diff options
| author | Thomas Vanbesien <tvanbesi@proton.me> | 2026-03-21 21:35:51 +0100 |
|---|---|---|
| committer | Thomas Vanbesien <tvanbesi@proton.me> | 2026-03-21 21:35:51 +0100 |
| commit | bc54c8c31e7f50a7a365f9b4d22fe8c74a29f61a (patch) | |
| tree | 73a88384b9e472386d244119a0b4e4aa028c8b32 /src/app/Mail.php | |
| parent | d1ef15fa39935bfa0420c5ac2b8c269e294c9a6d (diff) | |
| download | camagru-bc54c8c31e7f50a7a365f9b4d22fe8c74a29f61a.tar.gz camagru-bc54c8c31e7f50a7a365f9b4d22fe8c74a29f61a.zip | |
Add user authentication with email verification and password reset
Implements registration, login/logout, email verification via token,
and password reset flow. Includes CSRF protection, flash messages,
MailPit for dev email testing, and security docs in README.
Diffstat (limited to 'src/app/Mail.php')
| -rw-r--r-- | src/app/Mail.php | 42 |
1 files changed, 42 insertions, 0 deletions
diff --git a/src/app/Mail.php b/src/app/Mail.php new file mode 100644 index 0000000..054c6e0 --- /dev/null +++ b/src/app/Mail.php @@ -0,0 +1,42 @@ +<?php + +declare(strict_types=1); +// Sends emails using PHP's built-in mail() function. +// In Docker, msmtp is configured as the sendmail transport. + +namespace App; + +class Mail +{ + public static function send(string $to, string $subject, string $body): bool + { + $from = getenv('MAIL_FROM') ?: 'noreply@camagru.local'; + $headers = "From: $from\r\n"; + $headers .= "Content-Type: text/html; charset=UTF-8\r\n"; + + return mail($to, $subject, $body, $headers); + } + + public static function sendVerification(string $to, string $token): bool + { + $url = getenv('APP_URL') . '/verify?token=' . urlencode($token); + $subject = 'Camagru — Verify your email'; + $body = '<p>Click the link below to verify your email address:</p>' + . '<p><a href="' . htmlspecialchars($url) . '">' . htmlspecialchars($url) . '</a></p>' + . '<p>If you did not create an account, ignore this email.</p>'; + + return self::send($to, $subject, $body); + } + + public static function sendPasswordReset(string $to, string $token): bool + { + $url = getenv('APP_URL') . '/reset-password?token=' . urlencode($token); + $subject = 'Camagru — Reset your password'; + $body = '<p>Click the link below to reset your password:</p>' + . '<p><a href="' . htmlspecialchars($url) . '">' . htmlspecialchars($url) . '</a></p>' + . '<p>This link expires in 1 hour.</p>' + . '<p>If you did not request a password reset, ignore this email.</p>'; + + return self::send($to, $subject, $body); + } +} |