67 lines
2.1 KiB
PHP
67 lines
2.1 KiB
PHP
<?php
|
|
declare(strict_types=1);
|
|
|
|
require_once __DIR__ . '/../modules/shared/auth/service.php';
|
|
require_once __DIR__ . '/../modules/shared/auth/ui/login.php';
|
|
require_once __DIR__ . '/../modules/shared/auth/ui/home.php';
|
|
require_once __DIR__ . '/../modules/erp/bestellungen/service.php';
|
|
require_once __DIR__ . '/../modules/erp/lager/service.php';
|
|
|
|
$env = expand_env_values(parse_env_file(__DIR__ . '/../.env'));
|
|
$pdo = connect_database($env);
|
|
auth_bootstrap_session();
|
|
auth_ensure_schema($pdo);
|
|
|
|
if (($_SERVER['REQUEST_METHOD'] ?? 'GET') === 'POST') {
|
|
$csrfToken = (string) ($_POST['csrf_token'] ?? '');
|
|
if (!auth_validate_csrf_token($csrfToken)) {
|
|
render_auth_login_page([
|
|
'identifier_value' => (string) ($_POST['identifier'] ?? ''),
|
|
'errors' => [
|
|
'identifier' => 'Ungültiges Sicherheits-Token. Bitte Seite neu laden.',
|
|
'password' => null,
|
|
],
|
|
]);
|
|
exit;
|
|
}
|
|
|
|
$loginResult = auth_login(
|
|
$pdo,
|
|
(string) ($_POST['identifier'] ?? ''),
|
|
(string) ($_POST['password'] ?? '')
|
|
);
|
|
|
|
if (($loginResult['ok'] ?? false) === true) {
|
|
header('Location: ' . auth_take_return_to());
|
|
exit;
|
|
}
|
|
|
|
render_auth_login_page([
|
|
'identifier_value' => (string) ($_POST['identifier'] ?? ''),
|
|
'errors' => $loginResult['errors'] ?? [],
|
|
]);
|
|
exit;
|
|
}
|
|
|
|
$currentUser = auth_current_user($pdo);
|
|
if ($currentUser !== null) {
|
|
$otcProducts = get_otc_order_form_products($pdo);
|
|
$bestellungenTable = get_sales_order_overview($pdo, [
|
|
'search' => (string) ($_GET['bestellungen_search'] ?? ''),
|
|
'sort_column' => (string) ($_GET['bestellungen_sort'] ?? 'order_date'),
|
|
'sort_direction' => (string) ($_GET['bestellungen_dir'] ?? 'DESC'),
|
|
'limit' => (int) ($_GET['bestellungen_limit'] ?? 20),
|
|
'page_size' => 20,
|
|
]);
|
|
render_auth_home_page($currentUser, $otcProducts, $bestellungenTable);
|
|
exit;
|
|
}
|
|
|
|
render_auth_login_page([
|
|
'identifier_value' => '',
|
|
'errors' => [
|
|
'identifier' => null,
|
|
'password' => null,
|
|
],
|
|
]);
|