Comunic/ComunicAPI
1
0
Fork 0
mirror of https://github.com/pierre42100/ComunicAPI synced 2024-11-23 13:59:29 +00:00
Code Issues Projects Releases Wiki Activity

Created account component

Browse Source
This commit is contained in:
Pierre 2018-04-11 10:45:22 +02:00
parent 32f2d6bb0f
commit ea5257c478
5 changed files with 185 additions and 162 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
RestControllers/userController.php
View File

@ -28,7 +28,7 @@ class userController
$userPassword = $_POST['userPassword']; $userPassword = $_POST['userPassword'];
//Try to perform login //Try to perform login
$loginTokens = CS::get()->components->user->generateUserLoginTokens($userMail, $userPassword, APIServiceID, $db); $loginTokens = CS::get()->components->account->generateUserLoginTokens($userMail, $userPassword, APIServiceID, $db);
if(count($loginTokens) == 0) if(count($loginTokens) == 0)
throw new RestException(401, "Invalid e-mail address / password !"); throw new RestException(401, "Invalid e-mail address / password !");
@ -53,7 +53,7 @@ class userController
user_login_required(); user_login_required();
//Try to delete token //Try to delete token
if(!CS::get()->components->user->deleteUserLoginToken(userID, APIServiceID)) if(!CS::get()->components->account->deleteUserLoginToken(userID, APIServiceID))
throw new RestException(500, "Something went wrong while trying to logout user !"); throw new RestException(500, "Something went wrong while trying to logout user !");
//Everything is ok //Everything is ok

172
classes/components/account.php Normal file
View File

@ -0,0 +1,172 @@
<?php
/**
* User account class
*
* @author Pierre HUBERT
*/
class Account {
/**
* @var String $userTable The name of the user table
*/
const USER_TABLE = "utilisateurs";
/**
* @var String $userLoginAPItable The name of the table that contains logins performed on the API
*/
private $userLoginAPItable = "";
/**
* Public constructor
*/
public function __construct(){
$this->userLoginAPItable = CS::get()->config->get("dbprefix")."API_userLoginToken";
}
/**
* Try to login user with returning a service token
*
* @param string $email The e-mail address of the user
* @param string $password The password of the user
* @param int $serviceID The ID of the service
* @return array Tokens if success, false if fails
*/
public function generateUserLoginTokens(string $email, string $password, int $serviceID) : array{
//Try to find user ID in the database
$conditions = "WHERE mail = ? AND password = ?";
$values = array(
$email,
$this->cryptPassword($password)
);
$userInfos = CS::get()->db->select(Account::USER_TABLE, $conditions, $values);
//Check if there is anything
if(count($userInfos) == 0)
return array(); //Not any account was found
//Extract first value ID
$userID = $userInfos[0]['ID'];
//Check if any other token already exists
$existingTokens = $this->getUserLoginTokenByIDs($userID, $serviceID, CS::get()->db);
if(is_array($existingTokens)){
//Return result
return $existingTokens;
}
//Generate random tokens
$token1 = random_str(75);
$token2 = random_str(75);
//Insert token in the database
$tableName = $this->userLoginAPItable;
$insertValues = array(
"ID_utilisateurs" => $userID,
"ID_".CS::get()->config->get("dbprefix")."API_ServicesToken" => $serviceID,
"token1" => $token1,
"token2" => $token2
);
if(!CS::get()->db->addLine($tableName, $insertValues))
return array(); //Something went wrong
//We can return tokens
return array($token1, $token2);
}
/**
* Get token with the help of userID and serviceID
*
* @param int $userID The ID of the user
* @param int $serviceID The ID of the service
* @return FALSE if it fails, or tokens if success
*/
private function getUserLoginTokenByIDs(int $userID, int $serviceID) {
//Prepare database request
$conditions = "WHERE ID_utilisateurs = ? AND ID_".CS::get()->config->get("dbprefix")."API_ServicesToken = ?";
$values = array(
$userID,
$serviceID
);
$tokenInfos = CS::get()->db->select($this->userLoginAPItable, $conditions, $values);
if(count($tokenInfos) == 0)
return false; //There is nobody at this address
else {
//Return tokens
$token1 = $tokenInfos[0]['token1'];
$token2 = $tokenInfos[0]['token2'];
return array($token1, $token2);
}
}
/**
* Delete token from given informations
*
* @param int $userID The ID of the user to delete
* @param string $serviceID The service ID
* @return bool False if it fails
*/
public function deleteUserLoginToken(int $userID, string $serviceID) : bool {
//Prepare database request
$condition = "ID_utilisateurs = ? AND ID_".CS::get()->config->get("dbprefix")."API_ServicesToken = ?";
$values = array(
$userID,
$serviceID
);
//Try to perform request
if(!CS::get()->db->deleteEntry($this->userLoginAPItable, $condition, $values))
return false; //Something went wrong during the request
//Everything is ok
return true;
}
/**
* Get User ID from token
*
* @param int $serviceID The ID of the service
* @param array $tokens The user login tokens
* @return int User ID (0 for a failure)
*/
public function getUserIDfromToken(int $serviceID, array $tokens) : int {
//Check token number
if(count($tokens) != 2)
return 0;
//Prepare database request
$tablesName = $this->userLoginAPItable;
$conditions = "WHERE ".$this->userLoginAPItable.".ID_".CS::get()->config->get("dbprefix")."API_ServicesToken = ? AND ".$this->userLoginAPItable.".token1 = ? AND ".$this->userLoginAPItable.".token2 = ?";
$conditionsValues = array(
$serviceID,
$tokens[0],
$tokens[1]
);
//Perform request
$userInfos = CS::get()->db->select($tablesName, $conditions, $conditionsValues);
//Check if result is correct or not
if(count($userInfos) == 0)
return 0; //No result
//Return ID
return $userInfos[0]["ID_utilisateurs"];
}
/**
* Crypt user password
*
* @param string $userPassword The password to crypt
* @return string The encrypted password
*/
public function cryptPassword(string $userPassword) : string {
return crypt(sha1($userPassword), sha1($userPassword));
}
}
//Register class
Components::register("account", new Account());

169
classes/components/user.php
View File

@ -10,12 +10,7 @@ class User{
/** /**
* @var String $userTable The name of the user table * @var String $userTable The name of the user table
*/ */
private $userTable = "utilisateurs"; const USER_TABLE = "utilisateurs";
/**
* @var String $userLoginAPItable The name of the table that contains logins performed on the API
*/
private $userLoginAPItable = "";
/** /**
* Pages visiblity levels * Pages visiblity levels
@ -29,143 +24,9 @@ class User{
* Public constructor * Public constructor
*/ */
public function __construct(){ public function __construct(){
$this->userLoginAPItable = CS::get()->config->get("dbprefix")."API_userLoginToken";
} }
/**
* Try to login user with returning a service token
*
* @param string $email The e-mail address of the user
* @param string $password The password of the user
* @param int $serviceID The ID of the service
* @return array Tokens if success, false if fails
*/
public function generateUserLoginTokens(string $email, string $password, int $serviceID) : array{
//Try to find user ID in the database
$conditions = "WHERE mail = ? AND password = ?";
$values = array(
$email,
$this->cryptPassword($password)
);
$userInfos = CS::get()->db->select($this->userTable, $conditions, $values);
//Check if there is anything
if(count($userInfos) == 0)
return array(); //Not any account was found
//Extract first value ID
$userID = $userInfos[0]['ID'];
//Check if any other token already exists
$existingTokens = $this->getUserLoginTokenByIDs($userID, $serviceID, CS::get()->db);
if(is_array($existingTokens)){
//Return result
return $existingTokens;
}
//Generate random tokens
$token1 = random_str(75);
$token2 = random_str(75);
//Insert token in the database
$tableName = $this->userLoginAPItable;
$insertValues = array(
"ID_utilisateurs" => $userID,
"ID_".CS::get()->config->get("dbprefix")."API_ServicesToken" => $serviceID,
"token1" => $token1,
"token2" => $token2
);
if(!CS::get()->db->addLine($tableName, $insertValues))
return array(); //Something went wrong
//We can return tokens
return array($token1, $token2);
}
/**
* Get token with the help of userID and serviceID
*
* @param int $userID The ID of the user
* @param int $serviceID The ID of the service
* @return FALSE if it fails, or tokens if success
*/
private function getUserLoginTokenByIDs(int $userID, int $serviceID) {
//Prepare database request
$conditions = "WHERE ID_utilisateurs = ? AND ID_".CS::get()->config->get("dbprefix")."API_ServicesToken = ?";
$values = array(
$userID,
$serviceID
);
$tokenInfos = CS::get()->db->select($this->userLoginAPItable, $conditions, $values);
if(count($tokenInfos) == 0)
return false; //There is nobody at this address
else {
//Return tokens
$token1 = $tokenInfos[0]['token1'];
$token2 = $tokenInfos[0]['token2'];
return array($token1, $token2);
}
}
/**
* Delete token from given informations
*
* @param int $userID The ID of the user to delete
* @param string $serviceID The service ID
* @return bool False if it fails
*/
public function deleteUserLoginToken(int $userID, string $serviceID) : bool {
//Prepare database request
$condition = "ID_utilisateurs = ? AND ID_".CS::get()->config->get("dbprefix")."API_ServicesToken = ?";
$values = array(
$userID,
$serviceID
);
//Try to perform request
if(!CS::get()->db->deleteEntry($this->userLoginAPItable, $condition, $values))
return false; //Something went wrong during the request
//Everything is ok
return true;
}
/**
* Get User ID from token
*
* @param int $serviceID The ID of the service
* @param array $tokens The user login tokens
* @return int User ID (0 for a failure)
*/
public function getUserIDfromToken(int $serviceID, array $tokens) : int {
//Check token number
if(count($tokens) != 2)
return 0;
//Prepare database request
$tablesName = $this->userLoginAPItable;
$conditions = "WHERE ".$this->userLoginAPItable.".ID_".CS::get()->config->get("dbprefix")."API_ServicesToken = ? AND ".$this->userLoginAPItable.".token1 = ? AND ".$this->userLoginAPItable.".token2 = ?";
$conditionsValues = array(
$serviceID,
$tokens[0],
$tokens[1]
);
//Perform request
$userInfos = CS::get()->db->select($tablesName, $conditions, $conditionsValues);
//Check if result is correct or not
if(count($userInfos) == 0)
return 0; //No result
//Return ID
return $userInfos[0]["ID_utilisateurs"];
}
/** /**
* Get Single User Infos * Get Single User Infos
* *
@ -175,7 +36,7 @@ class User{
*/ */
public function getUserInfos(int $userID, bool $advanced = false) : array { public function getUserInfos(int $userID, bool $advanced = false) : array {
//Prepare database request //Prepare database request
$tablesName = $this->userTable; $tablesName = self::USER_TABLE;
$conditions = "WHERE utilisateurs.ID = ?"; $conditions = "WHERE utilisateurs.ID = ?";
$conditionsValues = array( $conditionsValues = array(
$userID*1, $userID*1,
@ -200,7 +61,7 @@ class User{
*/ */
public function getMultipleUserInfos(array $usersID) : array { public function getMultipleUserInfos(array $usersID) : array {
//Prepare database request //Prepare database request
$tablesName = $this->userTable; $tablesName = self::USER_TABLE;
$conditions = "WHERE (utilisateurs.ID < 0)"; $conditions = "WHERE (utilisateurs.ID < 0)";
$conditionsValues = array(); $conditionsValues = array();
@ -286,7 +147,7 @@ class User{
public function updateLastActivity(int $userID) : bool{ public function updateLastActivity(int $userID) : bool{
//Perform a request on the database //Perform a request on the database
$tableName = $this->userTable; $tableName = self::USER_TABLE;
$conditions = "ID = ?"; $conditions = "ID = ?";
$whereValues = array(userID); $whereValues = array(userID);
$modifs = array( $modifs = array(
@ -308,7 +169,7 @@ class User{
*/ */
public function exists(int $userID) : bool { public function exists(int $userID) : bool {
//Perform a request on the database //Perform a request on the database
$tableName = $this->userTable; $tableName = self::USER_TABLE;
$condition = "WHERE ID = ?"; $condition = "WHERE ID = ?";
$condValues = array($userID); $condValues = array($userID);
$requiredFields = array("ID"); $requiredFields = array("ID");
@ -333,7 +194,7 @@ class User{
public function findByFolder(string $folder) : int { public function findByFolder(string $folder) : int {
//Perform a request on the database //Perform a request on the database
$tableName = $this->userTable; $tableName = self::USER_TABLE;
$condition = "WHERE sous_repertoire = ?"; $condition = "WHERE sous_repertoire = ?";
$condValues = array($folder); $condValues = array($folder);
$requiredFields = array("ID"); $requiredFields = array("ID");
@ -367,7 +228,7 @@ class User{
public function getVisibility(int $userID) : int { public function getVisibility(int $userID) : int {
//Perform a request on the database //Perform a request on the database
$tableName = $this->userTable; $tableName = self::USER_TABLE;
$condition = "WHERE ID = ?"; $condition = "WHERE ID = ?";
$condValues = array($userID); $condValues = array($userID);
@ -482,7 +343,7 @@ class User{
//Perform the request //Perform the request
$result = CS::get()->db->select( $result = CS::get()->db->select(
$this->userTable, self::USER_TABLE,
$conditions, $conditions,
$condValues, $condValues,
$fields $fields
@ -511,7 +372,7 @@ class User{
//Perform the request //Perform the request
$result = CS::get()->db->select( $result = CS::get()->db->select(
$this->userTable, self::USER_TABLE,
$conditions, $conditions,
$condValues, $condValues,
$fields $fields
@ -525,16 +386,6 @@ class User{
return $result[0]["liste_amis_publique"] == 1; return $result[0]["liste_amis_publique"] == 1;
} }
/**
* Crypt user password
*
* @param string $userPassword The password to crypt
* @return string The encrypted password
*/
public function cryptPassword(string $userPassword) : string {
return crypt(sha1($userPassword), sha1($userPassword));
}
} }
//Register class //Register class

2
classes/comunicAPI.php
View File

@ -5,7 +5,7 @@
* @author Pierre HUBERT * @author Pierre HUBERT
*/ */
class CS{ class CS {
/** /**
* @var CS $instance Instance object copy * @var CS $instance Instance object copy

2
index.php
View File

@ -53,7 +53,7 @@ else {
//Check if login tokens where specified //Check if login tokens where specified
if(isset($_POST['userToken1']) AND isset($_POST['userToken2'])){ if(isset($_POST['userToken1']) AND isset($_POST['userToken2'])){
//Try to login user //Try to login user
$userID = $cs->components->user->getUserIDfromToken(APIServiceID, array( $userID = $cs->components->account->getUserIDfromToken(APIServiceID, array(
$_POST['userToken1'], $_POST['userToken1'],
$_POST['userToken2'] $_POST['userToken2']
)); ));