From 3981d9551def55b42499330c3e2d60e795d2b59b Mon Sep 17 00:00:00 2001 From: xinatorus Date: Tue, 12 May 2020 19:25:08 +0200 Subject: [PATCH] refactoring --- app/api/AuthApi.php | 4 +- app/models/AuthManager.php | 76 +++++++++++++++++++------------------- 2 files changed, 40 insertions(+), 40 deletions(-) diff --git a/app/api/AuthApi.php b/app/api/AuthApi.php index 4d58d8e..a9d6101 100644 --- a/app/api/AuthApi.php +++ b/app/api/AuthApi.php @@ -1,7 +1,7 @@ getToken($this->input->username,$this->input->password); + $token = (new AuthManager)->getToken($this->input->username,$this->input->password); if (!$token) { throw new Exception("Auth failed", 401); } @@ -10,7 +10,7 @@ class AuthApi { public function logout(){ $authenticationBearrer = $_SERVER['HTTP_AUTHORIZATION']; - if (!(new ApiManager)->deleteToken($authenticationBearrer)) { + if (!(new AuthManager)->deleteToken($authenticationBearrer)) { throw new Exception("logout Failed", 401); } } diff --git a/app/models/AuthManager.php b/app/models/AuthManager.php index 24c76b4..88c96a6 100644 --- a/app/models/AuthManager.php +++ b/app/models/AuthManager.php @@ -1,45 +1,45 @@ loginNew($username, $password); - - if ($userLogedIn != false){ - // Create token header as a JSON string - $header = json_encode(['typ' => 'JWT', 'alg' => 'HS256']); - // Create token payload as a JSON string - $payload = json_encode(['user_id' => $userLogedIn]); - // Encode Header to Base64Url String - $base64UrlHeader = str_replace(['+', '/', '='], ['-', '_', ''], base64_encode($header)); - // Encode Payload to Base64Url String - $base64UrlPayload = str_replace(['+', '/', '='], ['-', '_', ''], base64_encode($payload)); - // Create Signature Hash - $signature = hash_hmac('sha256', $base64UrlHeader . "." . $base64UrlPayload, 'abC123!', true); - // Encode Signature to Base64Url String - $base64UrlSignature = str_replace(['+', '/', '='], ['-', '_', ''], base64_encode($signature)); - // Create JWT - $jwt = $base64UrlHeader . "." . $base64UrlPayload . "." . $base64UrlSignature; - - return $jwt; - } - } - return false; - } + public function getToken($username, $password){ + $userManager = new UserManager(); + if ($username != '' || $password != ''){ + $userLogedIn = $userManager->loginNew($username, $password); - public function deleteToken($token){ - Db::command ('DELETE FROM tokens WHERE token=?', array ($token)); - return true; - } + if ($userLogedIn != false){ + // Create token header as a JSON string + $header = json_encode(['typ' => 'JWT', 'alg' => 'HS256']); + // Create token payload as a JSON string + $payload = json_encode(['user_id' => $userLogedIn]); + // Encode Header to Base64Url String + $base64UrlHeader = str_replace(['+', '/', '='], ['-', '_', ''], base64_encode($header)); + // Encode Payload to Base64Url String + $base64UrlPayload = str_replace(['+', '/', '='], ['-', '_', ''], base64_encode($payload)); + // Create Signature Hash + $signature = hash_hmac('sha256', $base64UrlHeader . "." . $base64UrlPayload, 'abC123!', true); + // Encode Signature to Base64Url String + $base64UrlSignature = str_replace(['+', '/', '='], ['-', '_', ''], base64_encode($signature)); + // Create JWT + $jwt = $base64UrlHeader . "." . $base64UrlPayload . "." . $base64UrlSignature; - public function validateToken($token){ - $tokens = Db::loadAll('SELECT * FROM tokens WHERE token = ? AND expire >= CURRENT_TIMESTAMP AND blocked = 0;', array($token)); - if (count($tokens) == 1) { + return $jwt; + } + } + return false; + } + + public function deleteToken($token){ + Db::command ('DELETE FROM tokens WHERE token=?', array ($token)); + return true; + } + + public function validateToken($token){ + $tokens = Db::loadAll('SELECT * FROM tokens WHERE token = ? AND expire >= CURRENT_TIMESTAMP AND blocked = 0;', array($token)); + if (count($tokens) == 1) { return true; - } else if (count($tokens) == 0) { - return false; - }; - return false; - } + } else if (count($tokens) == 0) { + return false; + }; + return false; + } }