Passed
Push — main ( 131f20...c1d479 )
by Rafael
51:37
created

Auth::logout()   A

Complexity

Conditions 1
Paths 1

Size

Total Lines 5
Code Lines 2

Duplication

Lines 0
Ratio 0 %

Importance

Changes 1
Bugs 0 Features 0
Metric Value
cc 1
eloc 2
c 1
b 0
f 0
nc 1
nop 0
dl 0
loc 5
rs 10
1
<?php
2
3
/* Copyright (C) 2024      Rafael San José      <[email protected]>
4
 *
5
 * This program is free software; you can redistribute it and/or modify
6
 * it under the terms of the GNU General Public License as published by
7
 * the Free Software Foundation; either version 3 of the License, or
8
 * any later version.
9
 *
10
 * This program is distributed in the hope that it will be useful,
11
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
13
 * GNU General Public License for more details.
14
 *
15
 * You should have received a copy of the GNU General Public License
16
 * along with this program. If not, see <https://www.gnu.org/licenses/>.
17
 */
18
19
namespace Alxarafe\Lib;
20
21
use Alxarafe\Model\User;
22
23
abstract class Auth
24
{
25
    private const COOKIE_NAME = 'alxarafe_login';
26
    private const COOKIE_USER = self::COOKIE_NAME . '_user';
27
    private const COOKIE_EXPIRE_TIME = 30 * 86400; // 30 days
28
    private const COOKIE_SAMESITE = 'Strict';
29
30
    public static $user = null;
31
32
    public static function isLogged()
33
    {
34
        $userId = FILTER_INPUT(INPUT_COOKIE, self::COOKIE_USER);
35
        $token = FILTER_INPUT(INPUT_COOKIE, self::COOKIE_NAME);
36
        if (empty($token)) {
37
            return false;
38
        }
39
40
        if (!isset(self::$user)) {
41
            self::$user = User::find($userId);
42
        }
43
44
        if (!isset(self::$user)) {
45
            return false;
46
        }
47
48
        return self::$user->token === $token;
49
    }
50
51
    /**
52
     * Return true if login is correct with user/mail and password.
53
     * TODO: This is a test. It will be checked against a user database.
54
     *
55
     * @param $email
56
     * @param $password
57
     *
58
     * @return bool
59
     */
60
    public static function login($username, $password)
61
    {
62
        //static::logout();
63
64
        $user = User::where('name', $username)->first();
65
        if (!isset($user)) {
66
            return false;
67
        }
68
69
        if (!password_verify($password, $user->password)) {
70
            return false;
71
        }
72
73
        self::setLoginCookie($user->id);
74
75
        return true;
76
    }
77
78
    public static function setLoginCookie($userId)
79
    {
80
        $token = self::generateToken();
81
82
        if (!isset(self::$user)) {
83
            self::$user = User::find($userId);
84
        }
85
        if (isset(self::$user)) {
86
            self::$user->saveToken($token);
87
        }
88
89
        $cookie_options = [
90
            'expires' => time() + self::COOKIE_EXPIRE_TIME,
91
            'path' => '/',
92
            'domain' => $_SERVER['HTTP_HOST'],
93
            'secure' => true,
94
            'httponly' => true,
95
            'samesite' => self::COOKIE_SAMESITE,
96
        ];
97
98
        setcookie(self::COOKIE_USER, $userId);
99
        setcookie(self::COOKIE_NAME, $token, $cookie_options);
100
    }
101
102
    private static function generateToken($length = 32)
103
    {
104
        return bin2hex(random_bytes($length));
105
    }
106
107
    public static function logout()
108
    {
109
        // Erase old cookies.
110
        setcookie(self::COOKIE_USER, '', time() - 60);
111
        setcookie(self::COOKIE_NAME, '', time() - 60);
112
    }
113
114
}
115