package MyApp::Controller::Auth; use Mojo::Base 'Mojolicious::Controller'; use Mojo::Util qw(trim); sub login_form { my $c = shift; $c->render('login', msg => $c->param('msg')); } sub login { my $c = shift; my $username = trim($c->param('username') // ''); my $password = $c->param('password'); my $auth_result = $c->db->authenticate_user($username, $password); if ($auth_result == 1) { $c->session(user => $username); $c->app->log->info("User $username logged in from IP " . $c->tx->remote_address); return $c->redirect_to('/'); } elsif ($auth_result == 2) { $c->app->log->warn("Pending approval login attempt for user $username from IP " . $c->tx->remote_address); return $c->redirect_to('/login?msg=pending'); } else { $c->app->log->warn("Failed login attempt for user $username from IP " . $c->tx->remote_address); return $c->redirect_to('/login?msg=invalid'); } } sub logout { my $c = shift; $c->session(expires => 1); return $c->redirect_to('/'); } sub register_form { my $c = shift; $c->render('register'); } sub register { my $c = shift; my $username = trim($c->param('username') // ''); my $password = $c->param('password'); my $email = trim($c->param('email') // ''); return $c->render_error('Invalid username') unless $username =~ /^[a-zA-Z0-9_]{3,20}$/; return $c->render_error('Password too short') if length($password) < 8; return $c->render_error('Invalid email') unless $email =~ /^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}$/; if ($c->db->user_exists($username)) { return $c->render_error('Username already exists'); } eval {$c->db->create_user($username, $password, $email); }; if (my $error = $@) { $c->app->log->error("Failed to create user: $error"); return $c->render_error("Error creating user: $error", 500); } $c->app->log->info("New user registered (pending approval): $username from IP " . $c->tx->remote_address); $c->render(text => 'New user registered (pending approval).', status => 200); } 1;