allow to auto-login after registration

Author: maheini

README.md

@@ -705,6 +705,7 @@ You can tune the middleware behavior using middleware specific configuration par
 - "dbAuth.passwordFormField": The name of the form field that holds the password ("password")
 - "dbAuth.newPasswordFormField": The name of the form field that holds the new password ("newPassword")
 - "dbAuth.registerUser": JSON user data (or "1") in case you want the /register endpoint enabled ("")
+- "dbAuth.loginAfterRegistration": 1 or zero if registered users should be logged in after registration ("")
 - "dbAuth.passwordLength": Minimum length that the password must have ("12")
 - "dbAuth.sessionName": The name of the PHP session that is started ("")
 - "jwtAuth.mode": Set to "optional" if you want to allow anonymous access ("required")

src/Tqdev/PhpCrudApi/Middleware/DbAuthMiddleware.php

@@ -87,8 +87,17 @@ public function process(ServerRequestInterface $request, RequestHandlerInterface
                 $this->db->createSingle($table, $data);
                 $users = $this->db->selectAll($table, $columnNames, $condition, $columnOrdering, 0, 1);
                 foreach ($users as $user) {
-                    unset($user[$passwordColumnName]);
-                    return $this->responder->success($user);
+                    if($loginAfterRegistration){
+                        if (!headers_sent()) {
+                            session_regenerate_id(true);
+                        }
+                        unset($user[$passwordColumnName]);
+                        $_SESSION['user'] = $user;
+                        return $this->responder->success($user);
+                    } else {
+                        unset($user[$passwordColumnName]);
+                        return $this->responder->success($user);
+                    }
                 }
                 return $this->responder->error(ErrorCode::AUTHENTICATION_FAILED, $username);
             }