mirror of
https://github.com/pierre42100/ComunicAPI
synced 2024-12-25 13:08:58 +00:00
Can check user password in $_POST request
This commit is contained in:
parent
c5c3076c67
commit
fd86f954c4
@ -198,6 +198,32 @@ class AccountComponent {
|
||||
return CS::get()->db->addLine(self::USER_TABLE, $values);
|
||||
}
|
||||
|
||||
/**
|
||||
* Check if a password is valid for a user
|
||||
*
|
||||
* @param int $userID Target user ID : The ID of the user to check
|
||||
* @param string $password The password to check
|
||||
* @return bool TRUE if the password is valid / FALSE else
|
||||
*/
|
||||
public function checkUserPassword(int $userID, string $password){
|
||||
|
||||
//Crypt password
|
||||
$password = $this->cryptPassword($password);
|
||||
|
||||
//Prepare request over the database
|
||||
$conditions = array(
|
||||
"ID" => $userID,
|
||||
"password" => $password
|
||||
);
|
||||
|
||||
$data = CS::get()->db->splitConditionsArray($conditions);
|
||||
$sql_conds = "WHERE ".$data[0];
|
||||
$values = $data[1];
|
||||
|
||||
//Perform request and return result
|
||||
return CS::get()->db->count(self::USER_TABLE, $sql_conds, $values) > 0;
|
||||
}
|
||||
|
||||
/**
|
||||
* Crypt user password
|
||||
*
|
||||
|
@ -9,9 +9,9 @@
|
||||
* A function that check login information are specified,
|
||||
* else it quit the scripts because of missing login
|
||||
*
|
||||
* @return Boolean True for a success
|
||||
* @return bool True for a success
|
||||
*/
|
||||
function user_login_required() : bool{
|
||||
function user_login_required() : bool {
|
||||
if(!user_signed_in()){
|
||||
Rest_fatal_error(401, "This function requires user to be logged in!");
|
||||
}
|
||||
@ -23,7 +23,7 @@ function user_login_required() : bool{
|
||||
/**
|
||||
* Check wether the user is signed in or not
|
||||
*
|
||||
* @return TRUE if user is signed in / FALSE else
|
||||
* @return bool TRUE if user is signed in / FALSE else
|
||||
*/
|
||||
function user_signed_in() : bool {
|
||||
|
||||
@ -38,4 +38,24 @@ function user_signed_in() : bool {
|
||||
//User seems to be signed in
|
||||
return true;
|
||||
|
||||
}
|
||||
|
||||
/**
|
||||
* Check the validity of a password provided in a $_POST request
|
||||
*
|
||||
* @param int $userID The ID of the user to check
|
||||
* @param string $name The name of the POST field containing the password
|
||||
* @return bool TRUE in case of success / (stop by default in case of failure)
|
||||
*/
|
||||
function check_post_password(int $userID, string $name) : bool {
|
||||
|
||||
//Get POST field
|
||||
$password = postString($name, 2);
|
||||
|
||||
//Check the password
|
||||
if(!components()->account->checkUserPassword($userID, $password))
|
||||
Rest_fatal_error(401, "The password is invalid!");
|
||||
|
||||
//Else the password seems to be valid
|
||||
return TRUE;
|
||||
}
|
Loading…
Reference in New Issue
Block a user