add bootstrap
This commit is contained in:
81
inc/auth.php
81
inc/auth.php
@@ -6,6 +6,7 @@ class Auth extends PhpObject
|
||||
const COST = 12;
|
||||
const TOKEN_SEP = '|';
|
||||
const USER_COOKIE_PASS = 'checksum';
|
||||
const DEFAULT_ERROR = 'Unknown error';
|
||||
|
||||
/**
|
||||
* Database Connection
|
||||
@@ -42,29 +43,70 @@ class Auth extends PhpObject
|
||||
public function logMeIn($sToken)
|
||||
{
|
||||
$sDesc = '';
|
||||
$asUser = $this->getUserFromToken($sToken);
|
||||
if($asUser['success'])
|
||||
{
|
||||
if(self::CheckPassword($asUser['http_pass'], $asUser['pass']))
|
||||
{
|
||||
$this->setUserId($asUser[Db::getId(MyThoughts::USER_TABLE)]);
|
||||
$this->resetAuthCookie($this->getUserId());
|
||||
}
|
||||
else $sDesc = 'wrong password';
|
||||
}
|
||||
else $sDesc = $asUser['desc'];
|
||||
|
||||
return array('success'=>$this->isLoggedIn(), 'desc'=>$sDesc);
|
||||
}
|
||||
|
||||
public function register($sToken, $sNickName, $bLogMeIn=false)
|
||||
{
|
||||
$bSuccess = false;
|
||||
$sDesc = self::DEFAULT_ERROR;
|
||||
$asUser = $this->getUserFromToken($sToken);
|
||||
|
||||
if(array_key_exists('unknown_user', $asUser))
|
||||
{
|
||||
$iUserId = $this->addUser($asUser['username'], $sNickName, $asUser['pass'], $bLogMeIn);
|
||||
if($iUserId > 0) $bSuccess = true;
|
||||
else $sDesc = 'Error: Could not add user';
|
||||
}
|
||||
else $sDesc = 'Someone is already using this nickname, sorry!';
|
||||
|
||||
$asResult = array('success'=>$bSuccess, 'desc'=>$sDesc);
|
||||
return $asResult;
|
||||
}
|
||||
|
||||
private function getUserFromToken($sToken)
|
||||
{
|
||||
$asResult = array();
|
||||
$bSuccess = false;
|
||||
$sDesc = self::DEFAULT_ERROR;
|
||||
|
||||
if($sToken!='')
|
||||
{
|
||||
$sLoginToken = addslashes(strstr($sToken, self::TOKEN_SEP, true));
|
||||
$sPassToken = substr(strstr($sToken, self::TOKEN_SEP), strlen(self::TOKEN_SEP));
|
||||
if($sLoginToken!='' && $sPassToken!='')
|
||||
$asResult['username'] = addslashes(strstr($sToken, self::TOKEN_SEP, true));
|
||||
$asResult['http_pass'] = substr(strstr($sToken, self::TOKEN_SEP), strlen(self::TOKEN_SEP));
|
||||
if($asResult['username']!='' && $asResult['http_pass']!='')
|
||||
{
|
||||
$asEmpl = $this->oDb->selectRow(MyThoughts::USER_TABLE, array("MD5(".Db::getText(MyThoughts::USER_TABLE).")"=>$sLoginToken));
|
||||
if(!empty($asEmpl))
|
||||
$asUser = $this->oDb->selectRow(MyThoughts::USER_TABLE, array(Db::getText(MyThoughts::USER_TABLE)=>$asResult['username']));
|
||||
if(!empty($asUser))
|
||||
{
|
||||
if(self::CheckPassword($sPassToken, $asEmpl['pass']))
|
||||
{
|
||||
$this->setUserId($asEmpl[Db::getId(MyThoughts::USER_TABLE)]);
|
||||
$this->resetAuthCookie($this->getUserId());
|
||||
}
|
||||
else $sDesc = 'wrong password';
|
||||
$asResult = $asUser;
|
||||
$bSuccess = true;
|
||||
}
|
||||
else
|
||||
{
|
||||
$asResult['unknown_user'] = true;
|
||||
$sDesc = 'unknown nickname';
|
||||
}
|
||||
else $sDesc = 'unknown nickname';
|
||||
}
|
||||
else $sDesc = 'corrupted token, please login again';
|
||||
}
|
||||
else $sDesc = 'no credentials has been received by the server';
|
||||
|
||||
return MyThoughts::getJsonResult($this->isLoggedIn(), $sDesc);
|
||||
$asResult['success'] = $bSuccess;
|
||||
$asResult['desc'] = $sDesc;
|
||||
return $asResult;
|
||||
}
|
||||
|
||||
public function autoLogIn()
|
||||
@@ -91,18 +133,17 @@ class Auth extends PhpObject
|
||||
}
|
||||
}
|
||||
|
||||
public function addUser($sSafeNickName, $sNickName, $bLogMeIn=false)
|
||||
public function addUser($sUserName, $sNickName, $sPass, $bLogMeIn=false)
|
||||
{
|
||||
$sPass = self::HashPassword(self::getLoginToken($sSafeNickName));
|
||||
$bExist = $this->oDb->pingValue(MyThoughts::USER_TABLE, array(Db::getText(MyThoughts::USER_TABLE)=>$sSafeNickName));
|
||||
$sPass = self::HashPassword($sPass);
|
||||
$bExist = $this->oDb->pingValue(MyThoughts::USER_TABLE, array(Db::getText(MyThoughts::USER_TABLE)=>$sUserName));
|
||||
if($bExist) return -1;
|
||||
else
|
||||
{
|
||||
$iUserId = $this->oDb->insertRow(MyThoughts::USER_TABLE, array(Db::getText(MyThoughts::USER_TABLE)=>$sSafeNickName, 'nickname'=>$sNickName, 'pass'=>$sPass));
|
||||
if($iUserId>0)
|
||||
$iUserId = $this->oDb->insertRow(MyThoughts::USER_TABLE, array(Db::getText(MyThoughts::USER_TABLE)=>$sUserName, 'nickname'=>$sNickName, 'pass'=>$sPass));
|
||||
if($iUserId>0 && $bLogMeIn)
|
||||
{
|
||||
$this->resetPass($iUserId);
|
||||
if($bLogMeIn) $this->logMeIn(md5($sSafeNickName).self::TOKEN_SEP.$this->getLoginToken($sSafeNickName));
|
||||
$this->logMeIn($sUserName.self::TOKEN_SEP.$sPass);
|
||||
}
|
||||
}
|
||||
return $iUserId;
|
||||
|
||||
Reference in New Issue
Block a user