projects/usbcheck.it
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

com

Browse Source
This commit is contained in:
Lars Gebhardt-Kusche
2025-11-19 00:49:53 +01:00
parent 553fefbeaa
commit 0834e1f733
12 changed files with 725 additions and 524 deletions
Download Patch File Download Diff File Expand all files Collapse all files

182
public/login.php
View File

@@ -1,82 +1,146 @@
<?php
// public/login.php
declare(strict_types=1);
require __DIR__ . '/../config/db.php';
require __DIR__ . '/../src/Auth.php';
require __DIR__ . '/../src/auth.php'; // lädt auch config/db.php
$auth = new Auth($pdo);
$error = '';
$lang = auth_get_lang();
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$identifier = trim($_POST['identifier'] ?? '');
$password = $_POST['password'] ?? '';
$errors = [];
$globalError = '';
if ($auth->login($identifier, $password)) {
header('Location: /'); // nach Login auf Startseite
exit;
} else {
$error = 'Login fehlgeschlagen. Bitte Zugangsdaten prüfen.';
// Optional: Redirect-Ziel (z. B. ?redirect=/account.php)
$redirect = '/account.php';
if (!empty($_GET['redirect']) && is_string($_GET['redirect'])) {
// Nur interne Pfade erlauben, keine kompletten URLs
if (strpos($_GET['redirect'], '/') === 0) {
$redirect = $_GET['redirect'];
}
}
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
// CSRF prüfen
if (!auth_verify_csrf($_POST['csrf_token'] ?? null)) {
$globalError = 'Sicherheitsfehler. Bitte die Seite neu laden und erneut versuchen.';
} else {
$identifier = trim((string)($_POST['identifier'] ?? ''));
$password = (string)($_POST['password'] ?? '');
$result = auth_login($identifier, $password);
if ($result['success'] === true) {
header('Location: ' . $redirect);
exit;
} else {
$errors = $result['errors'] ?? [];
}
}
}
$csrfToken = auth_csrf_token();
?>
<!DOCTYPE html>
<html lang="de">
<html lang="<?php echo htmlspecialchars($lang, ENT_QUOTES, 'UTF-8'); ?>">
<head>
<meta charset="UTF-8">
<title>Login usbcheck.it</title>
<meta name="viewport" content="width=device-width, initial-scale=1">
<!-- Dein Tailwind CSS -->
<link rel="stylesheet" href="/css/tailwind.css">
<!-- Fonts: Montserrat + Inter -->
<link rel="preconnect" href="https://fonts.googleapis.com">
<link rel="preconnect" href="https://fonts.gstatic.com" crossorigin>
<link href="https://fonts.googleapis.com/css2?family=Inter:wght@400;500&family=Montserrat:wght@600;700&display=swap" rel="stylesheet">
<!-- Haupt-CSS -->
<link rel="stylesheet" href="/assets/css/main.css?v=1">
</head>
<body class="bg-[#FAFAFA] text-[#1A1A1A] font-[Inter]">
<div class="min-h-screen flex items-center justify-center px-4">
<div class="w-full max-w-md bg-white shadow-lg rounded-2xl p-8">
<h1 class="text-2xl font-[Montserrat] font-bold mb-6 text-center">
Anmelden bei <span class="text-[#0051FF]">usbcheck.it</span>
</h1>
<body>
<?php include __DIR__ . '/partials/header.php'; ?>
<?php if ($error): ?>
<div class="mb-4 text-sm text-[#E63946]">
<?= htmlspecialchars($error, ENT_QUOTES, 'UTF-8') ?>
</div>
<?php endif; ?>
<main>
<section class="section">
<div class="container">
<div style="max-width: 480px; margin: 0 auto;">
<h1 class="section-title" style="font-size: 1.6rem; text-align: center; margin-bottom: 1.5rem;">
Anmelden bei usbcheck.it
</h1>
<p class="section-lead" style="text-align: center; margin-bottom: 2rem;">
Melde dich mit deiner E-Mail-Adresse oder deinem Benutzernamen an, um deine USB-Tests und Geräte zu verwalten.
</p>
<form method="post" class="space-y-4">
<div>
<label class="block text-sm mb-1" for="identifier">
E-Mail oder Benutzername
</label>
<input
type="text"
id="identifier"
name="identifier"
required
class="w-full border border-[#C8CBD0] rounded-lg px-3 py-2 focus:outline-none focus:ring-2 focus:ring-[#0051FF]"
>
</div>
<?php if ($globalError !== ''): ?>
<div style="margin-bottom: 1rem; padding: 0.75rem 1rem; border-radius: 12px; background: #ffe6e8; color: #a4001f; font-size: 0.9rem;">
<?php echo htmlspecialchars($globalError, ENT_QUOTES, 'UTF-8'); ?>
</div>
<?php endif; ?>
<div>
<label class="block text-sm mb-1" for="password">
Passwort
</label>
<input
type="password"
id="password"
name="password"
required
class="w-full border border-[#C8CBD0] rounded-lg px-3 py-2 focus:outline-none focus:ring-2 focus:ring-[#0051FF]"
>
</div>
<?php if (!empty($errors['login'])): ?>
<div style="margin-bottom: 1rem; padding: 0.75rem 1rem; border-radius: 12px; background: #ffe6e8; color: #a4001f; font-size: 0.9rem;">
<?php echo htmlspecialchars($errors['login'], ENT_QUOTES, 'UTF-8'); ?>
</div>
<?php endif; ?>
<button
type="submit"
class="w-full bg-[#0051FF] text-white font-[Montserrat] font-semibold rounded-lg py-2 mt-4 hover:bg-blue-700 transition"
>
Login
</button>
</form>
<form method="post" class="step-card">
<div style="margin-bottom: 1rem;">
<label for="identifier" style="display:block; font-size:0.9rem; margin-bottom:0.25rem;">
E-Mail oder Benutzername
</label>
<input
type="text"
id="identifier"
name="identifier"
required
style="
width: 100%;
border-radius: 10px;
border: 1px solid var(--silver);
padding: 0.55rem 0.75rem;
font-size: 0.95rem;
font-family: 'Inter', system-ui, sans-serif;
"
value="<?php echo htmlspecialchars($_POST['identifier'] ?? '', ENT_QUOTES, 'UTF-8'); ?>"
>
</div>
<div style="margin-bottom: 1rem;">
<label for="password" style="display:block; font-size:0.9rem; margin-bottom:0.25rem;">
Passwort
</label>
<input
type="password"
id="password"
name="password"
required
style="
width: 100%;
border-radius: 10px;
border: 1px solid var(--silver);
padding: 0.55rem 0.75rem;
font-size: 0.95rem;
font-family: 'Inter', system-ui, sans-serif;
"
>
</div>
<input type="hidden" name="csrf_token" value="<?php echo htmlspecialchars($csrfToken, ENT_QUOTES, 'UTF-8'); ?>">
<div style="margin-top: 1.5rem; display:flex; flex-direction:column; gap:0.5rem;">
<button type="submit" class="btn btn-primary" style="width: 100%; justify-content: center;">
Login
</button>
<a href="/register.php" class="btn btn-ghost" style="width: 100%; justify-content: center;">
Noch kein Konto? Jetzt registrieren
</a>
</div>
</form>
</div>
</div>
</div>
</section>
</main>
<?php include __DIR__ . '/partials/footer.php'; ?>
<script src="/assets/js/lang.js?v=1"></script>
</body>
</html>