refactor(auth): replace myth/auth with codeigniter/shield + define new roles

closes #222

modules/Auth/Controllers/MagicLinkController.php

@@ -0,0 +1,76 @@
+<?php
+
+declare(strict_types=1);
+
+namespace Modules\Auth\Controllers;
+
+use CodeIgniter\HTTP\RedirectResponse;
+use CodeIgniter\HTTP\RequestInterface;
+use CodeIgniter\HTTP\ResponseInterface;
+use CodeIgniter\Shield\Controllers\MagicLinkController as ShieldMagicLinkController;
+use Modules\Auth\Models\UserModel;
+use Psr\Log\LoggerInterface;
+use ViewThemes\Theme;
+
+/**
+ * Handles "Magic Link" logins - an email-based no-password login protocol. This works much like password reset would,
+ * but Shield provides this in place of password reset. It can also be used on it's own without an email/password login
+ * strategy.
+ */
+class MagicLinkController extends ShieldMagicLinkController
+{
+    public function initController(
+        RequestInterface $request,
+        ResponseInterface $response,
+        LoggerInterface $logger
+    ): void {
+        parent::initController($request, $response, $logger);
+
+        Theme::setTheme('auth');
+    }
+
+    public function setPasswordView(): string | RedirectResponse
+    {
+        if (! session('magicLogin')) {
+            return redirect()->to(config('Auth')->loginRedirect());
+        }
+
+        return view(setting('Auth.views')['magic-link-set-password']);
+    }
+
+    public function setPasswordAction(): RedirectResponse
+    {
+        $rules = [
+            'new_password' => 'required|strong_password',
+        ];
+
+        $userModel = new UserModel();
+        if (! $this->validate($rules)) {
+            return redirect()
+                ->back()
+                ->withInput()
+                ->with('errors', $userModel->errors());
+        }
+
+        // set new password to user
+        auth()
+            ->user()
+            ->password = $this->request->getPost('new_password');
+
+        if (! $userModel->update(auth()->user()->id, auth()->user())) {
+            return redirect()
+                ->back()
+                ->withInput()
+                ->with('errors', $userModel->errors());
+        }
+
+        // remove magic login session to reinstate normal check
+        if (session('magicLogin')) {
+            session()->removeTempdata('magicLogin');
+        }
+
+        // Success!
+        return redirect()->to(config('Auth')->loginRedirect())
+            ->with('message', lang('MyAccount.messages.passwordChangeSuccess'));
+    }
+}