handler/admin/Login.php


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31

<?php

namespace handler\admin;

use admin;
use csrf;
use RedirectResponse;
use Response;
use UnauthorizedException;

class Login extends AdminRequestHandler {

    public function get(): Response {
        if (admin::isAdmin())
            return new RedirectResponse('/admin/');
        return $this->skin->renderPage('admin/login');
    }

    public function post(): Response {
        csrf::check('adminlogin');
        $password = $_POST['password'] ?? '';
        $valid = admin::checkPassword($password);
        if ($valid) {
            admin::logAuth();
            admin::setCookie();
            return new RedirectResponse('/admin/');
        }
        throw new UnauthorizedException('nice try');
    }

}