aboutsummaryrefslogtreecommitdiff
path: root/app/class
diff options
context:
space:
mode:
Diffstat (limited to 'app/class')
-rw-r--r--app/class/Controller.php27
-rw-r--r--app/class/Controllerconnect.php49
-rw-r--r--app/class/Controlleruser.php29
-rw-r--r--app/class/Modelconnect.php45
-rw-r--r--app/class/Routes.php1
-rw-r--r--app/class/Session.php6
-rw-r--r--app/class/User.php58
7 files changed, 187 insertions, 28 deletions
diff --git a/app/class/Controller.php b/app/class/Controller.php
index 11a2c12..c631726 100644
--- a/app/class/Controller.php
+++ b/app/class/Controller.php
@@ -45,17 +45,30 @@ class Controller
public function setuser()
{
- if (empty($this->session->user)) {
- $this->user = new User();
- } else {
- if (!$this->user = $this->usermanager->get($this->session->user)) {
- if (!$this->user = $this->usermanager->readcookie()) {
- $this->user = new User();
+ // check session, then cookies
+ if (!empty($this->session->user)) {
+ $user = $this->usermanager->get($this->session->user);
+ } elseif (!empty($_COOKIE['authtoken'])) {
+ try {
+ $modelconnect = new Modelconnect();
+ $datas = $modelconnect->checkcookie();
+ $user = $this->usermanager->get($datas['userid']);
+ if ($user !== false && $user->checksession($datas['wsession'])) {
+ $this->session->addtosession("wsession", $datas['wsession']);
+ $this->session->addtosession("user", $datas['userid']);
} else {
- $this->session->addtosession('user', $this->user->id());
+ $user = false;
}
+ } catch (Exception $e) {
+ Model::sendflashmessage("Invalid Autentification cookie exist : $e", "warning");
}
}
+ // create visitor
+ if (empty($user)) {
+ $this->user = new User();
+ } else {
+ $this->user = $user;
+ }
}
public function initplates()
diff --git a/app/class/Controllerconnect.php b/app/class/Controllerconnect.php
index 8347a8f..4790c63 100644
--- a/app/class/Controllerconnect.php
+++ b/app/class/Controllerconnect.php
@@ -2,8 +2,12 @@
namespace Wcms;
+use RuntimeException;
+
class Controllerconnect extends Controller
{
+ /** @var Modelconnect */
+ protected $modelconnect;
public function log()
{
@@ -38,21 +42,36 @@ class Controllerconnect extends Controller
{
if (!empty($_POST['pass']) && !empty($_POST['user'])) {
$this->user = $this->usermanager->passwordcheck($_POST['user'], $_POST['pass']);
- if ($this->user != false) {
- if (
+ if (
+ $this->user != false
+ && (
$this->user->expiredate() === false
|| $this->user->level() === 10
|| $this->user->expiredate('date') > $this->now
- ) {
- $this->user->connectcounter();
- $this->usermanager->add($this->user);
- $this->session->addtosession('user', $this->user->id());
-
- if ($_POST['rememberme'] && $this->user->cookie() > 0) {
- $token = $this->createauthtoken();
- if ($token) {
- $_SESSION['user' . Config::basepath()]['authtoken'] = $token;
+ )
+ ) {
+ $this->user->connectcounter();
+ $this->usermanager->add($this->user);
+ $this->session->addtosession('user', $this->user->id());
+
+ if ($_POST['rememberme']) {
+ if ($this->user->cookie() > 0) {
+ try {
+ $this->modelconnect = new Modelconnect();
+ $wsession = $this->user->newsession();
+ $this->modelconnect->createauthcookie(
+ $this->user->id(),
+ $wsession,
+ $this->user->cookie()
+ );
+ $this->usermanager->add($this->user);
+ $this->session->addtosession('wsession', $wsession);
+ } catch (RuntimeException $e) {
+ Model::sendflashmessage("Can't create authentification cookie : $e", "warning");
}
+ } else {
+ $message = "Can't remember you beccause user cookie conservation time is set to 0 days";
+ Model::sendflashmessage($message, "warning");
}
}
}
@@ -66,11 +85,11 @@ class Controllerconnect extends Controller
public function logout($route, $id = null)
{
- $this->user = $this->usermanager->logout();
$this->session->addtosession('user', '');
- if (!empty($_SESSION['user' . Config::basepath()]['authtoken'])) {
- $this->destroyauthtoken($_SESSION['user' . Config::basepath()]['authtoken']);
- }
+ $this->user->destroysession($this->session->wsession);
+ $this->session->addtosession('wsession', '');
+ $this->usermanager->add($this->user);
+
if ($id !== null && $route !== 'home') {
$this->routedirect($route, ['page' => $id]);
} else {
diff --git a/app/class/Controlleruser.php b/app/class/Controlleruser.php
index 0345434..1e61c1a 100644
--- a/app/class/Controlleruser.php
+++ b/app/class/Controlleruser.php
@@ -40,9 +40,6 @@ class Controlleruser extends Controller
} catch (RuntimeException $th) {
Model::sendflashmessage('There was a problem when updating preference : ' . $th->getMessage(), 'error');
}
- if ($_POST['passwordhash']) {
- $user->hashpassword();
- }
$this->usermanager->add($user);
$this->routedirect('user');
} else {
@@ -50,6 +47,32 @@ class Controlleruser extends Controller
}
}
+ public function password()
+ {
+ if ($this->user->iseditor()) {
+ if (
+ !empty($_POST['password1']) &&
+ !empty($_POST['password2']) &&
+ $_POST['password1'] === $_POST['password2']
+ ) {
+ if (
+ $this->user->setpassword($_POST['password1']) &&
+ $this->user->hashpassword() &&
+ $this->usermanager->add($this->user)
+ ) {
+ Model::sendflashmessage('password updated successfully', 'success');
+ } else {
+ Model::sendflashmessage("password is not compatible or an error occured", 'error');
+ }
+ } else {
+ Model::sendflashmessage("passwords does not match", "error");
+ }
+ $this->routedirect('user');
+ } else {
+ $this->routedirect('home');
+ }
+ }
+
public function bookmark()
{
diff --git a/app/class/Modelconnect.php b/app/class/Modelconnect.php
new file mode 100644
index 0000000..1201d36
--- /dev/null
+++ b/app/class/Modelconnect.php
@@ -0,0 +1,45 @@
+<?php
+
+namespace Wcms;
+
+use Firebase\JWT\JWT;
+use RuntimeException;
+use Exception;
+
+class Modelconnect extends Model
+{
+
+ /**
+ * @param string $userid
+ * @param string $wsession
+ * @param int $conservation
+ * @throws RuntimeException if secret key is not set or cant send cookie
+ */
+ public function createauthcookie(string $userid, string $wsession, int $conservation)
+ {
+ $datas = [
+ "userid" => $userid,
+ "wsession" => $wsession
+ ];
+ if (empty(Config::secretkey())) {
+ throw new RuntimeException("Secret Key not set");
+ }
+ $jwt = JWT::encode($datas, Config::secretkey());
+ $cookie = setcookie('authtoken', $jwt, time() + $conservation * 24 * 3600, "", "", false, true);
+ if (!$cookie) {
+ throw new RuntimeException("Cant be send");
+ }
+ }
+
+ /**
+ * Check cookie using JWT
+ * @throws Exception
+ */
+ public function checkcookie()
+ {
+ if (!empty($_COOKIE['authtoken'])) {
+ $datas = JWT::decode($_COOKIE['authtoken'], Config::secretkey(), ['HS256']);
+ return get_object_vars($datas);
+ }
+ }
+}
diff --git a/app/class/Routes.php b/app/class/Routes.php
index 13bd2ac..65d8444 100644
--- a/app/class/Routes.php
+++ b/app/class/Routes.php
@@ -47,6 +47,7 @@ class Routes
['POST', '/!user/update', 'Controlleruser#update', 'userupdate'],
['POST', '/!user/bookmark', 'Controlleruser#bookmark', 'userbookmark'],
['POST', '/!user/pref', 'Controlleruser#pref', 'userpref'],
+ ['POST', '/!user/password', 'Controlleruser#password', 'userpassword'],
['POST', '/!user/token', 'Controlleruser#token', 'usertoken'],
['GET', '/!info', 'Controllerinfo#desktop', 'info'],
['GET', '/!timeline', 'Controllertimeline#desktop', 'timeline'],
diff --git a/app/class/Session.php b/app/class/Session.php
index 64b6b26..5228237 100644
--- a/app/class/Session.php
+++ b/app/class/Session.php
@@ -12,6 +12,7 @@ class Session extends Item
public $showrightpanel = false;
public $homedisplay = 'list';
public $mediadisplay = 'list';
+ public $wsession = '';
public function __construct($datas = [])
{
@@ -78,4 +79,9 @@ class Session extends Item
$this->mediadisplay = $mediadisplay;
}
}
+
+ public function setwsession($wsession)
+ {
+ $this->wsession = $wsession;
+ }
}
diff --git a/app/class/User.php b/app/class/User.php
index e78c10c..f9ea120 100644
--- a/app/class/User.php
+++ b/app/class/User.php
@@ -19,6 +19,8 @@ class User extends Item
protected $expiredate = false;
/** @var Bookmark[] Associative array as `id => Bookmark`*/
protected $bookmark = [];
+ /** @var array sessions */
+ protected $sessions = [];
protected $display = ['bookmark' => false];
public function __construct($datas = [])
@@ -103,6 +105,11 @@ class User extends Item
return $this->bookmark;
}
+ public function sessions()
+ {
+ return $this->sessions;
+ }
+
public function display()
{
return $this->display;
@@ -134,16 +141,18 @@ class User extends Item
}
}
- public function setpassword($password)
+ /**
+ * @return bool if password is compatible and set, otherwise flase
+ */
+ public function setpassword($password): bool
{
if (!empty($password) && is_string($password)) {
if (strlen($password) >= Model::PASSWORD_MIN_LENGTH && strlen($password) <= Model::PASSWORD_MAX_LENGTH) {
$this->password = $password;
return true;
- } else {
- return false;
}
}
+ return false;
}
public function setsignature(string $signature)
@@ -218,6 +227,13 @@ class User extends Item
}
}
+ public function setsessions($sessions)
+ {
+ if (is_array($sessions)) {
+ $this->sessions = $sessions;
+ }
+ }
+
public function setdisplay($display)
{
if (is_array($display)) {
@@ -268,6 +284,42 @@ class User extends Item
return false;
}
+ /**
+ * Generate new unique session ID
+ * @param string $info session info to store
+ * @return string session key
+ */
+ public function newsession(string $info = "no_info"): string
+ {
+ $exist = true;
+ while ($exist === true) {
+ $session = bin2hex(random_bytes(10));
+ $exist = key_exists($session, $this->sessions());
+ }
+ $this->sessions[$session] = $info;
+ return $session;
+ }
+
+ /**
+ * Remove Session from user
+ * @param string $session session ID to remove
+ * @return bool true if session exist and was destroyed, false if key does not exist
+ */
+ public function destroysession(string $session): bool
+ {
+ if (key_exists($session, $this->sessions)) {
+ unset($this->sessions[$session]);
+ return true;
+ } else {
+ return false;
+ }
+ }
+
+ public function checksession(string $session): bool
+ {
+ return key_exists($session, $this->sessions);
+ }
+
public function isvisitor()
generated by cgit v1.2.3 (git 2.25.1) at 2025-02-22 16:38:45 +0000