xEdziu / RPG-Handy-Helper

Tool for your Game Master for your next RPG session!

https://rpg.webace-group.dev

MIT License

2 stars 1 forks source link

User Auth Controllers #9

Open xEdziu opened 2 months ago

xEdziu commented 2 months ago

Description

We need to prepare controllers (internal API) to all actions regarding logging, creating accounts and resetting passwords - after preparing database for gm's and implementing email sender

TODO

Handling login form

[ ] ajax from front to backend
[x] handling and sanitazing user input
[x] db operations, checking existence of user etc.
[x] creating session, if credentials are good
[x] response to the front

Handling registration form

[ ] ajax from front to backend
[x] handling and sanitizing user input
[x] db operations, checking existence of user etc.
[x] if everything is good, send activation email
[x] response to the front

Handling "forget password" form

[ ] ajax from front to backend
[x] handling and sanitazing user input
[x] db operations, checking existence of user etc.
[x] sending email to the user with link to resetting password
[x] response to the front

Handling actual changing password form

[x] get hash from URL
[x] check if hash is correct
[x] display proper page to the user (error page if something is not correct or form if everything is good)
[ ] ajax to backend
[x] handling and sanitazing user input
[x] db operations including changing the hash
[x] response to the front

We need to also implement session storage on server and browser

I found a nice tutorial for that, we will have to sit and analize it first tho: https://www.phptutorial.net/php-tutorial/php-remember-me/

xEdziu commented 1 month ago

@Myjem please take care of ajax requests from the above login forms (from front to backend)