Authentification fonctionnelle avec protection des pages par rôle
Page de connexion par défaut. Redirections post-login selon le rôle. Navigation header adaptée au profil connecté. Protection des routes : opérations (gestionnaire+admin), gestion comptes (admin), planning (tous). Notifications et barre de session activées.
This commit is contained in:
parent
0c349e7aed
commit
377ed6a346
10 changed files with 113 additions and 56 deletions
|
|
@ -1,5 +1,7 @@
|
||||||
<?php
|
<?php
|
||||||
function login_ctrl() {
|
|
||||||
|
function login_ctrl()
|
||||||
|
{
|
||||||
$ask_route = null;
|
$ask_route = null;
|
||||||
if (isset($_GET['ask'])) {
|
if (isset($_GET['ask'])) {
|
||||||
$ask_route = htmlentities($_GET['ask']);
|
$ask_route = htmlentities($_GET['ask']);
|
||||||
|
|
@ -10,45 +12,61 @@ function login_ctrl() {
|
||||||
login_form_ctrl($ask_route);
|
login_form_ctrl($ask_route);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
function verify_login_ctrl(?string $route) {
|
|
||||||
|
function login_form_ctrl(?string $route)
|
||||||
|
{
|
||||||
|
require('views/login_views.php');
|
||||||
|
login_form_view($route);
|
||||||
|
}
|
||||||
|
|
||||||
|
function verify_login_ctrl(?string $route)
|
||||||
|
{
|
||||||
require('models/connection.php');
|
require('models/connection.php');
|
||||||
require('models/user_crud.php');
|
require('models/user_crud.php');
|
||||||
|
|
||||||
$login = isset($_POST['login']) ? htmlentities($_POST['login']) : '';
|
$login = isset($_POST['login']) ? htmlentities($_POST['login']) : '';
|
||||||
$passwd = isset($_POST['password']) ? $_POST['password'] : '';
|
$passwd = isset($_POST['password']) ? $_POST['password'] : '';
|
||||||
|
|
||||||
$c = connection();
|
$c = connection();
|
||||||
$user = recuperation_auth($c, $login);
|
$user = recuperation_auth($c, $login);
|
||||||
|
|
||||||
if ($user && password_verify($passwd, $user['passwd'])) {
|
if ($user && password_verify($passwd, $user['passwd'])) {
|
||||||
session_regenerate_id(true);
|
session_regenerate_id(true);
|
||||||
$_SESSION['login'] = $user['login'];
|
$_SESSION['login'] = $user['login'];
|
||||||
$_SESSION['role'] = $user['type'];
|
$_SESSION['role'] = $user['type'];
|
||||||
|
|
||||||
|
// Si une route était demandée avant auth, on y redirige
|
||||||
if ($route) {
|
if ($route) {
|
||||||
header('Location: index.php?route=' . $route);
|
header('Location: index.php?route=' . $route);
|
||||||
} else {
|
exit;
|
||||||
|
}
|
||||||
|
|
||||||
|
// Sinon, redirection selon le rôle
|
||||||
switch ($user['type']) {
|
switch ($user['type']) {
|
||||||
case 'admin':
|
|
||||||
header('Location: index.php?route=admin');
|
|
||||||
break;
|
|
||||||
case 'administration':
|
case 'administration':
|
||||||
|
header('Location: index.php?route=modif_utilisateurs_form');
|
||||||
|
break;
|
||||||
|
case 'gestionnaire':
|
||||||
header('Location: index.php?route=operations');
|
header('Location: index.php?route=operations');
|
||||||
break;
|
break;
|
||||||
default:
|
default:
|
||||||
header('Location: index.php');
|
header('Location: index.php?route=planning');
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
}
|
|
||||||
exit;
|
exit;
|
||||||
} else {
|
} else {
|
||||||
echo 'Erreur d\'authentification.';
|
$_SESSION['notification'] = 'Erreur d\'authentification : login ou mot de passe incorrect.';
|
||||||
|
$ask = $route ? '&ask=' . $route : '';
|
||||||
|
header('Location: index.php?route=auth' . $ask);
|
||||||
exit;
|
exit;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
function login_form_ctrl(?string $route) {
|
|
||||||
require('views/login_views.php');
|
function logout_ctrl()
|
||||||
login_form_view($route);
|
{
|
||||||
}
|
|
||||||
function logout_ctrl() {
|
|
||||||
session_unset();
|
session_unset();
|
||||||
session_destroy();
|
session_destroy();
|
||||||
setcookie(session_name(), '', time() - 3600, '/');
|
setcookie(session_name(), '', time() - 3600, '/');
|
||||||
require('views/welcome_view.php');
|
header('Location: index.php');
|
||||||
|
exit;
|
||||||
}
|
}
|
||||||
|
|
@ -22,6 +22,15 @@ function has_role(string $role) {
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
// True if user has at least one of the given roles
|
||||||
|
function has_any_role(array $roles): bool
|
||||||
|
{
|
||||||
|
if (!isset($_SESSION['role'])) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
return in_array($_SESSION['role'], $roles, true);
|
||||||
|
}
|
||||||
|
|
||||||
function verify_grants(string $route, string $role='') {
|
function verify_grants(string $route, string $role='') {
|
||||||
if (! has_role($role) && ! ($role == '' && is_logged())) {
|
if (! has_role($role) && ! ($role == '' && is_logged())) {
|
||||||
header('Location: index.php?route=auth&ask=' . $route);
|
header('Location: index.php?route=auth&ask=' . $route);
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,11 @@
|
||||||
<?php
|
<?php
|
||||||
|
|
||||||
function contact_ctrl() {
|
function contact_ctrl() {
|
||||||
|
require('controllers/auth_utilities.php');
|
||||||
|
if (!has_any_role(['gestionnaire', 'administration'])) {
|
||||||
|
header('Location: index.php?route=auth&ask=ajout_personnes');
|
||||||
|
exit;
|
||||||
|
}
|
||||||
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
|
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
|
||||||
contact_write_ctrl();
|
contact_write_ctrl();
|
||||||
} else {
|
} else {
|
||||||
|
|
|
||||||
|
|
@ -2,6 +2,8 @@
|
||||||
|
|
||||||
function planning_afficher_ctrl()
|
function planning_afficher_ctrl()
|
||||||
{
|
{
|
||||||
|
require('controllers/auth_utilities.php');
|
||||||
|
verify_grants('planning');
|
||||||
require('models/connection.php');
|
require('models/connection.php');
|
||||||
require('models/lecture_page_model.php');
|
require('models/lecture_page_model.php');
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,8 @@
|
||||||
<?php
|
<?php
|
||||||
|
|
||||||
function modif_utilisateurs_form_ctrl() {
|
function modif_utilisateurs_form_ctrl() {
|
||||||
|
require('controllers/auth_utilities.php');
|
||||||
|
verify_grants('modif_utilisateurs_form', 'administration');
|
||||||
require('models/connection.php');
|
require('models/connection.php');
|
||||||
$c = connection();
|
$c = connection();
|
||||||
require('models/modif_compte_model.php');
|
require('models/modif_compte_model.php');
|
||||||
|
|
@ -17,6 +19,8 @@ function modif_utilisateurs_form_ctrl() {
|
||||||
}
|
}
|
||||||
|
|
||||||
function modif_utilisateurs_write_ctrl() {
|
function modif_utilisateurs_write_ctrl() {
|
||||||
|
require('controllers/auth_utilities.php');
|
||||||
|
verify_grants('modif_utilisateurs', 'administration');
|
||||||
if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
|
if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
|
||||||
header('Location: index.php?route=modif_utilisateurs_form');
|
header('Location: index.php?route=modif_utilisateurs_form');
|
||||||
exit;
|
exit;
|
||||||
|
|
|
||||||
|
|
@ -1,10 +1,20 @@
|
||||||
<?php
|
<?php
|
||||||
|
|
||||||
function operations_form_ctrl() {
|
function operations_form_ctrl() {
|
||||||
|
require('controllers/auth_utilities.php');
|
||||||
|
if (!has_any_role(['gestionnaire', 'administration'])) {
|
||||||
|
header('Location: index.php?route=auth&ask=operations');
|
||||||
|
exit;
|
||||||
|
}
|
||||||
require('views/operations_view.php');
|
require('views/operations_view.php');
|
||||||
}
|
}
|
||||||
|
|
||||||
function add_operation_write_ctrl() {
|
function add_operation_write_ctrl() {
|
||||||
|
require('controllers/auth_utilities.php');
|
||||||
|
if (!has_any_role(['gestionnaire', 'administration'])) {
|
||||||
|
header('Location: index.php?route=auth&ask=operations');
|
||||||
|
exit;
|
||||||
|
}
|
||||||
if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
|
if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
|
||||||
header('Location: index.php?route=operations');
|
header('Location: index.php?route=operations');
|
||||||
exit;
|
exit;
|
||||||
|
|
|
||||||
|
|
@ -1,10 +1,14 @@
|
||||||
<?php
|
<?php
|
||||||
|
|
||||||
function add_utilisateurs_form_ctrl() {
|
function add_utilisateurs_form_ctrl() {
|
||||||
|
require('controllers/auth_utilities.php');
|
||||||
|
verify_grants('add_utilisateurs_form', 'administration');
|
||||||
require('views/creation_compte_view.php');
|
require('views/creation_compte_view.php');
|
||||||
}
|
}
|
||||||
|
|
||||||
function add_utilisateurs_write_ctrl() {
|
function add_utilisateurs_write_ctrl() {
|
||||||
|
require('controllers/auth_utilities.php');
|
||||||
|
verify_grants('add_utilisateurs', 'administration');
|
||||||
if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
|
if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
|
||||||
header('Location: index.php?route=add_utilisateurs_form');
|
header('Location: index.php?route=add_utilisateurs_form');
|
||||||
exit;
|
exit;
|
||||||
|
|
|
||||||
|
|
@ -28,11 +28,16 @@
|
||||||
|
|
||||||
|
|
||||||
case null:
|
case null:
|
||||||
require('controllers/lecture_page_ctrl.php');
|
require('controllers/auth_ctrl2.php');
|
||||||
planning_afficher_ctrl();
|
login_ctrl();
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case '':
|
case '':
|
||||||
|
require('controllers/auth_ctrl2.php');
|
||||||
|
login_ctrl();
|
||||||
|
break;
|
||||||
|
|
||||||
|
case 'planning':
|
||||||
require('controllers/lecture_page_ctrl.php');
|
require('controllers/lecture_page_ctrl.php');
|
||||||
planning_afficher_ctrl();
|
planning_afficher_ctrl();
|
||||||
break;
|
break;
|
||||||
|
|
|
||||||
|
|
@ -2,7 +2,7 @@
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
function recuperation_auth(PDO $connex, string $login):array {
|
function recuperation_auth(PDO $connex, string $login):?array {
|
||||||
require_once('config/config.php');
|
require_once('config/config.php');
|
||||||
$req = "SELECT login, passwd, type FROM Utilisateur WHERE login = :login";
|
$req = "SELECT login, passwd, type FROM Utilisateur WHERE login = :login";
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -1,36 +1,36 @@
|
||||||
<?php
|
<?php
|
||||||
//session_start();
|
require_once('controllers/auth_utilities.php');
|
||||||
|
|
||||||
// --- NAVIGATION (auth commentée en attendant le système de connexion) ---
|
// --- NAVIGATION selon le rôle ---
|
||||||
$nav = '<li><a href="index.php">Accueil</a></li>';
|
$nav = '';
|
||||||
|
|
||||||
|
if (is_logged()) {
|
||||||
|
$nav .= '<li><a href="index.php?route=planning">Accueil</a></li>';
|
||||||
|
|
||||||
|
if (has_any_role(['gestionnaire', 'administration'])) {
|
||||||
$nav .= '<li><a href="index.php?route=operations">Opérations</a></li>';
|
$nav .= '<li><a href="index.php?route=operations">Opérations</a></li>';
|
||||||
|
}
|
||||||
|
|
||||||
|
if (has_role('administration')) {
|
||||||
$nav .= '<li><a href="index.php?route=modif_utilisateurs_form">Gestion des comptes</a></li>';
|
$nav .= '<li><a href="index.php?route=modif_utilisateurs_form">Gestion des comptes</a></li>';
|
||||||
|
}
|
||||||
|
|
||||||
// À DÉCOMMENTER quand l'auth sera fonctionnelle :
|
$nav .= '<li><a href="index.php?route=logout" class="nav-right">Déconnexion</a></li>';
|
||||||
// if (is_logged()) {
|
}
|
||||||
// $nav .= '<li><a href="index.php?route=planning">Planning</a></li>';
|
|
||||||
// $nav .= '<li><a href="index.php?route=sauveteurs">Sauveteurs</a></li>';
|
|
||||||
// }
|
|
||||||
// if (has_role('gestionnaire') || has_role('administration')) {
|
|
||||||
// $nav .= '<li><a href="index.php?route=gestion">Gestion</a></li>';
|
|
||||||
// }
|
|
||||||
// if (has_role('administration')) {
|
|
||||||
// $nav .= '<li><a href="index.php?route=admin">Admin</a></li>';
|
|
||||||
// }
|
|
||||||
// if (is_logged()) {
|
|
||||||
// $nav .= '<li><a href="index.php?route=logout" class="nav-right">Déconnexion</a></li>';
|
|
||||||
// } else {
|
|
||||||
// $nav .= '<li><a href="index.php?route=auth" class="nav-right">Connexion</a></li>';
|
|
||||||
// }
|
|
||||||
|
|
||||||
// $session = 'Connecté : ' . htmlentities($_SESSION['login']) . ' (' . ($_SESSION['role'] ?: 'lecture') . ')';
|
// --- BARRE DE SESSION ---
|
||||||
|
if (is_logged()) {
|
||||||
|
$session = 'Connecté : ' . htmlentities($_SESSION['login']) . ' (' . htmlentities($_SESSION['role']) . ')';
|
||||||
|
} else {
|
||||||
$session = 'Non connecté';
|
$session = 'Non connecté';
|
||||||
|
}
|
||||||
|
|
||||||
|
// --- NOTIFICATION ---
|
||||||
$notif = '';
|
$notif = '';
|
||||||
// if (!empty($_SESSION['notification'])) {
|
if (!empty($_SESSION['notification'])) {
|
||||||
// $notif = '<div id="notification">' . htmlentities($_SESSION['notification']) . '</div>';
|
$notif = '<div id="notification">' . htmlentities($_SESSION['notification']) . '</div>';
|
||||||
// unset($_SESSION['notification']);
|
unset($_SESSION['notification']);
|
||||||
// }
|
}
|
||||||
?>
|
?>
|
||||||
<!DOCTYPE html>
|
<!DOCTYPE html>
|
||||||
<html lang="fr">
|
<html lang="fr">
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue