oDb = $oDb; $this->setUserId(0); $this->sApiKey = $sApiKey; if($bAutoLogin) $this->autoLogIn(); } private function setUserId($iUserId) { $this->iUserId = $iUserId; } public function getUserId() { return $this->iUserId; } public function isLoggedIn() { return ($this->getUserId() > 0); } public function logMeIn($sToken) { $sDesc = ''; $asUser = $this->getUserFromToken($sToken); if($asUser['success']) { if(self::CheckPassword($asUser['http_pass'], $asUser['pass'])) { $this->setUserId($asUser[Db::getId(MyThoughts::USER_TABLE)]); $this->resetAuthCookie($this->getUserId()); } else $sDesc = 'wrong password'; } else $sDesc = $asUser['desc']; return array('success'=>$this->isLoggedIn(), 'desc'=>$sDesc); } public function register($sToken, $sNickName, $bLogMeIn=false) { $bSuccess = false; $sDesc = self::DEFAULT_ERROR; $asUser = $this->getUserFromToken($sToken); if(array_key_exists('unknown_user', $asUser)) { $iUserId = $this->addUser($asUser['username'], $sNickName, $asUser['pass'], $bLogMeIn); if($iUserId > 0) $bSuccess = true; else $sDesc = 'Error: Could not add user'; } else $sDesc = 'Someone is already using this nickname, sorry!'; $asResult = array('success'=>$bSuccess, 'desc'=>$sDesc); return $asResult; } private function getUserFromToken($sToken) { $asResult = array(); $bSuccess = false; $sDesc = self::DEFAULT_ERROR; if($sToken!='') { $asResult['username'] = addslashes(strstr($sToken, self::TOKEN_SEP, true)); $asResult['http_pass'] = substr(strstr($sToken, self::TOKEN_SEP), strlen(self::TOKEN_SEP)); if($asResult['username']!='' && $asResult['http_pass']!='') { $asUser = $this->oDb->selectRow(MyThoughts::USER_TABLE, array(Db::getText(MyThoughts::USER_TABLE)=>$asResult['username'])); if(!empty($asUser)) { $asResult = $asUser; $bSuccess = true; } else { $asResult['unknown_user'] = true; $sDesc = 'unknown nickname'; } } else $sDesc = 'corrupted token, please login again'; } else $sDesc = 'no credentials has been received by the server'; $asResult['success'] = $bSuccess; $asResult['desc'] = $sDesc; return $asResult; } public function autoLogIn() { if(isset($_COOKIE[self::USER_COOKIE_PASS])) { $sCookie = $_COOKIE[self::USER_COOKIE_PASS]; $iUserId = addslashes(strstr($sCookie, self::TOKEN_SEP, true)); $sCookie = substr(strstr($sCookie, self::TOKEN_SEP), strlen(self::TOKEN_SEP)); $asEmpl = $this->oDb->selectRow(MyThoughts::USER_TABLE, array(Db::getId(MyThoughts::USER_TABLE)=>$iUserId)); if(!empty($asEmpl)) { if($sCookie==$asEmpl['cookie']) { $this->setUserId($asEmpl[Db::getId(MyThoughts::USER_TABLE)]); //Reset pass once a day if(mb_substr($asEmpl['led'], 0, 10) != date('Y-m-d')) $this->resetAuthCookie($this->getUserId()); } else $this->addError('token corrompu pour le user '.$asEmpl[Db::getId(MyThoughts::USER_TABLE)]); } else $this->addError('Utilisateur '.$iUserId.' inconnu'); } } public function addUser($sUserName, $sNickName, $sPass, $bLogMeIn=false) { $sPass = self::HashPassword($sPass); $bExist = $this->oDb->pingValue(MyThoughts::USER_TABLE, array(Db::getText(MyThoughts::USER_TABLE)=>$sUserName)); if($bExist) return -1; else { $iUserId = $this->oDb->insertRow(MyThoughts::USER_TABLE, array(Db::getText(MyThoughts::USER_TABLE)=>$sUserName, 'nickname'=>$sNickName, 'pass'=>$sPass)); if($iUserId>0 && $bLogMeIn) { $this->logMeIn($sUserName.self::TOKEN_SEP.$sPass); } } return $iUserId; } //TODO integrate with logMeIn() public function checkApiKey($sApiKey) { return ($this->sApiKey!='' && $sApiKey==$this->sApiKey); } private function resetPass($iUserId=0) { $sUserIdCol = Db::getId(MyThoughts::USER_TABLE); $sUserTextCol = Db::getText(MyThoughts::USER_TABLE); $asInfo = array('select'=>array($sUserIdCol, $sUserTextCol), 'from'=>MyThoughts::USER_TABLE); if($iUserId>0) $asInfo['constraint'] = array($sUserIdCol=>$iUserId); $asUsers = $this->oDb->selectRows($asInfo); foreach($asUsers as $asUser) { $sToken = self::HashPassword(self::getLoginToken($asUser[$sUserTextCol])); $this->oDb->updateRow(MyThoughts::USER_TABLE, array(Db::getId(MyThoughts::USER_TABLE)=>$asUser[$sUserIdCol]), array('pass'=>$sToken)); } } private static function getLoginToken($sPass) { //Add Server Name $sServerName = array_key_exists('SERVER_NAME', $_SERVER)?$_SERVER['SERVER_NAME']:$_SERVER['PWD']; $sAppPath = $_SERVER['REQUEST_SCHEME'].'://'.str_replace(array('http://', 'https://'), '', $sServerName.dirname($_SERVER['SCRIPT_NAME'])); $_GET['serv_name'] = $sAppPath.(mb_substr($sAppPath, -1)!='/'?'/':''); return md5($sPass.$_GET['serv_name']); } private function resetAuthCookie($iUserId) { $sNewPass = self::getAuthCookie($iUserId); $iTimeLimit = time()+60*60*24*30; //mysqli_query($con, "UPDATE EMPLOYEE SET COOKIE = '".addslashes($sNewPass)."' WHERE ID = ".$iUserId); $this->oDb->updateRow(MyThoughts::USER_TABLE, array(Db::getId(MyThoughts::USER_TABLE)=>$iUserId), array("cookie"=>$sNewPass)); setcookie(self::USER_COOKIE_PASS, $iUserId.self::TOKEN_SEP.$sNewPass, $iTimeLimit); } private static function getAuthCookie() { return self::HashPassword ( $_SERVER['HTTP_USER_AGENT']. $_SERVER['REMOTE_ADDR']. $_SERVER['REQUEST_TIME']. mb_strstr(microtime(), ' ', true). $_SERVER['SERVER_SIGNATURE']. $_SERVER['SERVER_ADMIN'] ); } private static function HashPassword($sPass) { return password_hash($sPass, self::ALGO, array('cost'=>self::COST)); } private static function CheckPassword($sPass, $sHash) { return password_verify($sPass, $sHash); } } ?>