commit 773eb1092daea25bdd93d77be3582cbf9f4bf276
Author: Christian Wolf <git@christianwolf.email>
Date:   Sat Mar 30 17:01:31 2019 +0100

    Initial version with functionality to log into the component using frontend

diff --git a/.buildpath b/.buildpath
new file mode 100644
index 0000000..e9e2cb4
--- /dev/null
+++ b/.buildpath
@@ -0,0 +1,6 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<buildpath>
+	<buildpathentry kind="src" path="src"/>
+	<buildpathentry external="true" kind="lib" path="/srv/slt-dev"/>
+	<buildpathentry kind="con" path="org.eclipse.php.core.LANGUAGE"/>
+</buildpath>
diff --git a/.project b/.project
new file mode 100644
index 0000000..b6e535a
--- /dev/null
+++ b/.project
@@ -0,0 +1,28 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<projectDescription>
+	<name>com_clubs</name>
+	<comment></comment>
+	<projects>
+	</projects>
+	<buildSpec>
+		<buildCommand>
+			<name>org.eclipse.wst.common.project.facet.core.builder</name>
+			<arguments>
+			</arguments>
+		</buildCommand>
+		<buildCommand>
+			<name>org.eclipse.wst.validation.validationbuilder</name>
+			<arguments>
+			</arguments>
+		</buildCommand>
+		<buildCommand>
+			<name>org.eclipse.dltk.core.scriptbuilder</name>
+			<arguments>
+			</arguments>
+		</buildCommand>
+	</buildSpec>
+	<natures>
+		<nature>org.eclipse.php.core.PHPNature</nature>
+		<nature>org.eclipse.wst.common.project.facet.core.nature</nature>
+	</natures>
+</projectDescription>
diff --git a/.settings/org.eclipse.php.core.prefs b/.settings/org.eclipse.php.core.prefs
new file mode 100644
index 0000000..d0241b4
--- /dev/null
+++ b/.settings/org.eclipse.php.core.prefs
@@ -0,0 +1,2 @@
+eclipse.preferences.version=1
+include_path=1;/srv/slt-dev
diff --git a/.settings/org.eclipse.wst.common.project.facet.core.xml b/.settings/org.eclipse.wst.common.project.facet.core.xml
new file mode 100644
index 0000000..76b9d03
--- /dev/null
+++ b/.settings/org.eclipse.wst.common.project.facet.core.xml
@@ -0,0 +1,7 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<faceted-project>
+  <fixed facet="php.component"/>
+  <fixed facet="php.core.component"/>
+  <installed facet="php.core.component" version="1"/>
+  <installed facet="php.component" version="7.3"/>
+</faceted-project>
diff --git a/src/.directory b/src/.directory
new file mode 100644
index 0000000..117a104
--- /dev/null
+++ b/src/.directory
@@ -0,0 +1,4 @@
+[Dolphin]
+Timestamp=2019,3,30,10,20,7
+Version=4
+ViewMode=1
diff --git a/src/admin/clubs.php b/src/admin/clubs.php
new file mode 100644
index 0000000..aea8f99
--- /dev/null
+++ b/src/admin/clubs.php
@@ -0,0 +1,5 @@
+<?php
+
+// No direct access.
+defined('_JEXEC') or die;
+
diff --git a/src/admin/clubs.xml b/src/admin/clubs.xml
new file mode 120000
index 0000000..5a7e926
--- /dev/null
+++ b/src/admin/clubs.xml
@@ -0,0 +1 @@
+../clubs.xml
\ No newline at end of file
diff --git a/src/admin/controller.php b/src/admin/controller.php
new file mode 100644
index 0000000..134a89f
--- /dev/null
+++ b/src/admin/controller.php
@@ -0,0 +1,11 @@
+<?php
+
+use Joomla\CMS\MVC\Controller\BaseController;
+
+// No direct access.
+defined('_JEXEC') or die;
+
+class ClubsController extends BaseController
+{
+    
+}
diff --git a/src/clubs.xml b/src/clubs.xml
new file mode 100644
index 0000000..518fc17
--- /dev/null
+++ b/src/clubs.xml
@@ -0,0 +1,80 @@
+<?xml version="1.0" encoding="utf-8"?>
+<extension
+    version="3.0"
+    method="upgrade"
+    type="component">
+	
+	<!-- SOLLTE, Der Annzeige-Name in Joomla -->
+	<name>Vereinsmanagement</name>
+	<title>Vereinsportal des saarländischen Tanzsportverbands</title>
+	
+	<!--SOLLTE Erstellungsdatum -->
+	<creationDate>30.03.2019</creationDate>
+	
+	<!-- SOLLTE, Wer ist der Urheber -->
+	<author>Christian Wolf</author>
+	<!-- SOLLTE, für ausgelieferte Templates immer eine Kontakt-E-Mail-Adressse -->
+	<authorEmail>homepage@slt.wolf-stuttgart.net</authorEmail>
+	<!-- SOLLTE, klar, die Webseite gehört dazu -->
+	<!--<authorUrl>http://www.joomla-templates.de</authorUrl>-->
+	
+	<!-- SOLLTE, die eigene Versionsnummer des Templates -->
+	<version>0.0.1</version>
+	
+	<!-- SOLLTE, Die Template-Beschreibung wird hier als Joomla language mit einem Platzhalter versehen. In diesem Template-Ordner befindet sich die Sprachdatei in der TPL_TEST_TEMPLATE_XML_DESCRIPTION hinterlegt ist -->
+	<!--<description>TPL_TEST_TEMPLATE_XML_DESCRIPTION</description>-->
+	
+	<!-- MUSS, der Files-Tag bezeichnet den Block mit den Dateien und Ordnern die mit installiert werden -->
+	<files from='site'> 
+		<filename>clubs.php</filename>
+		<filename>controller.php</filename>
+		<folder>controller</folder>
+		<folder>helpers</folder>
+		<folder>models</folder>
+		<folder>views</folder>
+	</files>
+
+	<!--Sollte, Sollten unterschiedliche Sprachen genutzt werden, ist hier der richtige Platz um diese zu installieren-->
+	<!--<languages folder="language">
+		<language tag="de-DE">de-DE/de-DE.tpl_test_template.sys.ini</language>
+		<language tag="de-DE">de-DE/de-DE.tpl_test_template.ini</language>
+		<language tag="de-DE">en-GB/en-GB.tpl_test_template.sys.ini</language>
+		<language tag="de-DE">en-GB/en-GB.tpl_test_template.ini</language>
+	</languages>-->
+
+	<administration>
+		<menu>Vereinsmanagement</menu>
+		<submenu>
+<!-- 			<menu link='link' view='v'>Test</menu> -->
+		</submenu>
+		<files from='admin'>
+			<filename>clubs.php</filename>
+			<filename>controller.php</filename>
+			<folder>sql</folder>
+		</files>
+	</administration>
+	
+	<install>
+		<sql>
+			<file driver='mysql'>sql/mysql/install.sql</file>
+		</sql>
+	</install>
+	<uninstall>
+		<sql>
+			<file driver='mysql'>sql/mysql/uninstall.sql</file>
+		</sql>
+	</uninstall>
+	<update>
+		<schemas>
+			<schemapath type='mysql'>sql/updates/mysql</schemapath>
+		</schemas>
+	</update>
+	
+<!-- 	<scriptfile></scriptfile> -->
+	
+	<!-- Parameter Block ende -->
+	<updateservers>
+		<server type="extension" name="SLT Update Site of Christian Wolf" priority="1">http://slt.wolf-stuttgart.net/update/clubs/slt-update.xml</server>
+	</updateservers>
+
+</extension>
diff --git a/src/site/clubs.php b/src/site/clubs.php
new file mode 100644
index 0000000..638e005
--- /dev/null
+++ b/src/site/clubs.php
@@ -0,0 +1,15 @@
+<?php
+
+use Joomla\CMS\MVC\Controller\BaseController;
+use Joomla\CMS\Factory;
+
+// No direct access.
+defined('_JEXEC') or die;
+
+$controller = BaseController::getInstance("Clubs");
+$input = Factory::getApplication()->input;
+
+$task = $input->getCmd("task", "display");
+
+$controller->execute($task);
+$controller->redirect();
diff --git a/src/site/controller.php b/src/site/controller.php
new file mode 100644
index 0000000..6f76b47
--- /dev/null
+++ b/src/site/controller.php
@@ -0,0 +1,20 @@
+<?php
+
+use Joomla\CMS\MVC\Controller\BaseController;
+
+// No direct access.
+defined('_JEXEC') or die;
+
+class ClubsController extends BaseController
+{
+    
+    public function display($cachable = false, $params = array())
+    {
+        parent::display($cachable, $params);
+    }
+    
+    public function foo()
+    {
+        echo "dsfh";
+    }
+}
diff --git a/src/site/controllers/login.php b/src/site/controllers/login.php
new file mode 100644
index 0000000..5d644c7
--- /dev/null
+++ b/src/site/controllers/login.php
@@ -0,0 +1,43 @@
+<?php
+
+use Joomla\CMS\MVC\Controller\BaseController;
+use Joomla\CMS\Factory;
+
+// No direct access.
+defined('_JEXEC') or die;
+
+JLoader::register("ClubsHelperAuth", JPATH_ROOT . "/components/com_clubs/helpers/auth.php");
+
+class ClubsControllerLogin extends BaseController
+{
+    public function login()
+    {
+        $helper = new ClubsHelperAuth();
+        $helper->logoffCookie();
+        
+        $input = Factory::getApplication()->input;
+        $user = $input->get('user');
+        $pwd = $input->get('password');
+        $success = $helper->checkUser($user, $pwd);
+        
+        if($success)
+        {
+            // Login succeeded
+            $keep = (bool) $input->get('keep', false);
+            $helper->loginCookie($user, $keep);
+            
+            $this->setRedirect("?option=com_clubs");
+        }
+        else
+        {
+            $this->setRedirect("?option=com_clubs&view=login&state=failed");
+        }
+    }
+    
+    public function logout()
+    {
+        $helper = new ClubsHelperAuth();
+        $helper->logoffCookie();
+        $this->setRedirect("?option=com_clubs&view=login");
+    }
+}
diff --git a/src/site/helpers/auth.php b/src/site/helpers/auth.php
new file mode 100644
index 0000000..6fd944c
--- /dev/null
+++ b/src/site/helpers/auth.php
@@ -0,0 +1,109 @@
+<?php
+
+use Joomla\CMS\MVC\Model\BaseDatabaseModel;
+use Joomla\CMS\Factory;
+
+// No direct access.
+defined('_JEXEC') or die;
+
+class ClubsHelperAuth
+{
+    
+    public function checkUser($user, $pwd)
+    {
+        $userModel = BaseDatabaseModel::getInstance("user", "ClubsModel");
+        $savedHash = $userModel->getPassword($user);
+        
+        return password_verify($pwd, $savedHash);
+    }
+    
+    public function logoffCookie()
+    {
+        Factory::getApplication()->input->cookie->set("clubsLogin", "");
+    }
+    
+    public function loginCookie($user, $keep)
+    {
+        $authCookie = array();
+        $authCookie['user'] = $user;
+        $authCookie['start'] = time();
+        
+        $value = array();
+        $value['auth'] = $authCookie;
+        
+        $keys = $this->getKeys();
+        $pkey = openssl_pkey_get_private($keys['priv']);
+        $signature = '';
+        openssl_sign(json_encode($authCookie), $signature, $pkey) or die("Problem signing request.");
+        $value['sign'] = convert_uuencode($signature);
+        
+        $jsonValue = json_encode($value);
+        $uue = convert_uuencode($jsonValue);
+         
+        $c = Factory::getApplication()->input->cookie;
+        if(! $keep)
+        {
+            $time = 0;
+            $c->set('clubsLoginKeepLoggedIn', '', 0);
+        }
+        else
+        {
+            $time = time() + 3600*24*15;
+            $c->set('clubsLoginKeepLoggedIn', 'true', time() + 3600*24*356*10);
+        }
+        $c->set('clubsLogin', $uue, $time);
+    }
+    
+    public function checkCookie()
+    {
+        $cookie = Factory::getApplication()->input->cookie;
+        $uue = $cookie->get('clubsLogin', '', 'raw');
+        
+        if($uue === '')
+            return false;
+        
+        $jsonValue = convert_uudecode($uue);
+        
+        $value = json_decode($jsonValue, true);
+        $keys = $this->getKeys();
+        $pubkey = openssl_pkey_get_public($keys['public']);
+        $ret = openssl_verify(json_encode($value['auth']), convert_uudecode($value['sign']), $pubkey);
+        
+        if($ret == -1)
+            die("Error checking signature.");
+        
+        if($ret == 1)
+        {
+            // correct signature
+            $this->loginCookie($value['auth']['user'], Factory::getApplication()->input->cookie->get('clubsLoginKeepLoggedIn', false));
+            return true;
+        }
+        else
+        {
+            // wrong signature
+            $this->logoffCookie();
+            return false;
+        }
+    }
+    
+    private function getKeys()
+    {
+        $keyModel = BaseDatabaseModel::getInstance('signkey', 'ClubsModel');
+        return $keyModel->getKeys();
+    }
+    
+    public function setKeepLoggedIn($keep)
+    {
+        $c = Factory::getApplication()->input->cookie;
+        
+        if($keep)
+        {
+            $c->set('clubsLoginKeepLoggedIn', 'true', time() + 3600*24*365*10);
+        }
+        else
+        {
+            $c->set('clubsLoginKeepLoggedIn', '', 0);
+        }
+    }
+    
+}
diff --git a/src/site/models/signkey.php b/src/site/models/signkey.php
new file mode 100644
index 0000000..c95a641
--- /dev/null
+++ b/src/site/models/signkey.php
@@ -0,0 +1,60 @@
+<?php
+
+use Joomla\CMS\MVC\Model\BaseDatabaseModel;
+use Joomla\CMS\Factory;
+
+// No direct access.
+defined('_JEXEC') or die;
+
+class ClubsModelSignkey extends BaseDatabaseModel
+{
+    
+    public function getKeys()
+    {
+        $db = Factory::getDbo();
+        $query = $db->getQuery(true);
+        $query->select('privkey,publickey')
+            ->from("#__club_keys");
+        $db->setQuery($query);
+        $result = $db->loadAssoc();
+        $query->clear();
+        
+        $ret = array();
+        if($result == null)
+        {
+            // No key was yet generated
+            $ret = $this->genKeyPair();
+            $this->saveKeyPair($db, $ret);
+        }
+        else
+        {
+            $ret['priv'] = $result['privkey'];
+            $ret['public'] = $result['publickey'];
+        }
+        return $ret;
+    }
+    
+    private function genKeyPair()
+    {
+        $ret = array();
+        
+        $pkey = openssl_pkey_new();
+        openssl_pkey_export($pkey, $ret['priv']) or die ("Error generating key.");
+        $details = openssl_pkey_get_details($pkey);
+        $ret['public'] = $details['key'];
+        
+        return $ret;
+    }
+    
+    private function saveKeyPair($db, $ret)
+    {
+        $query = $db->getQuery(true);
+        $query->insert('#__club_keys');
+        $query->into('privkey, publickey');
+        $query->values($db->q($ret['priv']) . ', ' . $db->q($ret['public']));
+        $db->setQuery($query);
+        $db->execute();
+        $query->clear();
+    }
+    
+}
diff --git a/src/site/models/user.php b/src/site/models/user.php
new file mode 100644
index 0000000..57b2d97
--- /dev/null
+++ b/src/site/models/user.php
@@ -0,0 +1,24 @@
+<?php
+
+use Joomla\CMS\MVC\Model\ItemModel;
+use Joomla\CMS\Factory;
+
+// No direct access.
+defined('_JEXEC') or die;
+
+class ClubsModelUser extends ItemModel
+{
+    
+    public function getPassword($username)
+    {
+        $dbo = Factory::getDbo();
+        $query = $dbo->getQuery(true);
+        $query->select('password')
+            ->from("#__club_users")
+            ->where("user = " . $dbo->quote($username));
+        $dbo->setQuery($query);
+        $result = $dbo->loadResult();
+        
+        return $result;
+    }
+}
diff --git a/src/site/views/clubs/tmpl/default.php b/src/site/views/clubs/tmpl/default.php
new file mode 100644
index 0000000..6131173
--- /dev/null
+++ b/src/site/views/clubs/tmpl/default.php
@@ -0,0 +1,7 @@
+<?php
+
+// No direct access.
+defined('_JEXEC') or die;
+
+?>
+asd
diff --git a/src/site/views/clubs/view.html.php b/src/site/views/clubs/view.html.php
new file mode 100644
index 0000000..ef2c307
--- /dev/null
+++ b/src/site/views/clubs/view.html.php
@@ -0,0 +1,10 @@
+<?php
+
+use Joomla\CMS\MVC\View\HtmlView;
+
+// No direct access.
+defined('_JEXEC') or die;
+
+class ClubsViewClubs extends HtmlView
+{
+}
diff --git a/src/site/views/login/tmpl/default.php b/src/site/views/login/tmpl/default.php
new file mode 100644
index 0000000..4c4675d
--- /dev/null
+++ b/src/site/views/login/tmpl/default.php
@@ -0,0 +1,22 @@
+<?php
+use Joomla\CMS\Factory;
+
+if($this->state === "failed")
+{
+?>
+<p class='error'>Benutzername oder Passwort sind falsch.</p>
+<?php 
+}
+?>
+<form method="post" action="?option=com_clubs&task=login.login">
+<p>
+Username:<br />
+<input name="user" type="text">
+</p>
+<p>
+Passwort:<br />
+<input name="password" type="password">
+</p>
+<p><input type="checkbox" name='keep' value='true' <?php if(Factory::getApplication()->input->cookie->get('clubsLoginKeepLoggedIn','') === 'true') echo "checked";?>> Keep me logged in</p>
+<p><input type="submit" value="Einloggen"></p>
+</form>
diff --git a/src/site/views/login/tmpl/logout.php b/src/site/views/login/tmpl/logout.php
new file mode 100644
index 0000000..72c176e
--- /dev/null
+++ b/src/site/views/login/tmpl/logout.php
@@ -0,0 +1,7 @@
+<?php
+
+// No direct access.
+defined('_JEXEC') or die;
+
+?>
+<a href='?option=com_clubs&task=login.logout'>Logout</a>
diff --git a/src/site/views/login/view.html.php b/src/site/views/login/view.html.php
new file mode 100644
index 0000000..0d03c86
--- /dev/null
+++ b/src/site/views/login/view.html.php
@@ -0,0 +1,30 @@
+<?php
+
+use Joomla\CMS\MVC\View\HtmlView;
+use Joomla\CMS\Factory;
+
+// No direct access.
+defined('_JEXEC') or die;
+
+JLoader::register("ClubsHelperAuth", JPATH_ROOT . "/components/com_clubs/helpers/auth.php");
+
+class ClubsViewLogin extends HtmlView
+{
+    
+    public function display($tpl = null)
+    {
+        $helper = new ClubsHelperAuth();
+        if($helper->checkCookie())
+        {
+            // we are logged in
+            $this->setLayout('logout');
+            parent::display(null);
+        }
+        else
+        {
+            $this->state = Factory::getApplication()->input->get("state", "");
+            parent::display($tpl);
+        }
+    }
+    
+}