refactoring

This commit is contained in:
xinatorus 2020-05-12 19:25:08 +02:00
parent 6458e89dea
commit 3981d9551d
2 changed files with 40 additions and 40 deletions

View File

@ -1,7 +1,7 @@
<?php <?php
class AuthApi { class AuthApi {
public function login(){ public function login(){
$token = (new ApiManager)->getToken($this->input->username,$this->input->password); $token = (new AuthManager)->getToken($this->input->username,$this->input->password);
if (!$token) { if (!$token) {
throw new Exception("Auth failed", 401); throw new Exception("Auth failed", 401);
} }
@ -10,7 +10,7 @@ class AuthApi {
public function logout(){ public function logout(){
$authenticationBearrer = $_SERVER['HTTP_AUTHORIZATION']; $authenticationBearrer = $_SERVER['HTTP_AUTHORIZATION'];
if (!(new ApiManager)->deleteToken($authenticationBearrer)) { if (!(new AuthManager)->deleteToken($authenticationBearrer)) {
throw new Exception("logout Failed", 401); throw new Exception("logout Failed", 401);
} }
} }

View File

@ -1,45 +1,45 @@
<?php <?php
class AuthManager { class AuthManager {
public function getToken($username, $password){ public function getToken($username, $password){
$userManager = new UserManager(); $userManager = new UserManager();
if ($username != '' || $password != ''){ if ($username != '' || $password != ''){
$userLogedIn = $userManager->loginNew($username, $password); $userLogedIn = $userManager->loginNew($username, $password);
if ($userLogedIn != false){
// Create token header as a JSON string
$header = json_encode(['typ' => 'JWT', 'alg' => 'HS256']);
// Create token payload as a JSON string
$payload = json_encode(['user_id' => $userLogedIn]);
// Encode Header to Base64Url String
$base64UrlHeader = str_replace(['+', '/', '='], ['-', '_', ''], base64_encode($header));
// Encode Payload to Base64Url String
$base64UrlPayload = str_replace(['+', '/', '='], ['-', '_', ''], base64_encode($payload));
// Create Signature Hash
$signature = hash_hmac('sha256', $base64UrlHeader . "." . $base64UrlPayload, 'abC123!', true);
// Encode Signature to Base64Url String
$base64UrlSignature = str_replace(['+', '/', '='], ['-', '_', ''], base64_encode($signature));
// Create JWT
$jwt = $base64UrlHeader . "." . $base64UrlPayload . "." . $base64UrlSignature;
return $jwt;
}
}
return false;
}
public function deleteToken($token){ if ($userLogedIn != false){
Db::command ('DELETE FROM tokens WHERE token=?', array ($token)); // Create token header as a JSON string
return true; $header = json_encode(['typ' => 'JWT', 'alg' => 'HS256']);
} // Create token payload as a JSON string
$payload = json_encode(['user_id' => $userLogedIn]);
// Encode Header to Base64Url String
$base64UrlHeader = str_replace(['+', '/', '='], ['-', '_', ''], base64_encode($header));
// Encode Payload to Base64Url String
$base64UrlPayload = str_replace(['+', '/', '='], ['-', '_', ''], base64_encode($payload));
// Create Signature Hash
$signature = hash_hmac('sha256', $base64UrlHeader . "." . $base64UrlPayload, 'abC123!', true);
// Encode Signature to Base64Url String
$base64UrlSignature = str_replace(['+', '/', '='], ['-', '_', ''], base64_encode($signature));
// Create JWT
$jwt = $base64UrlHeader . "." . $base64UrlPayload . "." . $base64UrlSignature;
public function validateToken($token){ return $jwt;
$tokens = Db::loadAll('SELECT * FROM tokens WHERE token = ? AND expire >= CURRENT_TIMESTAMP AND blocked = 0;', array($token)); }
if (count($tokens) == 1) { }
return false;
}
public function deleteToken($token){
Db::command ('DELETE FROM tokens WHERE token=?', array ($token));
return true;
}
public function validateToken($token){
$tokens = Db::loadAll('SELECT * FROM tokens WHERE token = ? AND expire >= CURRENT_TIMESTAMP AND blocked = 0;', array($token));
if (count($tokens) == 1) {
return true; return true;
} else if (count($tokens) == 0) { } else if (count($tokens) == 0) {
return false; return false;
}; };
return false; return false;
} }
} }