oMySql = $oMySql; $this->setUserId(0); $this->sApiKey = $sApiKey; $this->autoLogIn(); } private function setUserId($iUserId) { $this->iUserId = $iUserId; } public function getUserId() { return $this->iUserId; } public function isLoggedIn() { return ($this->getUserId() > 0); } public function logMeIn($sToken) { $sDesc = ''; if($sToken!='') { $sLoginToken = addslashes(strstr($sToken, self::TOKEN_SEP, true)); $sPassToken = substr(strstr($sToken, self::TOKEN_SEP), strlen(self::TOKEN_SEP)); if($sLoginToken!='' && $sPassToken!='') { $asEmpl = $this->oMySql->selectRow("EMPLOYEE", array('MD5(EMAIL)'=>$sLoginToken)); if(!empty($asEmpl)) { if(self::CheckPassword($sPassToken, $asEmpl['PASS'])) { $this->setUserId($asEmpl['ID']); $this->resetAuthCookie($this->getUserId()); } else $sDesc = 'mot de passe incorrect'; } else $sDesc = 'email inconnu'; } else $sDesc = 'token corrompu'; } else $sDesc = 'Aucune information reçue par le serveur'; return CvTheque::getJsonResult($this->isLoggedIn(), $sDesc); } public function autoLogIn() { if(isset($_COOKIE[self::USER_COOKIE_PASS])) { $sCookie = $_COOKIE[self::USER_COOKIE_PASS]; $iUserId = addslashes(strstr($sCookie, self::TOKEN_SEP, true)); $sCookie = substr(strstr($sCookie, self::TOKEN_SEP), strlen(self::TOKEN_SEP)); $asEmpl = $this->oMySql->selectRow("EMPLOYEE", array('ID'=>$iUserId)); if(!empty($asEmpl)) { if($sCookie==$asEmpl['COOKIE']) { $this->setUserId($asEmpl['ID']); //Reset pass once a day if(mb_substr($asEmpl['LED'], 0, 10) != date('Y-m-d')) $this->resetAuthCookie($this->getUserId()); } else $this->addError('token corrompu pour le user '.$asEmpl['ID']); } else $this->addError('Utilisateur '.$iUserId.' inconnu'); } } //TODO integrate with logMeIn() public function checkApiKey($sApiKey) { return ($this->sApiKey!='' && $sApiKey==$this->sApiKey); } public function resetPass($iUserId=0) { if($iUserId>0) $asUsers = array($iUserId); else $asUsers = $this->oMySql->selectRows(array('select'=>array('ID'), 'from'=>'EMPLOYEE')); foreach($asUsers as $iUserId) { $sToken = $this->HashPassword(self::getLoginToken(self::DEFAULT_PASS)); $this->oMySql->updateRow('EMPLOYEE', array('ID'=>$iUserId), array('pass'=>$sToken)); } } private static function getLoginToken($sPass) { //Add Server Name $sServerName = array_key_exists('SERVER_NAME', $_SERVER)?$_SERVER['SERVER_NAME']:$_SERVER['PWD']; $sAppPath = 'http://'.str_replace('http://', '', $sServerName.dirname($_SERVER['SCRIPT_NAME'])); $_GET['serv_name'] = $sAppPath.(mb_substr($sAppPath, -1)!='/'?'/':''); return md5($sPass.$_GET['serv_name']); } private function resetAuthCookie($iUserId) { $sNewPass = self::getAuthCookie($iUserId); $iTimeLimit = time()+60*60*24*30; //mysqli_query($con, "UPDATE EMPLOYEE SET COOKIE = '".addslashes($sNewPass)."' WHERE ID = ".$iUserId); $this->oMySql->updateRow("EMPLOYEE", array("ID"=>$iUserId), array("COOKIE"=>$sNewPass)); setcookie(self::USER_COOKIE_PASS, $iUserId.self::TOKEN_SEP.$sNewPass, $iTimeLimit); } private static function getAuthCookie() { return self::HashPassword ( $_SERVER['HTTP_USER_AGENT']. $_SERVER['REMOTE_ADDR']. $_SERVER['REQUEST_TIME']. mb_strstr(microtime(), ' ', true). $_SERVER['SERVER_SIGNATURE']. $_SERVER['SERVER_ADMIN'] ); } private static function HashPassword($sPass) { return password_hash($sPass, self::ALGO, array('cost'=>self::COST)); } private static function CheckPassword($sPass, $sHash) { return password_verify($sPass, $sHash); } } ?>