refactoring
This commit is contained in:
xinatorus
parent
6458e89dea
commit
3981d9551d
|
|
@ -1,7 +1,7 @@
|
||||||
<?php
|
<?php
|
||||||
class AuthApi {
|
class AuthApi {
|
||||||
public function login(){
|
public function login(){
|
||||||
$token = (new ApiManager)->getToken($this->input->username,$this->input->password);
|
$token = (new AuthManager)->getToken($this->input->username,$this->input->password);
|
||||||
if (!$token) {
|
if (!$token) {
|
||||||
throw new Exception("Auth failed", 401);
|
throw new Exception("Auth failed", 401);
|
||||||
}
|
}
|
||||||
|
|
@ -10,7 +10,7 @@ class AuthApi {
|
||||||
|
|
||||||
public function logout(){
|
public function logout(){
|
||||||
$authenticationBearrer = $_SERVER['HTTP_AUTHORIZATION'];
|
$authenticationBearrer = $_SERVER['HTTP_AUTHORIZATION'];
|
||||||
if (!(new ApiManager)->deleteToken($authenticationBearrer)) {
|
if (!(new AuthManager)->deleteToken($authenticationBearrer)) {
|
||||||
throw new Exception("logout Failed", 401);
|
throw new Exception("logout Failed", 401);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -1,45 +1,45 @@
|
||||||
<?php
|
<?php
|
||||||
|
|
||||||
class AuthManager {
|
class AuthManager {
|
||||||
public function getToken($username, $password){
|
public function getToken($username, $password){
|
||||||
$userManager = new UserManager();
|
$userManager = new UserManager();
|
||||||
if ($username != '' || $password != ''){
|
if ($username != '' || $password != ''){
|
||||||
$userLogedIn = $userManager->loginNew($username, $password);
|
$userLogedIn = $userManager->loginNew($username, $password);
|
||||||
|
|
||||||
if ($userLogedIn != false){
|
if ($userLogedIn != false){
|
||||||
// Create token header as a JSON string
|
// Create token header as a JSON string
|
||||||
$header = json_encode(['typ' => 'JWT', 'alg' => 'HS256']);
|
$header = json_encode(['typ' => 'JWT', 'alg' => 'HS256']);
|
||||||
// Create token payload as a JSON string
|
// Create token payload as a JSON string
|
||||||
$payload = json_encode(['user_id' => $userLogedIn]);
|
$payload = json_encode(['user_id' => $userLogedIn]);
|
||||||
// Encode Header to Base64Url String
|
// Encode Header to Base64Url String
|
||||||
$base64UrlHeader = str_replace(['+', '/', '='], ['-', '_', ''], base64_encode($header));
|
$base64UrlHeader = str_replace(['+', '/', '='], ['-', '_', ''], base64_encode($header));
|
||||||
// Encode Payload to Base64Url String
|
// Encode Payload to Base64Url String
|
||||||
$base64UrlPayload = str_replace(['+', '/', '='], ['-', '_', ''], base64_encode($payload));
|
$base64UrlPayload = str_replace(['+', '/', '='], ['-', '_', ''], base64_encode($payload));
|
||||||
// Create Signature Hash
|
// Create Signature Hash
|
||||||
$signature = hash_hmac('sha256', $base64UrlHeader . "." . $base64UrlPayload, 'abC123!', true);
|
$signature = hash_hmac('sha256', $base64UrlHeader . "." . $base64UrlPayload, 'abC123!', true);
|
||||||
// Encode Signature to Base64Url String
|
// Encode Signature to Base64Url String
|
||||||
$base64UrlSignature = str_replace(['+', '/', '='], ['-', '_', ''], base64_encode($signature));
|
$base64UrlSignature = str_replace(['+', '/', '='], ['-', '_', ''], base64_encode($signature));
|
||||||
// Create JWT
|
// Create JWT
|
||||||
$jwt = $base64UrlHeader . "." . $base64UrlPayload . "." . $base64UrlSignature;
|
$jwt = $base64UrlHeader . "." . $base64UrlPayload . "." . $base64UrlSignature;
|
||||||
|
|
||||||
return $jwt;
|
return $jwt;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
public function deleteToken($token){
|
public function deleteToken($token){
|
||||||
Db::command ('DELETE FROM tokens WHERE token=?', array ($token));
|
Db::command ('DELETE FROM tokens WHERE token=?', array ($token));
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
public function validateToken($token){
|
public function validateToken($token){
|
||||||
$tokens = Db::loadAll('SELECT * FROM tokens WHERE token = ? AND expire >= CURRENT_TIMESTAMP AND blocked = 0;', array($token));
|
$tokens = Db::loadAll('SELECT * FROM tokens WHERE token = ? AND expire >= CURRENT_TIMESTAMP AND blocked = 0;', array($token));
|
||||||
if (count($tokens) == 1) {
|
if (count($tokens) == 1) {
|
||||||
return true;
|
return true;
|
||||||
} else if (count($tokens) == 0) {
|
} else if (count($tokens) == 0) {
|
||||||
return false;
|
return false;
|
||||||
};
|
};
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue