45 # check token's overlap, if so, regenerate
46 my $existence = $c->kvs->hget('sessions', $token);
48 $token = $c->_generate_token;
49 $existence = $c->kvs->hget('sessions', $token);
51 $c->kvs->hset('sessions', $token, $user);
55 remote_addr => $c->req->env->{REMOTE_ADDR},
57 $c->session(session => $session);
62 $c->render(msg => 'Wrong username or password.');
67 my $session = $c->session('session');
68 $c->kvs->hdel('sessions', $session->{token});
69 #$c->model('users')->expire_token($session->{token});
70 #$c->session(expires => 1);
77 # TODO: if user already logged-in, force logout?
79 for my $k (qw(nickname passwd email email_retype newsletter headline)) {
80 $c->stash($k => $c->param($k));
83 if (!$c->param('nickname')
84 || !$c->param('email')
85 || $c->param('email') ne $c->param('email_retype')) {
86 $c->render(error => 1);
90 my $result = $c->model('users')->create_user($c->param('nickname'), $c->param('email'), {});
91 # TODO: set newsletter and headline settings
93 die "database error!";
95 if ($result->{error}) {
96 $c->render(error => 1);
98 $c->render("login/register_done", uid => $result->{uid}, password => $result->{password});