PHP_SMART_HOME_V3/app/models/managers/AuthManager.php

64 lines
2.0 KiB
PHP
Raw Normal View History

2020-05-16 15:18:27 +00:00
<?php
class AuthManager {
2020-05-16 23:27:06 +00:00
public function getToken($username, $password, $userAgent = null){
if ($userAgent == null) {
2020-05-17 12:15:54 +00:00
$userAgent = $_SERVER['HTTP_USER_AGENT'];
2020-05-16 23:27:06 +00:00
}
2020-05-16 15:18:27 +00:00
$userManager = new UserManager();
if ($username != '' || $password != ''){
$userLogedIn = $userManager->loginNew($username, $password);
if ($userLogedIn != false){
// Create token header as a JSON string
$header = json_encode(['typ' => 'JWT', 'alg' => 'HS256']);
// Create token payload as a JSON string
2020-05-16 23:27:06 +00:00
$payload = json_encode([
'user_id' => $userLogedIn,
'exp' => date('Y-m-d H:i:s',strtotime("+90 Days")),
'iat' => date('Y-m-d H:i:s',time()),
]);
2020-05-16 15:18:27 +00:00
// Encode Header to Base64Url String
$base64UrlHeader = str_replace(['+', '/', '='], ['-', '_', ''], base64_encode($header));
// Encode Payload to Base64Url String
$base64UrlPayload = str_replace(['+', '/', '='], ['-', '_', ''], base64_encode($payload));
// Create Signature Hash
$signature = hash_hmac('sha256', $base64UrlHeader . "." . $base64UrlPayload, 'abC123!', true);
// Encode Signature to Base64Url String
$base64UrlSignature = str_replace(['+', '/', '='], ['-', '_', ''], base64_encode($signature));
// Create JWT
$jwt = $base64UrlHeader . "." . $base64UrlPayload . "." . $base64UrlSignature;
2020-05-16 23:27:06 +00:00
$token = [
'user_id' => $userLogedIn,
'user_agent' => $userAgent,
'token' => $jwt,
'expire' => date('Y-m-d H:i:s',strtotime("+90 Days")),
'issued' => date('Y-m-d H:i:s',time()),
];
if (Db::add ('tokens', $token)){
return $jwt;
}
2020-05-16 15:18:27 +00:00
}
}
return false;
}
public function deleteToken($token){
Db::command ('DELETE FROM tokens WHERE token=?', array ($token));
return true;
}
public function validateToken($token){
$tokens = Db::loadAll('SELECT * FROM tokens WHERE token = ? AND expire >= CURRENT_TIMESTAMP AND blocked = 0;', array($token));
if (count($tokens) == 1) {
return true;
} else if (count($tokens) == 0) {
return false;
};
return false;
}
}