forked from projects/fipamo
152 lines
3.7 KiB
PHP
152 lines
3.7 KiB
PHP
<?php
|
|
|
|
use function _\find;
|
|
use ReallySimpleJWT\Token;
|
|
|
|
class Auth
|
|
{
|
|
public function __construct()
|
|
{
|
|
}
|
|
|
|
public static function sessionStatus()
|
|
{
|
|
if (isset($_SESSION["member"])) {
|
|
return true;
|
|
} else {
|
|
return false;
|
|
}
|
|
//return $this->secret;
|
|
}
|
|
|
|
public static function status()
|
|
{
|
|
$result = "";
|
|
if (Session::active()) {
|
|
$result = true;
|
|
} else {
|
|
$result = false;
|
|
}
|
|
return $result;
|
|
}
|
|
|
|
public static function login($who)
|
|
{
|
|
//grab member list
|
|
$folks = (new Settings())->getFolks();
|
|
$found = find($folks, ["handle" => $who["handle"]]);
|
|
|
|
if ($found) {
|
|
//name is found, verify password
|
|
if (password_verify($who["password"], $found["password"])) {
|
|
$member = [
|
|
"handle" => $found["handle"],
|
|
"email" => $found["email"],
|
|
"role" => $found["role"],
|
|
"avatar" => $found["avi"],
|
|
"key" => $found["key"],
|
|
];
|
|
|
|
$token = Token::create(
|
|
$found["key"],
|
|
$found["secret"],
|
|
time() + 3600,
|
|
"localhost"
|
|
); //expires in an hour
|
|
Session::start();
|
|
Session::set("member", $member);
|
|
Session::set("token", $token);
|
|
|
|
$result = "good_login";
|
|
} else {
|
|
$result = "bad_pass";
|
|
}
|
|
} else {
|
|
//if name is not found
|
|
$result = "no_name";
|
|
}
|
|
return $result;
|
|
}
|
|
|
|
public static function findSecret($data)
|
|
{
|
|
$result = [];
|
|
$folks = (new Settings())->getFolks();
|
|
|
|
if (
|
|
!empty($data["email"]) &&
|
|
filter_var($data["email"], FILTER_VALIDATE_EMAIL)
|
|
) {
|
|
$found = find($folks, ["email" => $data["email"]]);
|
|
if ($found) {
|
|
//if email is cool, check mail relay status
|
|
//if set up, send secret there, if not just return it
|
|
$config = new Settings();
|
|
$settings = $config->getSettings();
|
|
$email = $settings["email"]["active"];
|
|
if ($email != "option-none") {
|
|
$data["mail_task"] = "SEND_SECRET";
|
|
$data["secret"] = $found["secret"];
|
|
$result = Mailer::sendmail($data);
|
|
} else {
|
|
$result = [
|
|
"message" => "Valid email, but no email set up!",
|
|
"type" => "secretFound",
|
|
"secret" => $found["secret"],
|
|
];
|
|
}
|
|
} else {
|
|
$result = [
|
|
"message" => "No valid email, no goodies, pleighboi",
|
|
"type" => "secretNotFound",
|
|
];
|
|
}
|
|
} else {
|
|
$result = [
|
|
"message" => "Aye, this address is not right, slick.",
|
|
"type" => "secretNotFound",
|
|
];
|
|
}
|
|
|
|
return $result;
|
|
}
|
|
|
|
public static function makeNewPassword($data)
|
|
{
|
|
//check if passwordsmatch
|
|
if ($data["newPass"] == $data["newPassConfirm"]) {
|
|
//verify secret
|
|
$folks = (new Settings())->getFolks();
|
|
$found = find($folks, ["secret" => $data["secret"]]);
|
|
if ($found) {
|
|
//create new pass and secret key, then update file
|
|
$hash = password_hash($data["newPass"], PASSWORD_DEFAULT);
|
|
$freshSecret = StringTools::randomString(12);
|
|
Member::updateData("password", $hash, $data["secret"]);
|
|
Member::updateData("secret", $freshSecret, $data["secret"]);
|
|
$result = [
|
|
"message" => "Password Updated. Very nice!",
|
|
"type" => "passCreated",
|
|
];
|
|
} else {
|
|
$result = [
|
|
"message" => "Secret key is invalid. Try to retrieve it again",
|
|
"type" => "passNotCreated",
|
|
];
|
|
}
|
|
} else {
|
|
$result = [
|
|
"message" => "Passwords don't match. Try it again.",
|
|
"type" => "passNotCreated",
|
|
];
|
|
}
|
|
|
|
return $result;
|
|
}
|
|
|
|
public static function logout()
|
|
{
|
|
Session::kill();
|
|
}
|
|
}
|