195 lines
5.9 KiB
PHP
195 lines
5.9 KiB
PHP
<?php
|
|
|
|
namespace App\Controllers;
|
|
|
|
use App\Models\UserModel;
|
|
use App\Models\PatientModel;
|
|
|
|
class Auth extends BaseController
|
|
{
|
|
public function login()
|
|
{
|
|
return view('auth/login');
|
|
}
|
|
|
|
public function register()
|
|
{
|
|
return view('auth/register');
|
|
}
|
|
|
|
public function registerProcess()
|
|
{
|
|
$rules = [
|
|
'name' => 'required|min_length[3]|max_length[100]|alpha_numeric_punct',
|
|
'email' => 'required|valid_email|is_unique[users.email]',
|
|
'phone' => 'required|min_length[10]|max_length[10]',
|
|
'password' => 'required|min_length[8]',
|
|
];
|
|
|
|
if (! $this->validate($rules)) {
|
|
return redirect()->back()->withInput();
|
|
}
|
|
|
|
$userModel = new UserModel();
|
|
|
|
$data = [
|
|
'name' => $this->request->getPost('name'),
|
|
'email' => $this->request->getPost('email'),
|
|
'password' => password_hash((string) $this->request->getPost('password'), PASSWORD_DEFAULT),
|
|
'role' => 'patient',
|
|
'status' => 'active',
|
|
];
|
|
|
|
if (! $userModel->skipValidation(true)->insert($data)) {
|
|
return redirect()->back()->withInput()->with('error', 'Registration failed. Please try again.');
|
|
}
|
|
|
|
$user_id = $userModel->getInsertID();
|
|
|
|
$patientModel = new PatientModel();
|
|
$patientModel->insert([
|
|
'user_id' => $user_id,
|
|
'phone' => $this->request->getPost('phone'),
|
|
]);
|
|
|
|
return redirect()->to(site_url('/'))->with('success', 'Account created. You can log in now.');
|
|
}
|
|
|
|
public function loginProcess()
|
|
{
|
|
$rules = [
|
|
'email' => 'required|valid_email',
|
|
'password' => 'required',
|
|
];
|
|
|
|
if (! $this->validate($rules)) {
|
|
return redirect()->back()->withInput();
|
|
}
|
|
|
|
$userModel = new UserModel();
|
|
|
|
$email = $this->request->getPost('email');
|
|
$password = $this->request->getPost('password');
|
|
|
|
$user = $userModel->where('email', $email)->first();
|
|
|
|
if ($user && password_verify((string) $password, $user['password'])) {
|
|
$loginToken = bin2hex(random_bytes(32));
|
|
|
|
if (! $userModel->update($user['id'], ['session_token' => $loginToken])) {
|
|
return redirect()->back()->withInput()->with('error', 'Could not start session. Please try again.');
|
|
}
|
|
|
|
session()->regenerate();
|
|
session()->set([
|
|
'id' => $user['id'],
|
|
'role' => $user['role'],
|
|
'login_token' => $loginToken,
|
|
]);
|
|
|
|
if ($user['role'] === 'admin') {
|
|
return redirect()->to(site_url('admin/dashboard'));
|
|
}
|
|
if ($user['role'] === 'doctor') {
|
|
return redirect()->to(site_url('doctor/dashboard'));
|
|
}
|
|
|
|
return redirect()->to(site_url('patient/dashboard'));
|
|
}
|
|
|
|
return redirect()->back()->withInput()->with('error', 'Invalid email or password.');
|
|
}
|
|
|
|
public function logout()
|
|
{
|
|
$userId = (int) session()->get('id');
|
|
$token = (string) session()->get('login_token');
|
|
|
|
if ($userId > 0 && $token !== '') {
|
|
$db = \Config\Database::connect();
|
|
$db->table('users')
|
|
->where('id', $userId)
|
|
->where('session_token', $token)
|
|
->update(['session_token' => null]);
|
|
}
|
|
|
|
session()->destroy();
|
|
|
|
return redirect()->to(site_url('/'));
|
|
}
|
|
public function forgotPassword()
|
|
{
|
|
return view('auth/forgot_password');
|
|
}
|
|
|
|
public function processForgotPassword()
|
|
{
|
|
$rules = [
|
|
'email' => 'required|valid_email',
|
|
];
|
|
|
|
if (! $this->validate($rules)) {
|
|
return redirect()->back()->withInput();
|
|
}
|
|
|
|
$userModel = new UserModel();
|
|
$email = $this->request->getPost('email');
|
|
$user = $userModel->where('email', $email)->first();
|
|
|
|
if (! $user) {
|
|
return redirect()->back()->with('error', 'Email not found.');
|
|
}
|
|
$resetToken = bin2hex(random_bytes(32));
|
|
$tokenExpires = date('Y-m-d H:i:s', strtotime('+30 minutes'));
|
|
|
|
$userModel->update($user['id'], [
|
|
'reset_token' => $resetToken,
|
|
'reset_token_expires' => $tokenExpires,
|
|
]);
|
|
$resetLink = site_url("reset-password/$resetToken");
|
|
return redirect()->back()->with('success', "Reset link: <a href='$resetLink'>$resetLink</a>");
|
|
}
|
|
|
|
public function resetPassword($token)
|
|
{
|
|
$userModel = new UserModel();
|
|
$user = $userModel->where('reset_token', $token)->first();
|
|
|
|
if (! $user || strtotime($user['reset_token_expires']) < time()) {
|
|
return redirect()->to(site_url('/'))->with('error', 'Invalid or expired reset link.');
|
|
}
|
|
|
|
return view('auth/reset_password', ['token' => $token]);
|
|
}
|
|
|
|
public function processResetPassword()
|
|
{
|
|
$rules = [
|
|
'token' => 'required',
|
|
'password' => 'required|min_length[8]',
|
|
];
|
|
|
|
if (! $this->validate($rules)) {
|
|
return redirect()->back()->withInput();
|
|
}
|
|
|
|
$userModel = new UserModel();
|
|
$token = $this->request->getPost('token');
|
|
$newPassword = $this->request->getPost('password');
|
|
|
|
$user = $userModel->where('reset_token', $token)->first();
|
|
|
|
if (! $user || strtotime($user['reset_token_expires']) < time()) {
|
|
return redirect()->to(site_url('/'))->with('error', 'Invalid or expired reset link.');
|
|
}
|
|
|
|
$userModel->update($user['id'], [
|
|
'password' => password_hash($newPassword, PASSWORD_DEFAULT),
|
|
'reset_token' => null,
|
|
'reset_token_expires' => null,
|
|
]);
|
|
|
|
return redirect()->to(site_url('/'))->with('success', 'Password reset successful. You can now login.');
|
|
}
|
|
}
|