1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
|
<?php
namespace Wcms;
class Controllerconnect extends Controller
{
public function log()
{
if (isset($_POST['log'])) {
$id = $_POST['id'] ?? null;
$route = $_POST['route'] ?? 'home';
if ($_POST['log'] === 'login') {
$this->login($route, $id);
} elseif ($_POST['log'] === 'logout') {
$this->logout($route, $id);
}
}
}
public function connect()
{
if (isset($_SESSION['pageupdate'])) {
$pageupdate['route'] = 'pageedit';
$pageupdate['id'] = $_SESSION['pageupdate']['id'];
} else {
$pageupdate = ['route' => 'home'];
}
$this->showtemplate('connect', $pageupdate);
}
public function login($route, $id = null)
{
if (isset($_POST['pass'])) {
$this->user = $this->usermanager->passwordcheck($_POST['pass']);
if ($this->user != false) {
if ($this->user->expiredate() === false || $this->user->level() === 10 || $this->user->expiredate('date') > $this->now) {
$this->user->connectcounter();
$this->usermanager->add($this->user);
$this->usermanager->writesession($this->user);
$_SESSION['workspace']['showleftpanel'] = true;
$_SESSION['workspace']['showrightpanel'] = false;
if ($_POST['rememberme'] && $this->user->cookie() > 0) {
$token = $this->createauthtoken();
if ($token) {
$_SESSION['user' . Config::basepath()]['authtoken'] = $token;
}
}
}
}
}
if ($id !== null) {
$this->routedirect($route, ['page' => $id]);
} else {
$this->routedirect($route);
}
}
public function logout($route, $id = null)
{
$this->user = $this->usermanager->logout();
$this->usermanager->writesession($this->user);
if(!empty($_SESSION['user' . Config::basepath()]['authtoken'])) {
$this->destroyauthtoken($_SESSION['user' . Config::basepath()]['authtoken']);
}
if ($id !== null && $route !== 'home') {
$this->routedirect($route, ['page' => $id]);
} else {
$this->routedirect($route);
}
}
/**
* Create a token stored in the database and then a cookie
*
* @return string|bool Token in cas of success, otherwise, false.
*/
public function createauthtoken()
{
$authtoken = new Modelauthtoken();
$tokenid = $authtoken->add($this->user);
if ($tokenid !== false) {
$cookiecreation = $this->creatauthcookie($tokenid, $this->user->cookie());
if ($cookiecreation) {
return $tokenid;
}
} else {
return false;
}
}
/**
* Create a cookie called `authtoken`
*
* @param string $token Token string
* @param int $conservation Time in day to keep the token
*
* @return bool True in cas of success, otherwise, false.
*/
public function creatauthcookie(string $token, int $conservation): bool
{
$hash = secrethash($token);
$cookie = $token . ':' . $hash;
return setcookie('authtoken', $cookie, time() + $conservation * 24 * 3600, null, null, false, true);
}
/**
* Destroy the current token
*/
public function destroyauthtoken(string $id)
{
$authtoken = new Modelauthtoken();
$dbdelete = $authtoken->delete($id);
//deleteauthcookie
}
}
|
