From c35d018995da99028747fe672e4d07484855dba2 Mon Sep 17 00:00:00 2001 From: vincent-peugnet Date: Wed, 8 Apr 2020 20:50:50 +0200 Subject: simple cookies storage using flywheel autogerated ID --- app/class/Controllerconnect.php | 65 ++++++++++++++++++++++++++++++++++------- 1 file changed, 55 insertions(+), 10 deletions(-) (limited to 'app/class/Controllerconnect.php') diff --git a/app/class/Controllerconnect.php b/app/class/Controllerconnect.php index 592c0ee..816d69b 100644 --- a/app/class/Controllerconnect.php +++ b/app/class/Controllerconnect.php @@ -21,7 +21,7 @@ class Controllerconnect extends Controller public function connect() { - if(isset($_SESSION['pageupdate'])) { + if (isset($_SESSION['pageupdate'])) { $pageupdate['route'] = 'pageedit'; $pageupdate['id'] = $_SESSION['pageupdate']['id']; } else { @@ -38,14 +38,22 @@ class Controllerconnect extends Controller { if (isset($_POST['pass'])) { $this->user = $this->usermanager->passwordcheck($_POST['pass']); - if($this->user != false) { - if($this->user->expiredate() === false || $this->user->level() === 10 || $this->user->expiredate('date') > $this->now) { + if ($this->user != false) { + if ($this->user->expiredate() === false || $this->user->level() === 10 || $this->user->expiredate('date') > $this->now) { $this->user->connectcounter(); $this->usermanager->add($this->user); $this->usermanager->writesession($this->user); $_SESSION['workspace']['showleftpanel'] = true; $_SESSION['workspace']['showrightpanel'] = false; - } + + if ($_POST['rememberme'] && $this->user->cookie() > 0) { + $token = $this->createauthtoken(); + if ($token) { + $_SESSION['user' . Config::basepath()]['authtoken'] = $token; + } + } + + } } } if ($id !== null) { @@ -59,6 +67,9 @@ class Controllerconnect extends Controller { $this->user = $this->usermanager->logout(); $this->usermanager->writesession($this->user); + if(!empty($_SESSION['user' . Config::basepath()]['authtoken'])) { + $this->destroyauthtoken($_SESSION['user' . Config::basepath()]['authtoken']); + } if ($id !== null && $route !== 'home') { $this->routedirect($route, ['page' => $id]); } else { @@ -66,13 +77,47 @@ class Controllerconnect extends Controller } } + /** + * Create a token stored in the database and then a cookie + * + * @return string|bool Token in cas of success, otherwise, false. + */ + public function createauthtoken() + { + $authtoken = new Modelauthtoken(); + $tokenid = $authtoken->add($this->user); + if ($tokenid !== false) { + $cookiecreation = $this->creatauthcookie($tokenid, $this->user->cookie()); + if ($cookiecreation) { + return $tokenid; + } + } else { + return false; + } + } -} - - - - + /** + * Create a cookie called `authtoken` + * + * @param string $id Token string + * @param int $conservation Time in day to keep the token + * + * @return bool True in cas of success, otherwise, false. + */ + public function creatauthcookie(string $id, int $conservation): bool + { + return setcookie('authtoken', $id, time() + $conservation * 24 * 3600, null, null, false, true); + } + /** + * Destroy the current token + */ + public function destroyauthtoken(string $id) + { + $authtoken = new Modelauthtoken(); + $dbdelete = $authtoken->delete($id); -?> \ No newline at end of file + //deleteauthcookie + } +} -- cgit v1.2.3