bit-badger/feed-reader-central
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 12 Activity

Move domain items up to lib

Browse Source 
- WIP on converting more complex queries
This commit is contained in:
Daniel J. Summers
2024-05-31 22:57:24 -04:00
parent f7f5dba795
commit 610ab67475
16 changed files with 189 additions and 167 deletions
Download Patch File Download Diff File Expand all files Collapse all files

64
src/lib/Security.php
View File

@@ -1,12 +1,9 @@
<?php
namespace FeedReaderCentral;
use BitBadger\Documents\DocumentException;
use BitBadger\Documents\Field;
use BitBadger\Documents\SQLite\Document;
use BitBadger\Documents\SQLite\Find;
use BitBadger\Documents\SQLite\Patch;
use FeedReaderCentral\Domain\Table;
use FeedReaderCentral\Domain\User;
use SQLite3;
/**
@@ -32,39 +29,6 @@ class Security {
/** @var string The password algorithm to use for our passwords */
public const string PW_ALGORITHM = PASSWORD_DEFAULT;
/**
* Find a user by their ID
*
* @param string $email The e-mail address of the user to retrieve
* @param SQLite3 $db The data connection to use to retrieve the user
* @return User|false The user information, or null if the user is not found
*/
public static function findUserByEmail(string $email, SQLite3 $db): User|false {
return Find::firstByField(Table::USER, Field::EQ('email', $email), User::class, $db);
// $query = $db->prepare('SELECT * FROM frc_user WHERE email = :email');
// $query->bindValue(':email', $email);
// $result = $query->execute();
// return $result ? $result->fetchArray(SQLITE3_ASSOC) : false;
}
/**
* Add a user
*
* @param string $email The e-mail address for the user
* @param string $password The user's password
* @param SQLite3 $db The data connection to use to add the user
*/
public static function addUser(string $email, string $password, SQLite3 $db): void {
$user = new User();
$user->email = $email;
$user->password = $password;
Document::insert(Table::USER, $user, $db);
// $query = $db->prepare('INSERT INTO frc_user (email, password) VALUES (:email, :password)');
// $query->bindValue(':email', $email);
// $query->bindValue(':password', password_hash($password, self::PW_ALGORITHM));
// $query->execute();
}
/**
* Verify a user's password
*
@@ -72,15 +36,13 @@ class Security {
* @param string $password The password provided by the user
* @param string|null $returnTo The URL to which the user should be redirected
* @param SQLite3 $db The database connection to use to verify the user's credentials
* @throws DocumentException if any is encountered
*/
private static function verifyPassword(User $user, string $password, ?string $returnTo, SQLite3 $db): void {
private static function verifyPassword(User $user, string $password, ?string $returnTo, SQLite3 $db): void
{
if (password_verify($password, $user->password)) {
if (password_needs_rehash($user->password, self::PW_ALGORITHM)) {
Patch::byId(Table::USER, $user->id, ['password' => password_hash($password, self::PW_ALGORITHM)], $db);
// $rehash = $db->prepare('UPDATE frc_user SET password = :hash WHERE id = :id');
// $rehash->bindValue(':hash', password_hash($password, self::PW_ALGORITHM));
// $rehash->bindValue(':id', $user['id']);
// $rehash->execute();
}
$_SESSION[Key::USER_ID] = $user['id'];
$_SESSION[Key::USER_EMAIL] = $user['email'];
@@ -95,6 +57,7 @@ class Security {
* @param string $password The password provided by the user
* @param string|null $returnTo The URL to which the user should be redirected
* @param SQLite3 $db The database connection to use to verify the user's credentials
* @throws DocumentException If any is encountered
*/
public static function logOnUser(string $email, string $password, ?string $returnTo, SQLite3 $db): void {
if (SECURITY_MODEL == self::SINGLE_USER_WITH_PASSWORD) {
@@ -106,7 +69,7 @@ class Security {
}
$dbEmail = $email;
}
$user = self::findUserByEmail($dbEmail, $db);
$user = User::findByEmail($dbEmail);
if ($user) self::verifyPassword($user, $password, $returnTo, $db);
add_error('Invalid credentials; log on unsuccessful');
}
@@ -117,26 +80,24 @@ class Security {
* @param string $email The e-mail address of the user whose password should be updated
* @param string $password The new password for this user
* @param SQLite3 $db The database connection to use in updating the password
* @throws DocumentException If any is encountered
*/
public static function updatePassword(string $email, string $password, SQLite3 $db): void {
Patch::byField(Table::USER, Field::EQ('email', $email),
Patch::byFields(Table::USER, [Field::EQ('email', $email)],
['password' => password_hash($password, self::PW_ALGORITHM)], $db);
// $query = $db->prepare('UPDATE frc_user SET password = :password WHERE email = :email');
// $query->bindValue(':password', password_hash($password, self::PW_ALGORITHM));
// $query->bindValue(':email', $email);
// $query->execute();
}
/**
* Log on the single user
*
* @param SQLite3 $db The data connection to use to retrieve the user
* @throws DocumentException If any is encountered
*/
private static function logOnSingleUser(SQLite3 $db): void {
$user = self::findUserByEmail(self::SINGLE_USER_EMAIL, $db);
$user = User::findByEmail(self::SINGLE_USER_EMAIL);
if (!$user) {
self::addUser(self::SINGLE_USER_EMAIL, self::SINGLE_USER_PASSWORD, $db);
$user = self::findUserByEmail(self::SINGLE_USER_EMAIL, $db);
User::add(self::SINGLE_USER_EMAIL, self::SINGLE_USER_PASSWORD, $db);
$user = User::findByEmail(self::SINGLE_USER_EMAIL);
}
self::verifyPassword($user, self::SINGLE_USER_PASSWORD, $_GET['returnTo'], $db);
}
@@ -146,6 +107,7 @@ class Security {
*
* @param SQLite3 $db The data connection to use if required
* @param bool $redirectIfAnonymous Whether to redirect the request if there is no user logged on
* @throws DocumentException If any is encountered
*/
public static function verifyUser(SQLite3 $db, bool $redirectIfAnonymous = true): void {
if (key_exists(Key::USER_ID, $_SESSION)) return;