1
|
|
|
<?php |
2
|
|
|
/** |
3
|
|
|
* Created by PhpStorm. |
4
|
|
|
* User: afshin |
5
|
|
|
* Date: 11/24/17 |
6
|
|
|
* Time: 1:11 PM |
7
|
|
|
*/ |
8
|
|
|
|
9
|
|
|
namespace Core\Services; |
10
|
|
|
|
11
|
|
|
use App\DataAccess\User\UserDataAccess; |
12
|
|
|
use Core\App; |
13
|
|
|
use Core\Config; |
14
|
|
|
use Core\Interfaces\_Service; |
15
|
|
|
|
16
|
|
|
class AuthService extends _Service |
17
|
|
|
{ |
18
|
|
|
public function user() |
19
|
|
|
{ |
20
|
|
|
if(!isset($_SESSION['user']) && json_decode($_COOKIE['user'],true) !== null){ |
21
|
|
|
$_SESSION['user'] = json_decode($_COOKIE['user'],true); |
22
|
|
|
} |
23
|
|
|
return UserDataAccess::getUserById(isset($_SESSION['user']['user_id']) ? $_SESSION['user']['user_id'] : 0); |
24
|
|
|
} |
25
|
|
|
|
26
|
|
|
public function hasRole($roleName) |
27
|
|
|
{ |
28
|
|
|
if(!self::check()){ |
|
|
|
|
29
|
|
|
return false; |
30
|
|
|
} |
31
|
|
|
$userRoles = UserDataAccess::getUserRoles(isset($_SESSION['user']['user_id']) ? $_SESSION['user']['user_id'] : 0); |
32
|
|
|
$hasAccess = false; |
33
|
|
|
foreach ($userRoles as $role){ |
34
|
|
|
if($role->name == $roleName){ |
35
|
|
|
$hasAccess = true; |
36
|
|
|
break; |
37
|
|
|
} |
38
|
|
|
} |
39
|
|
|
return $hasAccess; |
40
|
|
|
} |
41
|
|
|
|
42
|
|
|
|
43
|
|
|
public function check() |
44
|
|
|
{ |
45
|
|
|
if(!isset($_SESSION['user']) && json_decode($_COOKIE['user'],true) !== null){ |
46
|
|
|
$_SESSION['user'] = json_decode($_COOKIE['user'],true); |
47
|
|
|
} |
48
|
|
|
return isset($_SESSION['user']['user_id']); |
49
|
|
|
} |
50
|
|
|
|
51
|
|
|
public function attempt(string $loginField,string $password) |
52
|
|
|
{ |
53
|
|
|
$user = UserDataAccess::getUserLoginField($loginField); |
54
|
|
|
if (!$user) { |
|
|
|
|
55
|
|
|
return [ |
56
|
|
|
'type'=>'error', |
57
|
|
|
'message'=> 'User Not Exists', |
58
|
|
|
]; |
59
|
|
|
} |
60
|
|
|
$setting = Config::get('settings.auth'); |
61
|
|
|
if(1 || $setting['2step']){ |
62
|
|
|
return $this->twoStepAuth($loginField,$password); |
63
|
|
|
}else{ |
64
|
|
|
if ($this->checkPass($password,$user->password)) { |
65
|
|
|
$_SESSION['user']['user_id'] = $user->id; |
66
|
|
|
$_SESSION['user']['mobile'] = $user->mobile; |
67
|
|
|
|
68
|
|
|
setcookie('user', json_encode([ |
69
|
|
|
'user_id'=>$user->id, |
70
|
|
|
'mobile'=>$user->mobile, |
71
|
|
|
]), time() + (86400 * 30), "/"); // 86400 = 1 day *30 => 30 day |
72
|
|
|
|
73
|
|
|
|
74
|
|
|
return [ |
75
|
|
|
'type'=>'success', |
76
|
|
|
'message'=> 'Logined', |
77
|
|
|
]; |
78
|
|
|
}else{ |
79
|
|
|
return [ |
80
|
|
|
'type'=>'error', |
81
|
|
|
'message'=> 'password mismatch', |
82
|
|
|
]; |
83
|
|
|
} |
84
|
|
|
} |
85
|
|
|
return [ |
|
|
|
|
86
|
|
|
'type'=>'error', |
87
|
|
|
'message'=> 'problem!', |
88
|
|
|
]; |
89
|
|
|
} |
90
|
|
|
|
91
|
|
|
|
92
|
|
|
|
93
|
|
|
public function checkPass($password,$database_pass) |
94
|
|
|
{ |
95
|
|
|
if($database_pass == $password){ |
96
|
|
|
return true; |
97
|
|
|
} |
98
|
|
|
return false; |
99
|
|
|
|
100
|
|
|
} |
101
|
|
|
|
102
|
|
|
|
103
|
|
|
public function twoStepAuth(string $loginField,string $password) |
104
|
|
|
{ |
105
|
|
|
$user = UserDataAccess::getUserLoginField($loginField); |
106
|
|
|
if(UserDataAccess::checkToken($password,$loginField)){ |
107
|
|
|
$_SESSION['user']['user_id'] = $user->id; |
108
|
|
|
$_SESSION['user']['mobile'] = $user->mobile; |
|
|
|
|
109
|
|
|
|
110
|
|
|
setcookie('user', json_encode([ |
111
|
|
|
'user_id'=>$user->id, |
112
|
|
|
'mobile'=>$user->mobile, |
113
|
|
|
]), time() + (86400 * 30), "/"); // 86400 = 1 day *30 => 30 day |
114
|
|
|
|
115
|
|
|
|
116
|
|
|
return [ |
117
|
|
|
'type'=>'success', |
118
|
|
|
'message'=> 'Logined', |
119
|
|
|
]; |
120
|
|
|
}else{ |
121
|
|
|
return [ |
122
|
|
|
'type'=>'error', |
123
|
|
|
'message'=> 'problem!', |
124
|
|
|
]; |
125
|
|
|
} |
126
|
|
|
} |
127
|
|
|
|
128
|
|
|
public function logout() |
129
|
|
|
{ |
130
|
|
|
if (isset($_COOKIE['user'])) { |
131
|
|
|
unset($_COOKIE['user']); |
132
|
|
|
setcookie('user', '', time() - 3600, '/'); // empty value and old timestamp |
133
|
|
|
} |
134
|
|
|
unset($_SESSION['user']); |
135
|
|
|
} |
136
|
|
|
|
137
|
|
|
} |