diff options
Diffstat (limited to 'controllers')
-rw-r--r-- | controllers/auth.php | 5 | ||||
-rw-r--r-- | controllers/controllers.php | 41 |
2 files changed, 41 insertions, 5 deletions
diff --git a/controllers/auth.php b/controllers/auth.php index 7caaba3..7caddd3 100644 --- a/controllers/auth.php +++ b/controllers/auth.php @@ -67,11 +67,6 @@ $app->get('/', function($format='html') use($app) { $res->body($html); }); -$app->get('/signin', function() use($app) { - $html = render('signin', array('title' => 'Sign In')); - $app->response()->body($html); -}); - $app->get('/auth/start', function() use($app) { $req = $app->request(); diff --git a/controllers/controllers.php b/controllers/controllers.php index 3ff111e..5b28bb8 100644 --- a/controllers/controllers.php +++ b/controllers/controllers.php @@ -63,6 +63,47 @@ $app->get('/docs', function() use($app) { $app->response()->body($html); }); +$app->get('/add-to-home', function() use($app) { + $params = $app->request()->params(); + + if(array_key_exists('token', $params) && !session('add-to-home-started')) { + + // Verify the token and sign the user in + try { + $data = JWT::decode($params['token'], Config::$jwtSecret); + $_SESSION['user_id'] = $data->user_id; + $_SESSION['me'] = $data->me; + $app->redirect('/new', 301); + } catch(DomainException $e) { + header('X-Error: DomainException'); + $app->redirect('/', 301); + } catch(UnexpectedValueException $e) { + header('X-Error: UnexpectedValueException'); + $app->redirect('/', 301); + } + + } else { + + if($user=require_login($app)) { + if(array_key_exists('start', $params)) { + $_SESSION['add-to-home-started'] = true; + + $token = JWT::encode(array( + 'user_id' => $_SESSION['user_id'], + 'me' => $_SESSION['me'], + 'created_at' => time() + ), Config::$jwtSecret); + + $app->redirect('/add-to-home?token='.$token, 301); + } else { + unset($_SESSION['add-to-home-started']); + $html = render('add-to-home', array('title' => 'Quill')); + $app->response()->body($html); + } + } + } +}); + $app->post('/micropub/post', function() use($app) { if($user=require_login($app)) { $params = $app->request()->params(); |