From e424df18aadce88a85846fe2d2362c7275da850e Mon Sep 17 00:00:00 2001
From: Ro <are0h@ubiqueros.com>
Date: Tue, 13 Dec 2022 14:46:45 -0800
Subject: [PATCH] Auth Framework, Part 2

Auth class is back up and running to handle user authorizaion
as well as session managment.
Implemented basic usage on admin index class just for an example.

Added a couple of new template files and css to start defining the
overall style of pages and UI.
---
 composer.json                          |  1 +
 composer.lock                          | 61 ++++++++++++++++++++++-
 public/assets/css/front/index-den.css  | 12 +++++
 public/assets/css/front/start.css      |  1 +
 src/Controller/Routes/Back/Index.php   | 67 +++++++++++++++++---------
 src/Controller/Routes/Back/Members.php |  2 +-
 src/Service/Auth.php                   | 14 +++---
 templates/back/index.twig              | 12 +++--
 templates/back/start.twig              | 17 +++++++
 templates/forms/login-form.twig        |  8 +++
 10 files changed, 159 insertions(+), 36 deletions(-)
 create mode 100644 public/assets/css/front/index-den.css
 create mode 100644 templates/back/start.twig
 create mode 100644 templates/forms/login-form.twig

diff --git a/composer.json b/composer.json
index 439644c..adf2356 100644
--- a/composer.json
+++ b/composer.json
@@ -10,6 +10,7 @@
         "doctrine/doctrine-bundle": "^2.7",
         "doctrine/doctrine-migrations-bundle": "^3.2",
         "doctrine/orm": "^2.13",
+        "rbdwllr/reallysimplejwt": "^5.0",
         "sensio/framework-extra-bundle": "^6.2",
         "symfony/console": "6.1.*",
         "symfony/dotenv": "6.1.*",
diff --git a/composer.lock b/composer.lock
index 32ea2ac..8963d5a 100644
--- a/composer.lock
+++ b/composer.lock
@@ -4,7 +4,7 @@
         "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies",
         "This file is @generated automatically"
     ],
-    "content-hash": "32bef6ad7b9303bf2b8b60af3f4fa409",
+    "content-hash": "eb3c50bec813d049150ad9f4cf2b9617",
     "packages": [
         {
             "name": "doctrine/annotations",
@@ -1726,6 +1726,65 @@
             },
             "time": "2021-07-14T16:46:02+00:00"
         },
+        {
+            "name": "rbdwllr/reallysimplejwt",
+            "version": "5.0.0",
+            "source": {
+                "type": "git",
+                "url": "https://github.com/RobDWaller/ReallySimpleJWT.git",
+                "reference": "d7e1014ccbfba43420866fd3dc3f18a521883868"
+            },
+            "dist": {
+                "type": "zip",
+                "url": "https://api.github.com/repos/RobDWaller/ReallySimpleJWT/zipball/d7e1014ccbfba43420866fd3dc3f18a521883868",
+                "reference": "d7e1014ccbfba43420866fd3dc3f18a521883868",
+                "shasum": ""
+            },
+            "require": {
+                "php": ">=8.0.0"
+            },
+            "require-dev": {
+                "friendsofphp/php-cs-fixer": "^2.19",
+                "infection/infection": "^0.26",
+                "phpbench/phpbench": "^1.2",
+                "phploc/phploc": "^7.0",
+                "phpmd/phpmd": "^2.11",
+                "phpstan/phpstan": "^1.2",
+                "phpunit/phpunit": "^9.5",
+                "sebastian/phpcpd": "^6.0",
+                "squizlabs/php_codesniffer": "^3.6"
+            },
+            "type": "library",
+            "autoload": {
+                "psr-4": {
+                    "ReallySimpleJWT\\": "src/"
+                }
+            },
+            "notification-url": "https://packagist.org/downloads/",
+            "license": [
+                "MIT"
+            ],
+            "authors": [
+                {
+                    "name": "Rob Waller",
+                    "email": "rdwaller1984@gmail.com"
+                }
+            ],
+            "description": "A really simple library to generate user authentication JSON Web Tokens.",
+            "keywords": [
+                "Authentication",
+                "json",
+                "json web tokens",
+                "jwt",
+                "php",
+                "tokens"
+            ],
+            "support": {
+                "issues": "https://github.com/RobDWaller/ReallySimpleJWT/issues",
+                "source": "https://github.com/RobDWaller/ReallySimpleJWT/tree/5.0.0"
+            },
+            "time": "2022-04-16T14:00:21+00:00"
+        },
         {
             "name": "sensio/framework-extra-bundle",
             "version": "v6.2.9",
diff --git a/public/assets/css/front/index-den.css b/public/assets/css/front/index-den.css
new file mode 100644
index 0000000..8dbf3bc
--- /dev/null
+++ b/public/assets/css/front/index-den.css
@@ -0,0 +1,12 @@
+section[role="den-login"] {
+  padding: 30px;
+  width: 300px;
+  color: var(--highlight);
+}
+
+section[role="den-login"] div[role="system-notice"] {
+  border-radius: 3px;
+  padding: 3px;
+  background: var(--highlight);
+  color: var(--primary);
+}
diff --git a/public/assets/css/front/start.css b/public/assets/css/front/start.css
index 1690e6f..f29e3ff 100644
--- a/public/assets/css/front/start.css
+++ b/public/assets/css/front/start.css
@@ -3,3 +3,4 @@
 @import url("typography.css");
 @import url("frame.css");
 @import url("index.css");
+@import url("index-den.css");
diff --git a/src/Controller/Routes/Back/Index.php b/src/Controller/Routes/Back/Index.php
index dfb0c04..965b4e8 100644
--- a/src/Controller/Routes/Back/Index.php
+++ b/src/Controller/Routes/Back/Index.php
@@ -8,37 +8,56 @@ namespace App\Controller\Routes\Back;
 use Symfony\Component\HttpFoundation\Response;
 use Symfony\Component\HttpFoundation\Request;
 use Symfony\Component\Routing\Annotation\Route;
+use Symfony\Component\HttpFoundation\RequestStack;
 use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
-
 //use App\Utils\PageRender;
-//use App\Data\Auth;
+use App\Service\Auth;
 
 class Index extends AbstractController
 {
     /**
-     * @Route("/screendoor", name="back-index")
+     * @Route("/den", name="back-index")
      */
-    public function showBackIndex(Request $request): Response
+    public function enterTheDen(Request $request, Auth $auth, RequestStack $requestStack): Response
+    {
+        if ($request->getMethod() == "GET") {
+            $result = $auth->status();
+            if ($result["status"]) {
+                $session = $requestStack->getSession();
+                $member  = $session->get("member");
+                return $this->render("back/start.twig", [
+                    "title"  => "Welcome Back",
+                    "handle" => $member->getHandle()
+                ]);
+            } else {
+                return $this->render("back/index.twig", [
+                    "title" => "Close the door behind you",
+                ]);
+            }
+        } else {
+            //handles login
+            $handle = $request->request->get("handle");
+            $pass   = $request->request->get("password");
+            $result = $auth->authCheck($handle, $pass);
+            if ($result["status"]) {
+                header("Location:/den");
+                return new Response("<html><body>LOGGED IN</body></html>");
+            } else {
+                return $this->render("back/index.twig", [
+                    "title"  => "Close the door behind you",
+                    "notice" => $result["message"]
+                ]);
+            }
+        }
+    }
+
+    /**
+       * @Route("/logout", name="logout-page")
+       */
+    public function leaveTheDen(Auth $auth)
     {
-        return $this->render("back/index.twig", [
-            "title" => "Close the door behind you",
-        ]);
-        /*
-                    $result = $auth->status();
-                    if ($result["status"]) {
-                      return $render->renderPage(
-                        [
-                          "bgImage" => "/images/base/tweed-flowers.png",
-                          "role" => $result["role"],
-                        ],
-                        "The Nile List | Welcome Back",
-                        "front/index.html.twig"
-                      );
-                    } else {
-                      //back to index to login
-                      header("Location:/login");
-                      return new Response("<html><body>LOGGED IN</body></html>");
-                    }
-                    */
+        $auth->logout();
+        header("Location:/den");
+        return new Response("<html><body>LOGGED OUT</body></html>");
     }
 }
diff --git a/src/Controller/Routes/Back/Members.php b/src/Controller/Routes/Back/Members.php
index 6acb37d..3e254c5 100644
--- a/src/Controller/Routes/Back/Members.php
+++ b/src/Controller/Routes/Back/Members.php
@@ -41,7 +41,7 @@ class Members extends AbstractController
     }
 
     /**
-     * @Route("/screendoor/members/add", name="members-add")
+     * @Route("/den/members/add", name="members-add")
      */
     public function addMembers(
         Request $request,
diff --git a/src/Service/Auth.php b/src/Service/Auth.php
index 733b84b..586cb51 100644
--- a/src/Service/Auth.php
+++ b/src/Service/Auth.php
@@ -6,7 +6,7 @@ namespace App\Service;
 
 use Doctrine\ORM\EntityManagerInterface;
 use Symfony\Component\HttpFoundation\RequestStack;
-use App\Entity\Members;
+use App\Entity\Member;
 use ReallySimpleJWT\Token;
 
 class Auth
@@ -23,12 +23,12 @@ class Auth
         $this->secret        = '!$ec7eT$l0w*';
     }
 
-    public function authCheck($email, $password)
+    public function authCheck($handle, $password)
     {
         $response = [];
-        $member   = new Members();
-        $members  = $this->entityManager->getRepository(Members::class);
-        $member   = $members->findOneBy(["email" => $email]);
+        $member   = new Member();
+        $members  = $this->entityManager->getRepository(Member::class);
+        $member   = $members->findOneBy(["handle" => $handle]);
         if (!$member) {
             $response = ["status" => false, "message" => "Member Not Found"];
         } else {
@@ -40,10 +40,10 @@ class Auth
                 $secret     = $this->secret;
                 $expiration = time() + 3600;
                 $token      = Token::create(
-                    $member->getMemberId(),
+                    $member->getId(),
                     $secret,
                     $expiration,
-                    "nile_admin"
+                    "bad_space_admin"
                 );
 
                 $this->session->set("token", $token);
diff --git a/templates/back/index.twig b/templates/back/index.twig
index 6dd9363..d537591 100644
--- a/templates/back/index.twig
+++ b/templates/back/index.twig
@@ -1,10 +1,16 @@
 {% extends "base/frame.twig" %}
 {% block stylesheets %}
-	<link rel="stylesheet" type="text/css" href="/assets/css/front/start.css?=sdfsdf">
+	<link rel="stylesheet" type="text/css" href="/assets/css/front/start.css?=dfadf">
 	{% endblock %}
 
 	{% block main %}
-		<section role="intro">
-			This is the screendoor index
+		<section role="den-login">
+			<h1>This is the Den</h1><br/>
+			{% if notice is defined %}
+				<div role="system-notice">
+					{{ notice }}
+				</div>
+			{% endif %}
+			{{ include("forms/login-form.twig") }}
 		</section>
 	{% endblock %}
diff --git a/templates/back/start.twig b/templates/back/start.twig
new file mode 100644
index 0000000..f3ee9eb
--- /dev/null
+++ b/templates/back/start.twig
@@ -0,0 +1,17 @@
+{% extends "base/frame.twig" %}
+{% block stylesheets %}
+	<link rel="stylesheet" type="text/css" href="/assets/css/front/start.css?=sdfsdf">
+	{% endblock %}
+
+	{% block main %}
+		<section>
+			<h1>
+				Welcome to the Den.
+			</h1>
+			Hey
+			{{ handle }}
+			. Nice to see you again.
+			<a href="/logout">Bye bye</a>
+
+		</section>
+	{% endblock %}
diff --git a/templates/forms/login-form.twig b/templates/forms/login-form.twig
new file mode 100644
index 0000000..2d73dbc
--- /dev/null
+++ b/templates/forms/login-form.twig
@@ -0,0 +1,8 @@
+<form action="{{ path('back-index') }}" method="post" enctype="multipart/form-data">
+	<label>Handle</label><br/>
+	<input type="text" name="handle" value=""/>
+	<br/>
+	<label>Password</label><br/>
+	<input type="password" name="password" value=""/>
+	<input type="hidden" name="token" value="{{ csrf_token('upload') }}"/><br/>
+	<input type="submit" value="Knock Knock" name="submit_button"></form>