RdbAdmin Module

LoginController extends BaseController
in package
uses SessionsTrait, UsersTrait

Login page controller.

Tags
since
0.1

Table of Contents

Properties

$Input  : Input
$Languages  : Languages
$runnedCronResult  : array<string|int, mixed>
$totalLoggedInSessions  : int
$userRow  : object|null
$userSessionCookieData  : array<string|int, mixed>

Methods

__construct()  : mixed
{@inheritDoc}
doLoginAction()  : string
Rest API do login.
doLoginResetAction()  : string
REST API do login with reset password action (login one time after logged out because simultaneous login).
doMfaAction()  : string
REST API do 2 step verification.
indexAction()  : string
Login page.
mfaAction()  : string
Display 2 step verification page.
resetAction()  : string
Login one time after account locked due to user's setting about simultaneous login to log all out.
addUpdateUserFormValidation()  : array<string|int, mixed>
Form validation for add and update user.
decryptUserFieldsKey()  : string
Decrypt user fields key.
doLogin()  : array<string|int, mixed>
Do login process.
generateUserFieldsKey()  : array<string|int, mixed>
Generate user fields key.
getConfig()  : array<string|int, mixed>
Get common use configuration between methods.
getPageHtmlClasses()  : string
Get page HTML classes.
getPageHtmlTitle()  : string
Get page HTML title including site name if it was set.
getUserUrlsMethods()  : array<string|int, mixed>
Get URLs and methods about user pages.
isUserLoggedIn()  : bool
Check if user is logged in.
isUserProxy()  : bool
Check if user is using proxy.
logoutUser()  : mixed
Logout target user.
maybeRunCron()  : mixed
Maybe run cron job if config is set to not use server cron.
responseJson()  : string
{@inheritDoc}
responseXml()  : string
{@inheritDoc}
sessionTraitLogoutAll()  : mixed
Logout all succeeded login sessions, lock user account, send login link to user's email.
setBasicConfig()  : mixed
Setup basic PHP configurations such as default timezone.
setHeaderAllowOrigin()  : mixed
Set header allow origin for CORS.
validateLoginResetKey()  : bool
Validate login reset key.
isModuleExcute()  : bool
Check if current call is `Modules->execute()`
removeSensitiveCfgInfo()  : array<string|int, mixed>
Remove sensitive config info that contains non-site configuration.
sessionsTraitCheckIsLoggedInFromContainer()  : array<string|int, mixed>
Check is logged in from container if exists.
sessionTraitLogoutPreviousSessions()  : mixed
Logout all sessions before latest succeeded login. (logout only succeeded login).

Properties

$runnedCronResult

protected array<string|int, mixed> $runnedCronResult = []

Runned cron jobs result. This is for use in case that set cron job, cron tab to run by URL. The CronController will be call to this BaseController. So, it is no need to using Libraries\Cron class to run jobs again. Just get the run result from this property. This property will be set by maybeRunCron() method.

$totalLoggedInSessions

protected int $totalLoggedInSessions = 0

The number of sessions that found this user logged in. This property is able to access after called to isUserLoggedIn() method.

$userRow

protected object|null $userRow

The user row that get from users table. This property is for get and access across methods without get it again and again.

$userSessionCookieData

protected array<string|int, mixed> $userSessionCookieData = []

The cookie data of logged in user. This property is able to access after called to isUserLoggedIn() method.

Methods

__construct()

{@inheritDoc}

public __construct(Container $Container) : mixed
Parameters
$Container : Container

doLoginAction()

Rest API do login.

public doLoginAction() : string
Return values
string

doLoginResetAction()

REST API do login with reset password action (login one time after logged out because simultaneous login).

public doLoginResetAction() : string
Return values
string

doMfaAction()

REST API do 2 step verification.

public doMfaAction() : string

This method will be redirect to login page if failed over x times and did not requested via ajax, rest api.

Return values
string

indexAction()

Login page.

public indexAction() : string
Return values
string

mfaAction()

Display 2 step verification page.

public mfaAction() : string
Return values
string

resetAction()

Login one time after account locked due to user's setting about simultaneous login to log all out.

public resetAction() : string

This will showing reset password form.

Return values
string

addUpdateUserFormValidation()

Form validation for add and update user.

protected addUpdateUserFormValidation(array<string|int, mixed> $data[, array<string|int, mixed> $dataField = [] ][, array<string|int, mixed> $dataUsersRoles = [] ][, string $saveType = 'insert' ][, string|int $user_id = '' ]) : array<string|int, mixed>

Validate required and valid form fields.
Validate that selected roles did not have higher priority that the user who add or update them.
Validate username and email must not exists.
This method was called from doAddAction() method.

Parameters
$data : array<string|int, mixed>

The associative array form data.

$dataField : array<string|int, mixed> = []

Associative array for user_fields table.

$dataUsersRoles : array<string|int, mixed> = []

Associative array for users_roles table.

$saveType : string = 'insert'

Type of saving data. It can be 'insert' or 'update'. Default is 'insert'.

$user_id : string|int = ''

The user_id to check where $saveType is 'update' that any user else data must be unique.

Return values
array<string|int, mixed>

Return associative array with keys if contain at least one error:
formResultStatus (if error),
formResultMessage (if error) The result message,
formFieldsValidation (optional) Fields that contain errors,
responseStatus (optional) For HTTP response status,

decryptUserFieldsKey()

Decrypt user fields key.

protected decryptUserFieldsKey(string|object $encryptedKey) : string
Parameters
$encryptedKey : string|object

The encrypted key string. Or you may set user_fields object from PDO query instead.

Return values
string

Return decrypted key string or return empty string if failed to decrypted.

doLogin()

Do login process.

protected doLogin(array<string|int, mixed> $data, array<string|int, mixed> $output) : array<string|int, mixed>

This method was called from doLoginAction() method.
There is http_response_code() function call from here.
If login success, it will write cookies here (including skip "antibot" cookie if applicable).

Parameters
$data : array<string|int, mixed>

The form data.

$output : array<string|int, mixed>

The output views data.

Return values
array<string|int, mixed>

Return processed with output data that be able to merge with previous $output data in the action method.

generateUserFieldsKey()

Generate user fields key.

protected generateUserFieldsKey([int $length = 8 ]) : array<string|int, mixed>

Generate keys that can be use in change email confirmation, register confirmation, etc.

Parameters
$length : int = 8

The length of key.

Return values
array<string|int, mixed>

Return associative array with 'readableKey', 'encryptedKey' keys.

getConfig()

Get common use configuration between methods.

protected getConfig() : array<string|int, mixed>

This method was called from doLoginAction(), indexAction(), resetAction() methods.

Return values
array<string|int, mixed>

getPageHtmlClasses()

Get page HTML classes.

protected getPageHtmlClasses([array<string|int, mixed> $classes = [] ]) : string
Parameters
$classes : array<string|int, mixed> = []

The classes to set for this html page.

Tags
todo

[rdb] Remove auto generate class name rdba-page-, use new one rdba-pagehtml- to prevent duplicate use in many cases. Remove this in v2.0

todo

[rdb] Remove auto generate class name rdba-class-, use new one rdba-calledclass- to prevent duplicate use in many cases. Remove this in v2.0

Return values
string

Return generated html classes names.

getPageHtmlTitle()

Get page HTML title including site name if it was set.

protected getPageHtmlTitle(string $title[, string|null|false $siteName = false ]) : string
Parameters
$title : string

The site title.

$siteName : string|null|false = false

Site name should be string.
Set to empty string or null will not include the site name.
Set to false to automatic get the site name from config DB.

Tags
throws
InvalidArgumentException
Return values
string

getUserUrlsMethods()

Get URLs and methods about user pages.

protected getUserUrlsMethods([string $user_id = '' ]) : array<string|int, mixed>
Parameters
$user_id : string = ''

The user ID.

Return values
array<string|int, mixed>

Return associative array.

isUserLoggedIn()

Check if user is logged in.

protected isUserLoggedIn([int $user_id = null ][, string $userlogin_session_key = '' ]) : bool

After called this method and it was true then you can access total sessions via totalLoggedInSessions property.
After called this method and cookie is valid then you can access cookie data via userSessionCookieData property.
If there is simultaneous login and user's setting is something that is not allowed (such as logout previous, logout all), it will be process here.

Parameters
$user_id : int = null

The user ID. Set to null (default) to auto detect from cookie.

$userlogin_session_key : string = ''

The logged in session key. Set to empty string (default) to auto detect from cookie.

Return values
bool

Return true if logged in, false for not.

isUserProxy()

Check if user is using proxy.

protected isUserProxy() : bool

This method was called from doLoginAction() method.

Tags
link

Reference.
link

Reference.
Return values
bool

Return true if yes, false for no.

logoutUser()

Logout target user.

protected logoutUser([array<string|int, mixed> $cookieData = [] ][, bool $logoutAllDevice = false ]) : mixed
Parameters
$cookieData : array<string|int, mixed> = []

The associative array of cookie data. This value can get from Cookie class. The array keys are:
user_id (required).
sessionKey (optional) For delete specific session key from user_logins table.

$logoutAllDevice : bool = false

Set to true to logout all device, false for specific session key.

maybeRunCron()

Maybe run cron job if config is set to not use server cron.

protected maybeRunCron() : mixed

responseJson()

{@inheritDoc}

protected responseJson(mixed $output) : string
Parameters
$output : mixed
Return values
string

responseXml()

{@inheritDoc}

protected responseXml(mixed $output) : string
Parameters
$output : mixed
Return values
string

sessionTraitLogoutAll()

Logout all succeeded login sessions, lock user account, send login link to user's email.

protected sessionTraitLogoutAll(int $user_id, UserLoginsDb $UserLoginsDb, UserFieldsDb $UserFieldsDb) : mixed

This method also set cache that email was sent recently.
This method was called from isUserLoggedIn().
This method was called from LoginController->doLogin().

Parameters
$user_id : int
$UserLoginsDb : UserLoginsDb
$UserFieldsDb : UserFieldsDb

setBasicConfig()

Setup basic PHP configurations such as default timezone.

protected setBasicConfig() : mixed

setHeaderAllowOrigin()

Set header allow origin for CORS.

protected setHeaderAllowOrigin() : mixed

validateLoginResetKey()

Validate login reset key.

protected validateLoginResetKey(int $user_id, string $userEnteredLoginResetKey) : bool

This method was called from doLoginResetAction(), resetAction() methods.

Parameters
$user_id : int

The user ID.

$userEnteredLoginResetKey : string

The login reset key that user entered (readable one).

Return values
bool

Return true if success, false for failure.

isModuleExcute()

Check if current call is `Modules->execute()`

private isModuleExcute() : bool

This method was called from maybeRunCron(), __construct().

Tags
since
1.2.9
Return values
bool

Return true if it is, false if it is not.

removeSensitiveCfgInfo()

Remove sensitive config info that contains non-site configuration.

private removeSensitiveCfgInfo(array<string|int, mixed> $output) : array<string|int, mixed>
Parameters
$output : array<string|int, mixed>

The output array that contain configDb array key.

Tags
since
1.2.5
Return values
array<string|int, mixed>

Return removed sensitive info.

sessionsTraitCheckIsLoggedInFromContainer()

Check is logged in from container if exists.

private sessionsTraitCheckIsLoggedInFromContainer() : array<string|int, mixed>

The check data in container must not older than N seconds.

Tags
since
1.2.9
Return values
array<string|int, mixed>

Return indexed array where first index is UsersSessionsTrait object in the container if exists. This value can be null.
Second index is result of "is logged in". This value can be null.

sessionTraitLogoutPreviousSessions()

Logout all sessions before latest succeeded login. (logout only succeeded login).

private sessionTraitLogoutPreviousSessions(int $user_id, UserLoginsDb $UserLoginsDb) : mixed

This method was called from isUserLoggedIn().

Parameters
$user_id : int
$UserLoginsDb : UserLoginsDb 

        

        
    




    

    

                                

                

                                
    

        On this page

        
    


                

                            

            

    

        

            
Search results