new cookie session system

composer require JWT
user stores sessions

1 files changed, 20 insertions, 7 deletions

diff --git a/app/class/Controller.php b/app/class/Controller.php
index 11a2c12..c631726 100644
--- a/app/class/Controller.php
+++ b/app/class/Controller.php
@@ -45,17 +45,30 @@ class Controller
 
     public function setuser()
     {
-        if (empty($this->session->user)) {
-            $this->user = new User();
-        } else {
-            if (!$this->user = $this->usermanager->get($this->session->user)) {
-                if (!$this->user = $this->usermanager->readcookie()) {
-                    $this->user = new User();
+        // check session, then cookies
+        if (!empty($this->session->user)) {
+            $user = $this->usermanager->get($this->session->user);
+        } elseif (!empty($_COOKIE['authtoken'])) {
+            try {
+                $modelconnect = new Modelconnect();
+                $datas = $modelconnect->checkcookie();
+                $user = $this->usermanager->get($datas['userid']);
+                if ($user !== false && $user->checksession($datas['wsession'])) {
+                    $this->session->addtosession("wsession", $datas['wsession']);
+                    $this->session->addtosession("user", $datas['userid']);
                 } else {
-                    $this->session->addtosession('user', $this->user->id());
+                    $user = false;
                 }
+            } catch (Exception $e) {
+                Model::sendflashmessage("Invalid Autentification cookie exist : $e", "warning");
             }
         }
+        // create visitor
+        if (empty($user)) {
+            $this->user = new User();
+        } else {
+            $this->user = $user;
+        }
     }
 
     public function initplates()