3 files changed, 37 insertions, 0 deletions

diff --git a/src/application/actions/auth/_common.php b/src/application/actions/auth/_common.php
new file mode 100644
index 0000000..2b8911a
--- /dev/null
+++ b/src/application/actions/auth/_common.php
@@ -0,0 +1,6 @@
+<?php
+
+if ($currentUser) {
+    header("Location: " . ($_GET["next"] ?? "."));
+    exit;
+}
diff --git a/src/application/actions/auth/get.php b/src/application/actions/auth/get.php
new file mode 100644
index 0000000..2ff38ff
--- /dev/null
+++ b/src/application/actions/auth/get.php
@@ -0,0 +1,10 @@
+<?php
+
+use mystic\forum\utils\RequestUtils;
+
+_view("template_start", ["_title" => __("Log in")]);
+_view("template_navigation_start");
+_view("template_navigation", ["user" => RequestUtils::getAuthorizedUser($db)]);
+_view("template_navigation_end");
+_view("form_login");
+_view("template_end", [...getThemeAndLangInfo()]);
diff --git a/src/application/actions/auth/post.php b/src/application/actions/auth/post.php
new file mode 100644
index 0000000..e9b5138
--- /dev/null
+++ b/src/application/actions/auth/post.php
@@ -0,0 +1,21 @@
+<?php
+
+use mystic\forum\orm\User;
+use mystic\forum\utils\RequestUtils;
+
+$formId = "login";
+$username = RequestUtils::getRequiredField("username", $formId);
+$password = RequestUtils::getRequiredField("password", $formId);
+
+$user = new User();
+$user->name = $username;
+if (!$db->fetchWhere($user, "name") || !password_verify($password, $user->passwordHash)) {
+    RequestUtils::triggerFormError(__("Username or password incorrect!"), $formId);
+}
+
+if (!$user->activated) {
+    RequestUtils::triggerFormError(__("Please activate your user account first!"), $formId);
+}
+
+RequestUtils::setAuthorizedUser($user);
+header("Location: " . ($_GET["next"] ?? "."));