DakuTree/Dashboard.php Secret

## Dashboard.php
<?php defined('BASEPATH') OR exit('No direct script access allowed');

//controllers/User/Dashboard.php

class Dashboard extends Auth_Controller {
	function __construct() {
		parent::__construct();
	}

	public function index() {
		print "This is the user dashboard.";
	}
}

## Dashboard_test.php
<?php

//tests/controllers/User/Auth/Dashboard_test.php

class Dashboard_test extends TestCase {
	public function test_index_logged_in() {
		//user is logged in, dashboard is visible
		$this->request->setCallablePreConstructor(
			function () {
				$auth = $this->getDouble('Ion_auth', ['logged_in' => TRUE]);
				load_class_instance('ion_auth', $auth);
			}
		);

		//user is logged in, show dashboard
		$output = $this->request('GET', ['Dashboard', 'index']);
		$this->assertContains('This is the user dashboard.', $output);
	}

	public function test_index_not_logged_in() {
		//user isn't logged in and tries to access dashboard, should redirect to user/login.
		$this->request('GET', ['Dashboard', 'index']);
		$this->assertRedirect('user/login');
	}
}

## Login.php
<?php defined('BASEPATH') OR exit('No direct script access allowed');

//controllers/User/Auth/Login.php

class Login extends No_Auth_Controller {
	function __construct() {
		parent::__construct();

		$this->load->library('form_validation');
		$this->form_validation->set_error_delimiters($this->config->item('error_start_delimiter', 'ion_auth'), $this->config->item('error_end_delimiter', 'ion_auth'));
	}

	public function index() {
		$this->header_data['title'] = "Login";

		$this->form_validation->set_rules('identity', 'Identity',  'required', array('required' => 'Please enter your username or email.'));
		$this->form_validation->set_rules('password', 'Password',  'required', array('required' => 'Please enter your password.'));

		if ($isValid = $this->form_validation->run() == TRUE) {
			//form is valid

			//check if identity is email, if not then attempt to use grab from DB
			$identity = $this->User->find_email_from_identity($this->input->post('identity'));

			$remember = (bool) $this->input->post('remember');

			if($identity && $this->ion_auth->login($identity, $this->input->post('password'), $remember)) {
				//login is successful

				$this->session->set_flashdata('notices', $this->ion_auth->messages());

				//redirect to main page, or previous URL
				$this->session->keep_flashdata('referred_from');
				if($prevURL = $this->session->flashdata('referred_from')) {
					redirect($prevURL);
				} else {
					redirect('user/dashboard'); //TODO (CHECK): Should this be refresh?
				}
			} else {
				//login was unsuccessful

				$this->session->set_flashdata('notices', $this->ion_auth->errors());

				$isValid = FALSE;
			}
		}

		//login wasn't valid, failed, or this is a fresh login attempt
		if(!$isValid) {
			$this->body_data['notices'] = validation_errors() ? validation_errors() : $this->session->flashdata('notices');
			//$errors = $this->form_validation->error_array();

			$this->body_data['form_create'] = array (
				'action' => 'user/login',

				'role'   => 'form'
			);
			$this->body_data['form_identity'] = array(
				'name'        => 'identity',
				'id'          => 'identity',
				'type'        => 'text',

				'class'       => 'form-control input-lg',

				'placeholder' => 'Username or Email Address',
				'value'       => $this->form_validation->set_value('identity'),

				'required'    => ''
			);
			$this->body_data['form_password'] = array(
				'name'        => 'password',
				'id'          => 'password',
				'type'        => 'password',

				'class'       => 'form-control input-lg',

				'placeholder' => 'Password',

				'required'    => '',
			);
			$this->body_data['form_remember'] = array(
				'name'    => 'remember',
				'id'      => 'remember',
				'type'    => 'checkbox',

				'class'   => 'hidden',

				'checked' => 'checked',
				'value'   => 'remember' //CI is stupid, so we need to pass a value so CI can see it's checked :\
			);
			$this->body_data['form_submit'] = array(
				'name' => 'submit',
				'type' => 'submit',

				'class' => 'btn btn-lg btn-success btn-block',

				'value' => 'Login'
			);

			$this->session->keep_flashdata('referred_from');
			$this->_render_page('User/Login');
		}
	}
}

## Login_test.php
<?php

//tests/controllers/User/Auth/Login_test.php

class Login_test extends TestCase {
	public function test_index_logged_in() {
		//user is already logged in, redirect to dashboard
		$this->request->setCallablePreConstructor(
			//ERROR: This fails with "Unable to locate the specified class: Bcrypt.php".
			//       Only this test fails, the same test in Dashboard_test.php works if this is commented out.
			function () {
				$auth = $this->getDouble('Ion_auth', ['logged_in' => TRUE]);
				load_class_instance('ion_auth', $auth);
			}
		);

		$this->request('GET', ['Login', 'index']);
		$this->assertRedirect('user/dashboard');
	}

	public function test_index_not_logged_in() {
		//user isn't logged in, so show login form
		$output = $this->request('GET', ['Login', 'index']);
		$this->assertContains('<title>Gemushi - Login</title>', $output);
	}

}

## MY_Controller.php
<?php defined('BASEPATH') OR exit('No direct script access allowed');

//core/MY_Controller.php

class MY_Controller extends CI_Controller {
	protected $header_data = array();
	protected $body_data   = array();
	protected $footer_data = array();
	protected $global_data = array();

	public function __construct(){
		parent::__construct();
	}

	function _render_page(/*(array) $paths*/) {
		//using the union operator + makes sure global_data always takes priority
		//SEE: http://stackoverflow.com/a/2140094/1168377

		$this->load->view('common/header', ($this->global_data + $this->header_data));
		foreach(func_get_args() as $path) {
			view_exists($path) or show_404(); //TODO (FIXME): This seems bad performance wise in the long run. Is there any reason to have it in production?

			$this->load->view($path, ($this->global_data + $this->body_data));
		}
		$this->load->view('common/footer', ($this->global_data + $this->footer_data));
	}
}

/**** AUTH CONTROLLERS ****/
class User_Controller extends MY_Controller {
	public function __construct() {
		parent::__construct();

		$this->load->database();

		$this->load->model('User_Model', 'User');

		$this->load->library('vendor/ion_auth');
		$this->lang->load('auth');
	}
}

class Auth_Controller extends User_Controller {
	public function __construct() {
		parent::__construct();

		if(!$this->ion_auth->logged_in()) redirect('user/login');
	}
}

class No_Auth_Controller extends User_Controller {
	public function __construct() {
		parent::__construct();

		if($this->ion_auth->logged_in()) redirect('user/dashboard');
	}
}

class Admin_Controller extends Auth_Controller {
	public function __construct() {
		parent::__construct();

		if(!$this->ion_auth->is_admin()) {
			//user is not an admin, redirect them to front page

			redirect('/');
		}
	}
}
	<?php defined('BASEPATH') OR exit('No direct script access allowed');

	//controllers/User/Dashboard.php

	class Dashboard extends Auth_Controller {
	function __construct() {
	parent::__construct();
	}

	public function index() {
	print "This is the user dashboard.";
	}
	}
	<?php

	//tests/controllers/User/Auth/Dashboard_test.php

	class Dashboard_test extends TestCase {
	public function test_index_logged_in() {
	//user is logged in, dashboard is visible
	$this->request->setCallablePreConstructor(
	function () {
	$auth = $this->getDouble('Ion_auth', ['logged_in' => TRUE]);
	load_class_instance('ion_auth', $auth);
	}
	);

	//user is logged in, show dashboard
	$output = $this->request('GET', ['Dashboard', 'index']);
	$this->assertContains('This is the user dashboard.', $output);
	}

	public function test_index_not_logged_in() {
	//user isn't logged in and tries to access dashboard, should redirect to user/login.
	$this->request('GET', ['Dashboard', 'index']);
	$this->assertRedirect('user/login');
	}
	}
	<?php defined('BASEPATH') OR exit('No direct script access allowed');

	//controllers/User/Auth/Login.php

	class Login extends No_Auth_Controller {
	function __construct() {
	parent::__construct();

	$this->load->library('form_validation');
	$this->form_validation->set_error_delimiters($this->config->item('error_start_delimiter', 'ion_auth'), $this->config->item('error_end_delimiter', 'ion_auth'));
	}

	public function index() {
	$this->header_data['title'] = "Login";

	$this->form_validation->set_rules('identity', 'Identity', 'required', array('required' => 'Please enter your username or email.'));
	$this->form_validation->set_rules('password', 'Password', 'required', array('required' => 'Please enter your password.'));

	if ($isValid = $this->form_validation->run() == TRUE) {
	//form is valid

	//check if identity is email, if not then attempt to use grab from DB
	$identity = $this->User->find_email_from_identity($this->input->post('identity'));

	$remember = (bool) $this->input->post('remember');

	if($identity && $this->ion_auth->login($identity, $this->input->post('password'), $remember)) {
	//login is successful

	$this->session->set_flashdata('notices', $this->ion_auth->messages());

	//redirect to main page, or previous URL
	$this->session->keep_flashdata('referred_from');
	if($prevURL = $this->session->flashdata('referred_from')) {
	redirect($prevURL);
	} else {
	redirect('user/dashboard'); //TODO (CHECK): Should this be refresh?
	}
	} else {
	//login was unsuccessful

	$this->session->set_flashdata('notices', $this->ion_auth->errors());

	$isValid = FALSE;
	}
	}

	//login wasn't valid, failed, or this is a fresh login attempt
	if(!$isValid) {
	$this->body_data['notices'] = validation_errors() ? validation_errors() : $this->session->flashdata('notices');
	//$errors = $this->form_validation->error_array();

	$this->body_data['form_create'] = array (
	'action' => 'user/login',

	'role' => 'form'
	);
	$this->body_data['form_identity'] = array(
	'name' => 'identity',
	'id' => 'identity',
	'type' => 'text',

	'class' => 'form-control input-lg',

	'placeholder' => 'Username or Email Address',
	'value' => $this->form_validation->set_value('identity'),

	'required' => ''
	);
	$this->body_data['form_password'] = array(
	'name' => 'password',
	'id' => 'password',
	'type' => 'password',

	'class' => 'form-control input-lg',

	'placeholder' => 'Password',

	'required' => '',
	);
	$this->body_data['form_remember'] = array(
	'name' => 'remember',
	'id' => 'remember',
	'type' => 'checkbox',

	'class' => 'hidden',

	'checked' => 'checked',
	'value' => 'remember' //CI is stupid, so we need to pass a value so CI can see it's checked :\
	);
	$this->body_data['form_submit'] = array(
	'name' => 'submit',
	'type' => 'submit',

	'class' => 'btn btn-lg btn-success btn-block',

	'value' => 'Login'
	);

	$this->session->keep_flashdata('referred_from');
	$this->_render_page('User/Login');
	}
	}
	}
	<?php

	//tests/controllers/User/Auth/Login_test.php

	class Login_test extends TestCase {
	public function test_index_logged_in() {
	//user is already logged in, redirect to dashboard
	$this->request->setCallablePreConstructor(
	//ERROR: This fails with "Unable to locate the specified class: Bcrypt.php".
	// Only this test fails, the same test in Dashboard_test.php works if this is commented out.
	function () {
	$auth = $this->getDouble('Ion_auth', ['logged_in' => TRUE]);
	load_class_instance('ion_auth', $auth);
	}
	);

	$this->request('GET', ['Login', 'index']);
	$this->assertRedirect('user/dashboard');
	}

	public function test_index_not_logged_in() {
	//user isn't logged in, so show login form
	$output = $this->request('GET', ['Login', 'index']);
	$this->assertContains('<title>Gemushi - Login</title>', $output);
	}

	}
	<?php defined('BASEPATH') OR exit('No direct script access allowed');

	//core/MY_Controller.php

	class MY_Controller extends CI_Controller {
	protected $header_data = array();
	protected $body_data = array();
	protected $footer_data = array();
	protected $global_data = array();

	public function __construct(){
	parent::__construct();
	}

	function _render_page(/(array) $paths/) {
	//using the union operator + makes sure global_data always takes priority
	//SEE: http://stackoverflow.com/a/2140094/1168377

	$this->load->view('common/header', ($this->global_data + $this->header_data));
	foreach(func_get_args() as $path) {
	view_exists($path) or show_404(); //TODO (FIXME): This seems bad performance wise in the long run. Is there any reason to have it in production?

	$this->load->view($path, ($this->global_data + $this->body_data));
	}
	$this->load->view('common/footer', ($this->global_data + $this->footer_data));
	}
	}

	/** AUTH CONTROLLERS **/
	class User_Controller extends MY_Controller {
	public function __construct() {
	parent::__construct();

	$this->load->database();

	$this->load->model('User_Model', 'User');

	$this->load->library('vendor/ion_auth');
	$this->lang->load('auth');
	}
	}

	class Auth_Controller extends User_Controller {
	public function __construct() {
	parent::__construct();

	if(!$this->ion_auth->logged_in()) redirect('user/login');
	}
	}

	class No_Auth_Controller extends User_Controller {
	public function __construct() {
	parent::__construct();

	if($this->ion_auth->logged_in()) redirect('user/dashboard');
	}
	}

	class Admin_Controller extends Auth_Controller {
	public function __construct() {
	parent::__construct();

	if(!$this->ion_auth->is_admin()) {
	//user is not an admin, redirect them to front page

	redirect('/');
	}
	}
	}