File "AuthController.php.bak"
Full Path: C:/wamp64/www/Seleccion/controllers/AuthController.php.bak
File size: 4.41 KB
MIME-type: text/x-php
Charset: utf-8
<?php
// controllers/AuthController.php
require_once __DIR__ . '/../models/UsuarioModel.php';
require_once __DIR__ . '/../config/Database.php';
class AuthController {
private $db;
private $usuarioModel;
private $recaptchaSecret = '6LcUafsrAAAAAIpMZzqTmXPQmM6WDRb7UQGd_6t-'; // Tu clave secreta de reCAPTCHA
public function __construct() {
$database = new Database();
$this->db = $database->connect();
$this->usuarioModel = new Usuario($this->db);
}
// Mostrar el formulario de login
public function index() {
// Si ya está logueado, redirigir al panel
if(isset($_SESSION['user_id'])) {
header('Location: index.php?controller=requisicion&action=panel');
exit;
}
require_once __DIR__ . '/../views/autenticacion/login.php';
}
// Procesar el login
public function login() {
if($_SERVER['REQUEST_METHOD'] == 'POST') {
$cedula = trim($_POST['cedula'] ?? '');
$password = $_POST['password'] ?? '';
$recaptchaResponse = $_POST['g-recaptcha-response'] ?? '';
// Validar que los campos no estén vacíos
if(empty($cedula) || empty($password)) {
$_SESSION['flash_error'] = "Por favor complete todos los campos.";
header('Location: index.php?controller=auth&action=index');
exit;
}
// Validar reCAPTCHA
if(!$this->validarRecaptcha($recaptchaResponse)) {
$_SESSION['flash_error'] = "Por favor complete el reCAPTCHA correctamente.";
header('Location: index.php?controller=auth&action=index');
exit;
}
// Intentar autenticar
if($this->usuarioModel->autenticar($cedula, $password)) {
// Crear variables de sesión
$_SESSION['user_id'] = $this->usuarioModel->id;
$_SESSION['user_nombre'] = $this->usuarioModel->nombre;
$_SESSION['user_cedula'] = $this->usuarioModel->cedula;
$_SESSION['user_rol'] = $this->usuarioModel->rol;
$_SESSION['login_time'] = time();
// Regenerar ID de sesión para seguridad
session_regenerate_id(true);
// Redireccionar al panel
header('Location: index.php?controller=requisicion&action=panel');
exit;
} else {
// Error de login
$_SESSION['flash_error'] = "Cédula o contraseña incorrectos.";
header('Location: index.php?controller=auth&action=index');
exit;
}
} else {
// Si no es POST, redirigir al formulario
header('Location: index.php?controller=auth&action=index');
exit;
}
}
// Cerrar sesión
public function logout() {
// Limpiar todas las variables de sesión
$_SESSION = array();
// Destruir la cookie de sesión
if (isset($_COOKIE[session_name()])) {
setcookie(session_name(), '', time()-3600, '/');
}
// Destruir la sesión
session_destroy();
// Redirigir al login
header('Location: index.php?controller=auth&action=index');
exit;
}
// Validar reCAPTCHA
private function validarRecaptcha($response) {
if(empty($response)) {
return false;
}
$url = 'https://www.google.com/recaptcha/api/siteverify';
$data = [
'secret' => $this->recaptchaSecret,
'response' => $response,
'remoteip' => $_SERVER['REMOTE_ADDR']
];
$options = [
'http' => [
'header' => "Content-type: application/x-www-form-urlencoded\r\n",
'method' => 'POST',
'content' => http_build_query($data)
]
];
$context = stream_context_create($options);
$result = file_get_contents($url, false, $context);
if($result === false) {
return false;
}
$resultJson = json_decode($result);
return $resultJson->success ?? false;
}
}
?>