aboutsummaryrefslogtreecommitdiff
path: root/app/class
diff options
context:
space:
mode:
authorvincent-peugnet <v.peugnet@free.fr>2019-01-11 14:13:50 +0100
committervincent-peugnet <v.peugnet@free.fr>2019-01-11 14:13:50 +0100
commitc5a9c71a1fbade72f35b5d39c5f71380436e96ce (patch)
tree9b68052d9a10c095e94486621020147642771214 /app/class
parente399b37761b2385b208283362a77585fe4322dc5 (diff)
downloadwcms-c5a9c71a1fbade72f35b5d39c5f71380436e96ce.tar.gz
wcms-c5a9c71a1fbade72f35b5d39c5f71380436e96ce.zip
password hash option retro compatible
Diffstat (limited to 'app/class')
-rw-r--r--app/class/controllerconnect.php2
-rw-r--r--app/class/controlleruser.php12
-rw-r--r--app/class/model.php3
-rw-r--r--app/class/modeluser.php193
-rw-r--r--app/class/user.php84
5 files changed, 170 insertions, 124 deletions
diff --git a/app/class/controllerconnect.php b/app/class/controllerconnect.php
index 2e3f976..5328447 100644
--- a/app/class/controllerconnect.php
+++ b/app/class/controllerconnect.php
@@ -33,7 +33,7 @@ class Controllerconnect extends Controller
public function login($id)
{
if (isset($_POST['pass'])) {
- $this->user = $this->usermanager->login($_POST['pass']);
+ $this->user = $this->usermanager->passwordcheck($_POST['pass']);
if($this->user != false) {
$this->usermanager->writesession($this->user);
$_SESSION['workspace']['showleftpanel'] = true;
diff --git a/app/class/controlleruser.php b/app/class/controlleruser.php
index 2b32993..8240d55 100644
--- a/app/class/controlleruser.php
+++ b/app/class/controlleruser.php
@@ -23,9 +23,12 @@ class Controlleruser extends Controller
$user = new User($_POST);
if(empty($user->id()) || $this->usermanager->get($user)) {
$this->routedirectget('user', ['error' => 'wrong_id']);
- } elseif(empty($user->password()) || $this->usermanager->passwordexist($user->password())) {
+ } elseif(empty($user->password()) || $this->usermanager->passwordexist($user->password()) || !$user->validpassword()) {
$this->routedirectget('user', ['error' => 'change_password']);
} else {
+ if($user->passwordhashed()) {
+ $user->hashpassword();
+ }
$this->usermanager->add($user);
$this->routedirect('user');
}
@@ -62,13 +65,16 @@ class Controlleruser extends Controller
$userupdate->hydrate($_POST);
if(empty($userupdate->id())) {
$this->routedirectget('user', ['error' => 'wrong_id']);
- } elseif (!empty($_POST['password']) && (empty($userupdate->password()) || $this->usermanager->passwordexist($userupdate->password()))) {
- $this->routedirectget('user', ['error' => 'change_password']);
+ } elseif (!empty($_POST['password']) && (empty($userupdate->password()) || $this->usermanager->passwordexist($userupdate->password()) || !$userupdate->validpassword())) {
+ $this->routedirectget('user', ['error' => 'password_unvalid']);
} elseif (empty($userupdate->level())) {
$this->routedirectget('user', ['error' => 'wrong_level']);
} elseif ($user->level() === 10 && $userupdate->level() !== 10 && $this->user->id() === $user->id()) {
$this->routedirectget('user', ['error' => 'cant_edit_yourself']);
} else {
+ if($userupdate->passwordhashed() && !$user->passwordhashed()) {
+ $userupdate->hashpassword();
+ }
$this->usermanager->add($userupdate);
$this->routedirect('user');
}
diff --git a/app/class/model.php b/app/class/model.php
index b3d5274..88a1bb3 100644
--- a/app/class/model.php
+++ b/app/class/model.php
@@ -20,6 +20,9 @@ abstract class Model
const EDIT_SYMBOLS = ['pen', 'tool', 'none'];
const MAX_ID_LENGTH = 64;
+ const PASSWORD_HASH = true;
+ const PASSWORD_MIN_LENGTH = 4;
+ const PASSWORD_MAX_LENGTH = 32;
/** RENDER OPTIONS */
const RENDER_CLASS_ORIGIN = false;
diff --git a/app/class/modeluser.php b/app/class/modeluser.php
index 7ceaecb..74f1e13 100644
--- a/app/class/modeluser.php
+++ b/app/class/modeluser.php
@@ -13,7 +13,7 @@ class Modeluser extends Modeldb
public function __construct()
{
parent::__construct();
- $this->storeinit(self::USER_REPO_NAME);
+ $this->storeinit(self::USER_REPO_NAME);
}
public function writesession(User $user)
@@ -33,39 +33,15 @@ class Modeluser extends Modeldb
}
}
- public function login($pass)
- {
- $passlevel = $this->passlevel($pass);
- if($passlevel != false) {
- $user = new User($passlevel);
- return $user;
- } else {
- return false;
- }
- }
-
- public function passlevel($pass)
- {
- $userdatalist = $this->repo->query()
- ->where('password', '==', $pass)
- ->execute();
-
- if($userdatalist->total() === 1) {
- return $userdatalist[0];
- } else {
- return 0;
- }
- }
-
- public function invitetest($pass)
- {
- $invitepasslist = [];
- if (in_array($pass, $invitepasslist)) {
- return true;
- } else {
- return false;
- }
- }
+ // public function invitetest($pass)
+ // {
+ // $invitepasslist = [];
+ // if (in_array($pass, $invitepasslist)) {
+ // return true;
+ // } else {
+ // return false;
+ // }
+ // }
public function logout()
{
@@ -76,34 +52,34 @@ class Modeluser extends Modeldb
public function getlister()
- {
- $userlist = [];
- $list = $this->repo->findAll();
- foreach ($list as $userdata) {
- $userlist[$userdata->id] = new User($userdata);
- }
- return $userlist;
- }
-
-
- public function getlisterid(array $idlist = [])
- {
- $userdatalist = $this->repo->query()
- ->where('__id', 'IN', $idlist)
- ->execute();
-
- $userlist = [];
- foreach ($userdatalist as $id => $userdata) {
- $userlist[$id] = new User($userdata);
- }
- return $userlist;
+ {
+ $userlist = [];
+ $list = $this->repo->findAll();
+ foreach ($list as $userdata) {
+ $userlist[$userdata->id] = new User($userdata);
+ }
+ return $userlist;
+ }
+
+
+ public function getlisterid(array $idlist = [])
+ {
+ $userdatalist = $this->repo->query()
+ ->where('__id', 'IN', $idlist)
+ ->execute();
+
+ $userlist = [];
+ foreach ($userdatalist as $id => $userdata) {
+ $userlist[$id] = new User($userdata);
+ }
+ return $userlist;
}
public function admincount()
{
$userdatalist = $this->repo->query()
- ->where('level', '==', 10)
- ->execute();
+ ->where('level', '==', 10)
+ ->execute();
return $userdatalist->total();
}
@@ -111,9 +87,9 @@ class Modeluser extends Modeldb
public function getlisterbylevel(int $level)
{
$userdatalist = $this->repo->query()
- ->where('level', '==', $level)
- ->execute();
-
+ ->where('level', '==', $level)
+ ->execute();
+
$userlist = [];
foreach ($userdatalist as $user) {
$userlist[] = $user->id;
@@ -122,48 +98,75 @@ class Modeluser extends Modeldb
return $userlist;
}
- public function passwordexist(string $pass)
+ /**
+ * Check if the password is used, and return by who
+ *
+ * @param string $pass password clear
+ *
+ * @return mixed User or false
+ */
+ public function passwordcheck(string $pass)
{
- $userdatalist = $this->repo->query()
- ->where('password', '==', $pass)
- ->execute();
+ $userdatalist = $this->getlister();
+ foreach ($userdatalist as $user) {
+ if ($user->passwordhashed()) {
+ if (password_verify($pass, $user->password())) {
+ return $user;
+ }
+ } else {
+ if ($user->password() === $pass) {
+ return $user;
+ }
+ }
+ }
+ return false;
+ }
- if($userdatalist->total() === 0) {
- return false;
- } else {
+ /**
+ * Return information if the password is already used or not
+ *
+ * @param string $pass password clear
+ *
+ * @return bool password exist or not
+ */
+ public function passwordexist(string $pass) : bool
+ {
+ if ($this->passwordcheck($pass) !== false) {
return true;
+ } else {
+ return false;
}
}
-
+
public function add(User $user)
- {
- $userdata = new \JamesMoss\Flywheel\Document($user->dry());
- $userdata->setId($user->id());
- $this->repo->store($userdata);
- }
-
-
- public function get($id)
- {
- if ($id instanceof User) {
- $id = $id->id();
- }
- if (is_string($id)) {
- $userdata = $this->repo->findById($id);
- if ($userdata !== false) {
- return new User($userdata);
- } else {
- return false;
- }
- } else {
- return false;
- }
+ {
+ $userdata = new \JamesMoss\Flywheel\Document($user->dry());
+ $userdata->setId($user->id());
+ $this->repo->store($userdata);
+ }
+
+
+ public function get($id)
+ {
+ if ($id instanceof User) {
+ $id = $id->id();
+ }
+ if (is_string($id)) {
+ $userdata = $this->repo->findById($id);
+ if ($userdata !== false) {
+ return new User($userdata);
+ } else {
+ return false;
+ }
+ } else {
+ return false;
+ }
+ }
+
+ public function delete(User $user)
+ {
+ $this->repo->delete($user->id());
}
-
- public function delete(User $user)
- {
- $this->repo->delete($user->id());
- }
}
diff --git a/app/class/user.php b/app/class/user.php
index 8fb152f..2627d3d 100644
--- a/app/class/user.php
+++ b/app/class/user.php
@@ -6,33 +6,35 @@ class User
protected $level = 0;
protected $signature = '';
protected $password;
+ protected $passwordhashed = false;
- public function __construct($datas = []) {
- if(!empty($datas)) {
+ public function __construct($datas = [])
+ {
+ if (!empty($datas)) {
$this->hydrate($datas);
}
}
public function hydrate($datas = [])
- {
- foreach ($datas as $key => $value) {
- $method = 'set' . $key;
+ {
+ foreach ($datas as $key => $value) {
+ $method = 'set' . $key;
- if (method_exists($this, $method)) {
- $this->$method($value);
- }
- }
+ if (method_exists($this, $method)) {
+ $this->$method($value);
+ }
+ }
}
- public function dry()
- {
- $array = [];
- foreach (get_class_vars(__class__) as $var => $value) {
- $array[$var] = $this->$var();
- }
- return $array;
+ public function dry()
+ {
+ $array = [];
+ foreach (get_class_vars(__class__) as $var => $value) {
+ $array[$var] = $this->$var();
+ }
+ return $array;
}
-
+
public function id()
{
return $this->id;
@@ -45,50 +47,82 @@ class User
public function password($type = 'string')
{
- if($type === 'int') {
+ if ($type === 'int') {
return strlen($this->password);
} elseif ($type = 'string') {
return $this->password;
}
}
-
+
public function signature()
{
return $this->signature;
}
+ public function passwordhashed()
+ {
+ return $this->passwordhashed;
+ }
+
public function setid($id)
{
$id = idclean($id);
if (strlen($id) < Model::MAX_ID_LENGTH and is_string($id)) {
- $this->id = $id;
- }
+ $this->id = $id;
+ }
}
-
+
public function setlevel($level)
{
$level = intval($level);
- if($level >= 0 && $level <= 10) {
+ if ($level >= 0 && $level <= 10) {
$this->level = $level;
}
}
public function setpassword(string $password)
{
- if(strlen($password) >= 4 && strlen($password) <= 32) {
+ if (is_string($password)) {
$this->password = $password;
}
+
}
public function setsignature(string $signature)
{
- if(strlen($signature) <= 128) {
+ if (strlen($signature) <= 128) {
$this->signature = $signature;
}
}
+ public function setpasswordhashed($passwordhashed)
+ {
+ $this->passwordhashed = boolval($passwordhashed);
+
+ }
+
+
+
+
+
+ public function hashpassword()
+ {
+ $this->password = password_hash($this->password, PASSWORD_DEFAULT);
+ $this->passwordhashed = true;
+ }
+
+ public function validpassword()
+ {
+ if(is_string($this->password)) {
+ if(strlen($this->password) >= Model::PASSWORD_MIN_LENGTH && strlen($this->password) <= Model::PASSWORD_MAX_LENGTH) {
+ return true;
+ }
+ }
+ return false;
+ }
+
public function isvisitor()
generated by cgit v1.2.3 (git 2.25.1) at 2025-02-22 22:43:18 +0000