v0.9.8 - minor bugfix in the auth method in the framework library, and some additions for the controller.php in order to handle sessions better.

2023-12-04 21:35:23 +01:00
parent a138344234
commit d885132629
3 changed files with 151 additions and 90 deletions
--- a/core/c/auth.php
+++ b/core/c/auth.php
@@ -10,48 +10,47 @@ namespace Nibiru;
 */
 class Auth extends Controller implements IAuth
 {
-	private static $_instance;
+    private static $_instance;
-	private $_password_salt = "";
+    private $_password_salt = "";
-	private $_username      = "";
+    private $_username      = "";
-	private $_password      = "";
+    private $_password      = "";
    /**
     * Auth constructor.
     */
-	protected function __construct()
+    protected function __construct()
-	{
+    {
-		parent::__construct();
+        parent::__construct();
-		$this->_setPasswordSalt();
+        $this->_setPasswordSalt();
-	}
+    }
    /**
     * @return View
     */
-	public static function getInstance(): View
+    public static function getInstance(): View
-	{
+    {
-		$className = get_called_class();
+        $className = get_called_class();
-		if( self::$_instance == null )
+        if( self::$_instance == null )
-		{
+        {
-			self::$_instance = new $className();
+            self::$_instance = new $className();
-		}
+        }
-		return self::$_instance;
+        return self::$_instance;
-	}
+    }
    /**
     * @param $login
     * @param $password
     * @return bool
     */
-	public function auth( $login, $password )
+    public function auth( $login, $password ): bool
-	{
+    {
-		// TODO: Implement auth($username, $password) method.
+        // TODO: Implement auth($username, $password) method.
        $this->_setPassword($password);
        $this->_setUsername($login);
-
+        if(!array_key_exists('auth', $_SESSION) || $_SESSION['auth'] == null)
-		if(!array_key_exists('auth', $_SESSION))
+        {
 		{
            $user_password = Pdo::query("SELECT user_account_active, DES_DECRYPT(user_pass, '".Config::getInstance()->getConfig()[IView::NIBIRU_SECURITY]["password_hash"]."') AS pass, user_id FROM user WHERE user_login = '".$login."';");
            if( $user_password["pass"] == $password && $user_password['user_account_active'] == 1 )
            {
@@ -65,58 +64,69 @@ class Auth extends Controller implements IAuth
                ];
                return true;
            }
-			else
+            else
-			{
+            {
-				return false;
+                return false;
-			}
+            }
-		}
+        }
-	}
+        else
        {
            if($_SESSION['auth']['login'] == $login)
            {
                return true;
            }
            else
            {
                return false;
            }
        }
    }
-	/**
+    /**
-	 * @return string
+     * @return string
-	 */
+     */
-	protected function getPasswordSalt()
+    protected function getPasswordSalt()
-	{
+    {
-		return $this->_password_salt;
+        return $this->_password_salt;
-	}
+    }
-	/**
+    /**
-	 * @param string $password_salt
+     * @param string $password_salt
-	 */
+     */
-	private function _setPasswordSalt( )
+    private function _setPasswordSalt( )
-	{
+    {
-		$this->_password_salt = $this->getConfig()[self::NIBIRU_SECURITY];
+        $this->_password_salt = $this->getConfig()[self::NIBIRU_SECURITY];
-	}
+    }
-	/**
+    /**
-	 * @return string
+     * @return string
-	 */
+     */
-	protected function getUsername()
+    protected function getUsername()
-	{
+    {
-		return $this->_username;
+        return $this->_username;
-	}
+    }
-	/**
+    /**
-	 * @param string $username
+     * @param string $username
-	 */
+     */
-	private function _setUsername( $username )
+    private function _setUsername( $username )
-	{
+    {
-		$this->_username = $username;
+        $this->_username = $username;
-	}
+    }
-	/**
+    /**
-	 * @return string
+     * @return string
-	 */
+     */
-	protected function getPassword()
+    protected function getPassword()
-	{
+    {
-		return $this->_password;
+        return $this->_password;
-	}
+    }
-	/**
+    /**
-	 * @param string $password
+     * @param string $password
-	 */
+     */
-	private function _setPassword( $password )
+    private function _setPassword( $password )
-	{
+    {
-		$this->_password = $password;
+        $this->_password = $password;
-	}
+    }
 }
--- a/core/c/controller.php
+++ b/core/c/controller.php
@@ -219,17 +219,64 @@ class Controller extends View
    /**
     * @param string $param
     * @param bool $params
     * @param bool $checkForActiveSession
     * @return string|array
     */
-    public function getSession( string $param, bool $params = false )
+    public function getSession( string $param, bool $params = false, bool $checkForActiveSession = false ): string|array
    {
-        if($param!="")
+        if($checkForActiveSession)
        {
-            return $_SESSION[$param];
+            if(session_status() == PHP_SESSION_DISABLED || sizeof($_SESSION) == 0)
            {
                return IController::SESSION_DISABLED;
            }
            elseif(session_status() == PHP_SESSION_NONE && sizeof($_SESSION) == 0)
            {
                return IController::SESSION_DISABLED;
            }
            else
            {
                return IController::SESSION_ACTIVE;
            }
        }
-        elseif($params)
+        else
        {
-            return $_SESSION;
+            if($param!="")
            {
                if(session_status() == PHP_SESSION_NONE)
                {
                    session_start();
                }
                if(session_status() == PHP_SESSION_ACTIVE)
                {
                    if (array_key_exists($param, $_SESSION))
                    {
                        if($_SESSION[$param] != null)
                        {
                            return $_SESSION[$param];
                        } else {
                            return IController::SESSION_KEY_VALUE_NOT_FOUND;
                        }
                    } else {
                        return IController::SESSION_KEY_NOT_FOUND;
                    }
                }
                else
                {
                    return IController::SESSION_DISABLED;
                }
            }
            elseif($params)
            {
                if(session_status() == PHP_SESSION_ACTIVE)
                {
                    return $_SESSION;
                }
                else
                {
                    return IController::SESSION_DISABLED;
                }
            }
        }
    }
 }
--- a/core/i/controller.php
+++ b/core/i/controller.php
@@ -10,20 +10,24 @@ namespace Nibiru;
 */
 interface IController
 {
-	const START_CONTROLLER_NAME = "index";
+    const START_CONTROLLER_NAME = "index";
-	
+    const SESSION_ACTIVE = 'SESSION ACTIVE';
-	/**
+    const SESSION_DISABLED = 'SESSION DISABLED';
-	 * This should be part of any extended controller
+    const SESSION_KEY_NOT_FOUND = 'KEY NOT FOUND';
-	 * class in order to implement a page structure
+    const SESSION_KEY_VALUE_NOT_FOUND = 'KEY VALUE NOT FOUND';
 	 * @return array
 	 */
 	public function pageAction();
-	/**
+    /**
-	 * This is the part where you can add titles to
+     * This should be part of any extended controller
-	 * your page navigation.
+     * class in order to implement a page structure
-	 */
+     * @return array
     */
    public function pageAction();
-	public function navigationAction();
+    /**
     * This is the part where you can add titles to
     * your page navigation.
     */
    public function navigationAction();
 }