Moved the login functionality into its own controller and files

application/controllers/Login.php

@@ -0,0 +1,84 @@
+<?php defined('BASEPATH') or exit('No direct script access allowed');
+
+/* ----------------------------------------------------------------------------
+ * Easy!Appointments - Open Source Web Scheduler
+ *
+ * @package     EasyAppointments
+ * @author      A.Tselegidis <alextselegidis@gmail.com>
+ * @copyright   Copyright (c) 2013 - 2020, Alex Tselegidis
+ * @license     https://opensource.org/licenses/GPL-3.0 - GPLv3
+ * @link        https://easyappointments.org
+ * @since       v1.5.0
+ * ---------------------------------------------------------------------------- */
+
+/**
+ * Login controller.
+ *
+ * Handles the login page functionality. 
+ *
+ * @package Controllers
+ */
+class Login extends EA_Controller {
+    /**
+     * Login constructor.
+     */
+    public function __construct()
+    {
+        parent::__construct();
+
+        $this->load->library('accounts');
+        $this->load->library('email_messages');
+    }
+
+    /**
+     * Render the login page. 
+     */
+    public function index()
+    {
+        $this->load->view('pages/login', [
+            'base_url' => config('base_url'),
+            'company_name' => setting('company_name'),
+            'dest_url' => session('dest_url', site_url('backend'))
+        ]);
+    }
+
+    /**
+     * Validate the provided credentials and start a new session if the validation was successful. 
+     */
+    public function validate()
+    {
+        try
+        {
+            $username = request('username');
+
+            if (empty($username))
+            {
+                throw new InvalidArgumentException('No username value provided.');
+            }
+
+            $password = request('password');
+
+            if (empty($password))
+            {
+                throw new InvalidArgumentException('No password value provided.');
+            }
+
+            $user_data = $this->accounts->check_login($username, $password);
+
+            if (empty($user_data))
+            {
+                throw new InvalidArgumentException('Invalid credentials provided, please try again.');
+            }
+
+            session($user_data); // Save data in the session.
+
+            json_response([
+                'success' => TRUE,
+            ]);
+        }
+        catch (Throwable $e)
+        {
+            json_exception($e);
+        }
+    }
+}

application/controllers/User.php

@@ -35,19 +35,17 @@ class User extends EA_Controller {
      */
     public function index()
     {
-        redirect('user/login');
+        redirect('login');
     }
 
     /**
      * Display the login page.
+     * 
+     * @deprecated Since 1.5 Use the Login controller instead.
      */
     public function login()
     {
-        $this->load->view('pages/account_login_page', [
+        redirect('login');
-            'base_url' => config('base_url'),
-            'company_name' => setting('company_name'),
-            'dest_url' => session('dest_url', site_url('backend'))
-        ]);
     }
 
     /**

assets/js/pages/login.js

@@ -9,10 +9,8 @@
  * @since       v1.4.0
  * ---------------------------------------------------------------------------- */
 
-$(function () {
+(function () {
-    'use strict';
+    const $loginForm = $('#login-form');
-
-    var $loginForm = $('#login-form');
 
     /**
      * Login Button "Click"
@@ -23,19 +21,19 @@ $(function () {
     function onLoginFormSubmit(event) {
         event.preventDefault();
 
-        var url = GlobalVariables.baseUrl + '/index.php/user/ajax_check_login';
+        const url = GlobalVariables.baseUrl + '/index.php/user/ajax_check_login';
 
-        var data = {
+        const data = {
             'csrfToken': GlobalVariables.csrfToken,
             'username': $('#username').val(),
             'password': $('#password').val()
         };
 
-        var $alert = $('.alert');
+        const $alert = $('.alert');
 
         $alert.addClass('d-none');
 
-        $.post(url, data).done(function (response) {
+        $.post(url, data).done((response) => {
             if (response.success) {
                 window.location.href = GlobalVariables.destUrl;
             } else {
@@ -46,4 +44,4 @@ $(function () {
     }
 
     $loginForm.on('submit', onLoginFormSubmit);
-});
+})();