1 files changed, 81 insertions, 0 deletions
diff --git a/app/Controllers/Http/Dashboard/LoginController.ts b/app/Controllers/Http/Dashboard/LoginController.ts
new file mode 100644
index 0000000..ffb9eeb
--- /dev/null
+++ b/app/Controllers/Http/Dashboard/LoginController.ts
@@ -0,0 +1,81 @@
+import type { HttpContextContract } from '@ioc:Adonis/Core/HttpContext';
+import { schema, rules, validator } from '@ioc:Adonis/Core/Validator';
+import User from 'App/Models/User';
+import crypto from 'node:crypto';
+import { handleVerifyAndReHash } from '../../../../helpers/PasswordHash';
+export default class LoginController {
+  /**
+   * Display the login form
+   */
+  public async show({ view }: HttpContextContract) {
+    return view.render('dashboard/login');
+  }
+  /**
+   * Login a user
+   */
+  public async login({
+    request,
+    response,
+    auth,
+    session,
+  }: HttpContextContract) {
+    try {
+      await validator.validate({
+        schema: schema.create({
+          mail: schema.string([rules.email(), rules.required()]),
+          password: schema.string([rules.required()]),
+        }),
+        data: request.only(['mail', 'password']),
+      });
+    } catch {
+      session.flash({
+        type: 'danger',
+        message: 'Invalid mail or password',
+      });
+      session.flashExcept(['password']);
+      return response.redirect('/user/login');
+    }
+    try {
+      const { mail, password } = request.all();
+      // Check if user with email exists
+      const user = await User.query().where('email', mail).first();
+      if (!user?.email) {
+        throw new Error('User credentials not valid (Invalid email)');
+      }
+      const hashedPassword = crypto
+        .createHash('sha256')
+        .update(password)
+        .digest('base64');
+      // Verify password
+      let isMatchedPassword = false;
+      try {
+        isMatchedPassword = await handleVerifyAndReHash(user, hashedPassword);
+      } catch (error) {
+        return response.internalServerError({ message: error.message });
+      }
+      if (!isMatchedPassword) {
+        throw new Error('User credentials not valid (Invalid password)');
+      }
+      await auth.use('web').login(user);
+      return response.redirect('/user/account');
+    } catch {
+      session.flash({
+        type: 'danger',
+        message: 'Invalid mail or password',
+      });
+      session.flashExcept(['password']);
+      return response.redirect('/user/login');
+    }
+  }
+}

diff --git a/app/Controllers/Http/Dashboard/LoginController.ts b/app/Controllers/Http/Dashboard/LoginController.ts new file mode 100644 index 0000000..ffb9eeb --- /dev/null +++ b/app/Controllers/Http/Dashboard/LoginController.ts
@@ -0,0 +1,81 @@
	1	import type { HttpContextContract } from '@ioc:Adonis/Core/HttpContext';
	2	import { schema, rules, validator } from '@ioc:Adonis/Core/Validator';
	3	import User from 'App/Models/User';
	4	import crypto from 'node:crypto';
	5	import { handleVerifyAndReHash } from '../../../../helpers/PasswordHash';
	6
	7	export default class LoginController {
	8	/**
	9	* Display the login form
	10	*/
	11	public async show({ view }: HttpContextContract) {
	12	return view.render('dashboard/login');
	13	}
	14
	15	/**
	16	* Login a user
	17	*/
	18	public async login({
	19	request,
	20	response,
	21	auth,
	22	session,
	23	}: HttpContextContract) {
	24	try {
	25	await validator.validate({
	26	schema: schema.create({
	27	mail: schema.string([rules.email(), rules.required()]),
	28	password: schema.string([rules.required()]),
	29	}),
	30	data: request.only(['mail', 'password']),
	31	});
	32	} catch {
	33	session.flash({
	34	type: 'danger',
	35	message: 'Invalid mail or password',
	36	});
	37	session.flashExcept(['password']);
	38
	39	return response.redirect('/user/login');
	40	}
	41
	42	try {
	43	const { mail, password } = request.all();
	44
	45	// Check if user with email exists
	46	const user = await User.query().where('email', mail).first();
	47	if (!user?.email) {
	48	throw new Error('User credentials not valid (Invalid email)');
	49	}
	50
	51	const hashedPassword = crypto
	52	.createHash('sha256')
	53	.update(password)
	54	.digest('base64');
	55
	56	// Verify password
	57	let isMatchedPassword = false;
	58	try {
	59	isMatchedPassword = await handleVerifyAndReHash(user, hashedPassword);
	60	} catch (error) {
	61	return response.internalServerError({ message: error.message });
	62	}
	63
	64	if (!isMatchedPassword) {
	65	throw new Error('User credentials not valid (Invalid password)');
	66	}
	67
	68	await auth.use('web').login(user);
	69
	70	return response.redirect('/user/account');
	71	} catch {
	72	session.flash({
	73	type: 'danger',
	74	message: 'Invalid mail or password',
	75	});
	76	session.flashExcept(['password']);
	77
	78	return response.redirect('/user/login');
	79	}
	80	}
	81	}