diff options
| -rw-r--r-- | controllers/login.php | 8 | ||||
| -rw-r--r-- | models/cookies.php | 7 | ||||
| -rw-r--r-- | models/database.php | 6 | ||||
| -rw-r--r-- | views/global/header.php | 6 | ||||
| -rw-r--r-- | views/global/router.php | 1 | ||||
| -rw-r--r-- | views/login/index.php | 31 | ||||
| -rw-r--r-- | views/logout/index.php | 23 | ||||
| -rw-r--r-- | views/logout/meta.php | 4 |
8 files changed, 69 insertions, 17 deletions
diff --git a/controllers/login.php b/controllers/login.php index 7502b03..8b640ce 100644 --- a/controllers/login.php +++ b/controllers/login.php @@ -21,3 +21,11 @@ function on_post() { $user_status = "User \"" . $_POST["username"] . "\" doesn't exist!"; } } + +function on_delete() { + try { + $headers = apache_request_headers(); + Database\Cookie::delete($headers["Authorization"]); + } + catch(Exception $e) {} +} diff --git a/models/cookies.php b/models/cookies.php index a181022..ddc7d1c 100644 --- a/models/cookies.php +++ b/models/cookies.php @@ -24,6 +24,13 @@ class Cookie extends Table { )->UID; return User::fromDBuid($UID); } + + static function delete(string $token) { + Table::_delete( + 'Cookies', + "Token = \"$token\"" + ); + } } // Taken from https://stackoverflow.com/a/15875555 diff --git a/models/database.php b/models/database.php index f472dbb..dc177e8 100644 --- a/models/database.php +++ b/models/database.php @@ -33,6 +33,12 @@ abstract class Table { return $id; } + static protected function _delete(string $table, string $condition) { + $conn = Table::connect(); + $query = $conn->query("DELETE FROM $table WHERE $condition"); + $conn = null; + } + static protected function _get_entries_count(string $table) : int { $conn = Table::connect(); $query = $conn->query("SELECT count(*) FROM $table"); diff --git a/views/global/header.php b/views/global/header.php index a00c528..863ba10 100644 --- a/views/global/header.php +++ b/views/global/header.php @@ -17,7 +17,8 @@ <div class="flex-expand"></div> <a id="login" href="/login">Login</a> <a id="register" href="/register">Register</a> - <a id="profile" href="/profile/" hidden>Profile</a> + <a id="profile" href="/profile" hidden>Profile</a> + <a id="logout" href="/logout" hidden>Logout</a> <div class="fadeout-right"></div> </nav> <script type="text/javascript"> @@ -25,9 +26,10 @@ document.getElementById('login').hidden = true; document.getElementById('register').hidden = true; + document.getElementById('logout').hidden = false; const profile = document.getElementById('profile'); profile.hidden = false; - profile.href += response; + profile.href += '/' + response; } authenticated(updateNavbar); </script> diff --git a/views/global/router.php b/views/global/router.php index 8986dfe..d77fcda 100644 --- a/views/global/router.php +++ b/views/global/router.php @@ -16,6 +16,7 @@ function route_view() { case '/profile': return '/profile'; case '/register': return '/register'; case '/login': return '/login'; + case '/logout': return '/logout'; } switch ($uri) { diff --git a/views/login/index.php b/views/login/index.php index 1013874..94faafe 100644 --- a/views/login/index.php +++ b/views/login/index.php @@ -1,20 +1,21 @@ -<?php if (isset($user_status)): ?> - <?php if ($user_status !== ""): ?> - <p> - Fail: <?= $user_status ?> - </p> - <?php else: ?> - <p> - Success! - </p> - <script type="text/javascript"> - sessionStorage.setItem("token", "<?= $token ?>"); - window.location.href = "/"; - </script> +<h1>Login</h1> + +<hr class="new-section"/> + +<form action="#" method="POST" class="font-115 flex-col-centered max-width-20 center-margin"> + <?php if (isset($user_status)): ?> + <?php if ($user_status !== ""): ?> + <p class="item error"><span> + <strong>Error:</strong> <?= $user_status ?> + </span></p> + <?php else: ?> + <script type="text/javascript"> + sessionStorage.setItem("token", "<?= $token ?>"); + window.location.href = "/"; + </script> + <?php endif; ?> <?php endif; ?> -<?php endif; ?> -<form action="#" method="POST"> <input type="text" name="username" placeholder="Username" minlength="1" pattern="[A-Za-z][A-Za-z_0-9]*"> <input type="password" name="password" placeholder="Password" minlength="4"> <input type="submit" value="Login"> diff --git a/views/logout/index.php b/views/logout/index.php new file mode 100644 index 0000000..fc9af5a --- /dev/null +++ b/views/logout/index.php @@ -0,0 +1,23 @@ +<h2>Logging you out...</h2> + +<script type="text/javascript"> + if (!sessionStorage.getItem('token')) { + window.location.href = '/'; + } + + function deleteToken(response) { + let token = sessionStorage.getItem('token'); + sessionStorage.removeItem('token'); + + let request = new XMLHttpRequest(); + request.onreadystatechange = function() { + if (request.readyState < 4) return; + + window.location.href = '/'; + } + request.open("DELETE", "#", true); + request.setRequestHeader("Authorization", token); + request.send(null); + } + authenticated(deleteToken); +</script> diff --git a/views/logout/meta.php b/views/logout/meta.php new file mode 100644 index 0000000..be189c2 --- /dev/null +++ b/views/logout/meta.php @@ -0,0 +1,4 @@ +<?php + +$title = 'Logging out'; +$controller = 'login'; |