feat(auth): harden login flows and finalize quality-check coverage

This commit is contained in:
2026-03-07 22:54:33 +01:00
parent aefe80457c
commit 7153fec05c
20 changed files with 1769 additions and 28 deletions

View File

@@ -4,6 +4,7 @@ use MintyPHP\Http\SessionStoreInterface;
use MintyPHP\Router;
use MintyPHP\Service\Auth\AuthServicesFactory;
use MintyPHP\Service\User\UserServicesFactory;
use MintyPHP\Session;
use MintyPHP\Support\Flash;
$sessionStore = app(SessionStoreInterface::class);
@@ -15,29 +16,35 @@ if (!allowRegistration()) {
Router::redirect('login');
}
if ($request->hasBody('email')) {
$authService = (app(AuthServicesFactory::class))->createAuthService();
$firstName = $request->bodyString('first_name');
$lastName = $request->bodyString('last_name');
$email = $request->bodyString('email');
$password = (string) $request->body('password', '');
$password2 = (string) $request->body('password2', '');
if ($request->isMethod('POST')) {
if (!Session::checkCsrfToken()) {
$error = t('Form expired, please try again');
} elseif ($request->hasBody('email')) {
$authService = (app(AuthServicesFactory::class))->createAuthService();
$firstName = $request->bodyString('first_name');
$lastName = $request->bodyString('last_name');
$email = $request->bodyString('email');
$password = (string) $request->body('password', '');
$password2 = (string) $request->body('password2', '');
$result = $authService->register([
'first_name' => $firstName,
'last_name' => $lastName,
'email' => $email,
'password' => $password,
'password2' => $password2,
]);
$result = $authService->register([
'first_name' => $firstName,
'last_name' => $lastName,
'email' => $email,
'password' => $password,
'password2' => $password2,
]);
if (!($result['ok'] ?? false)) {
$error = $result['error'] ?? t('User can not be registered');
if (!($result['ok'] ?? false)) {
$error = $result['error'] ?? t('User can not be registered');
} else {
// Store email in session for verify-email page
$sessionStore->set('email_verification_email', $result['email'] ?? $email);
Flash::success(t('Registration successful! Please check your email for the verification code.'), 'verify-email', 'registration_success');
Router::redirect('verify-email');
}
} else {
// Store email in session for verify-email page
$sessionStore->set('email_verification_email', $result['email'] ?? $email);
Flash::success(t('Registration successful! Please check your email for the verification code.'), 'verify-email', 'registration_success');
Router::redirect('verify-email');
$error = t('User can not be registered');
}
}