|
1
|
|
|
<?php |
|
2
|
|
|
|
|
3
|
|
|
namespace App\Controllers\Api\V1; |
|
4
|
|
|
|
|
5
|
|
|
use App\Interfaces\Controllers\IApi; |
|
6
|
|
|
use App\Reuse\Controllers\AbstractApi; |
|
7
|
|
|
use App\Container; |
|
8
|
|
|
use App\Http\Headers; |
|
9
|
|
|
use App\Http\Request; |
|
10
|
|
|
use App\Http\Response; |
|
11
|
|
|
use App\Model\Users; |
|
12
|
|
|
use App\Tools\Jwt\Token; |
|
13
|
|
|
|
|
14
|
|
|
final class Auth extends AbstractApi implements IApi |
|
15
|
|
|
{ |
|
16
|
|
|
|
|
17
|
|
|
/** |
|
18
|
|
|
* instanciate |
|
19
|
|
|
* |
|
20
|
|
|
* @param Container $container |
|
21
|
|
|
*/ |
|
22
|
|
|
public function __construct(Container $container) |
|
23
|
|
|
{ |
|
24
|
|
|
parent::__construct($container); |
|
25
|
|
|
} |
|
26
|
|
|
|
|
27
|
|
|
/** |
|
28
|
|
|
* login action |
|
29
|
|
|
* |
|
30
|
|
|
* @Role anonymous |
|
31
|
|
|
* @return Auth |
|
32
|
|
|
*/ |
|
33
|
|
|
final public function login(): Auth |
|
34
|
|
|
{ |
|
35
|
|
|
$config = $this->getService(\App\Config::class); |
|
36
|
|
|
$logger = $this->getService(\Monolog\Logger::class); |
|
37
|
|
|
$login = $this->request->getParam('login'); |
|
38
|
|
|
$password = $this->request->getParam('password'); |
|
39
|
|
|
if (false === $this->isValidLogin($login, $password)) { |
|
40
|
|
|
$logger->warning(__FUNCTION__ . ' Invalid arguments'); |
|
41
|
|
|
return $this->setErrorResponse( |
|
42
|
|
|
Response::HTTP_BAD_REQUEST, |
|
43
|
|
|
'Invalid arguments' |
|
44
|
|
|
); |
|
45
|
|
|
} |
|
46
|
|
|
$userModel = new Users($config); |
|
47
|
|
|
if ($user = $userModel->auth($login, $password)) { |
|
48
|
|
|
$jwtToken = new Token($config, $this->request); |
|
49
|
|
|
$token = $jwtToken |
|
50
|
|
|
->setIssueAt(time()) |
|
51
|
|
|
->setIssueAtDelay(0) |
|
52
|
|
|
->setTtl(1200) |
|
53
|
|
|
->encode( |
|
54
|
|
|
$user[Users::_ID], |
|
55
|
|
|
$user[Users::_EMAIL], |
|
56
|
|
|
$user[Users::_PASSWORD] |
|
57
|
|
|
); |
|
58
|
|
|
$logger->info(__FUNCTION__ . ' Auth succeed'); |
|
59
|
|
|
$this->response |
|
60
|
|
|
->setCode(Response::HTTP_OK) |
|
61
|
|
|
->setContent( |
|
62
|
|
|
[Response::_ERROR => false, 'token' => $token] |
|
63
|
|
|
); |
|
64
|
|
|
return $this; |
|
65
|
|
|
} |
|
66
|
|
|
//die; |
|
67
|
|
|
$logger->warning(__FUNCTION__ . ' Auth failed'); |
|
68
|
|
|
return $this->setErrorResponse( |
|
69
|
|
|
Response::HTTP_UNAUTHORIZED, |
|
70
|
|
|
'Bad credentials' |
|
71
|
|
|
); |
|
72
|
|
|
} |
|
73
|
|
|
|
|
74
|
|
|
/** |
|
75
|
|
|
* return true if request methods are allowed |
|
76
|
|
|
* |
|
77
|
|
|
* @return boolean |
|
78
|
|
|
*/ |
|
79
|
|
|
protected function isLoginMethodAllowed(): bool |
|
80
|
|
|
{ |
|
81
|
|
|
return in_array( |
|
82
|
|
|
$this->request->getMethod(), |
|
83
|
|
|
[Request::METHOD_POST, Request::METHOD_TRACE] |
|
84
|
|
|
); |
|
85
|
|
|
} |
|
86
|
|
|
|
|
87
|
|
|
/** |
|
88
|
|
|
* return true if login action can be executed |
|
89
|
|
|
* |
|
90
|
|
|
* @param string $login |
|
91
|
|
|
* @param string $password |
|
92
|
|
|
* @return boolean |
|
93
|
|
|
*/ |
|
94
|
|
|
protected function isValidLogin(string $login, string $password): bool |
|
95
|
|
|
{ |
|
96
|
|
|
return $this->isLoginMethodAllowed() |
|
97
|
|
|
&& !empty($login) |
|
98
|
|
|
&& !empty($password); |
|
99
|
|
|
} |
|
100
|
|
|
|
|
101
|
|
|
/** |
|
102
|
|
|
* return Auth and set response with http code and message |
|
103
|
|
|
* |
|
104
|
|
|
* @param integer $code |
|
105
|
|
|
* @param string $msg |
|
106
|
|
|
* @return Auth |
|
107
|
|
|
*/ |
|
108
|
|
|
protected function setErrorResponse(int $code, string $msg): Auth |
|
109
|
|
|
{ |
|
110
|
|
|
$this->response |
|
111
|
|
|
->setCode($code) |
|
112
|
|
|
->setContent([ |
|
113
|
|
|
Response::_ERROR => true, |
|
114
|
|
|
Response::_ERROR_CODE => $code, |
|
115
|
|
|
Response::_ERROR_MSG => $msg |
|
116
|
|
|
])->getHeaderManager()->add( |
|
117
|
|
|
Headers::CONTENT_TYPE, |
|
118
|
|
|
'application/json' |
|
119
|
|
|
); |
|
120
|
|
|
return $this; |
|
121
|
|
|
} |
|
122
|
|
|
} |
|
123
|
|
|
|
pierre-fromager /
nymfonya
