0.1.0
This commit is contained in:
@ -5,9 +5,8 @@ use Psr\Http\Message\ServerRequestInterface as Request;
|
||||
use Psr\Http\Message\ResponseInterface as Response;
|
||||
use Incoviba\API\Common\Define\Controller\Json;
|
||||
use Incoviba\API\Common\Service\Auth as Service;
|
||||
use Incoviba\API\Common\Factory\Model as Factory;
|
||||
use Incoviba\Auth\User;
|
||||
use Incoviba\Auth\Login;
|
||||
use Incoviba\API\Common\Service\Login as LoginService;
|
||||
use Incoviba\Mapper\User as UserMapper;
|
||||
|
||||
class Auth {
|
||||
use Json;
|
||||
@ -16,19 +15,19 @@ class Auth {
|
||||
$key = $service->generate();
|
||||
return $this->withJson($response, compact('key'));
|
||||
}
|
||||
public function login(Request $request, Response $response, Service $service, Factory $factory): Response {
|
||||
public function login(Request $request, Response $response, Service $service, LoginService $loginService, UserMapper $mapper): Response {
|
||||
$post = json_decode($request->getBody());
|
||||
$user = $factory->find(User::class)->where([['name', $post->name]])->one();
|
||||
$user = $mapper->fetchByName($post->name);
|
||||
$output = [
|
||||
'login' => false,
|
||||
'token' => ''
|
||||
];
|
||||
if ($user->enabled == 0) {
|
||||
$this->withJson($response, $output);
|
||||
if (!$user or !$user->enabled) {
|
||||
return $this->withJson($response, $output);
|
||||
}
|
||||
if ($user->validate($post->password)) {
|
||||
$token = $service->generateToken();
|
||||
$status = $user->setToken($token->selector, $token->token);
|
||||
$status = $loginService->setToken($user, $token->selector, $token->token);
|
||||
if ($status['logged_in']) {
|
||||
$output['login'] = true;
|
||||
$output['token'] = $token->full;
|
||||
@ -37,46 +36,41 @@ class Auth {
|
||||
}
|
||||
return $this->withJson($response, $output);
|
||||
}
|
||||
protected function getLogin(object $post, Factory $factory): bool|Login {
|
||||
list($selector, $token) = explode(':', $post->token); //Token from the cookie
|
||||
$login = $factory->find(Login::class)->where([['selector', $selector]])->one();
|
||||
if ($login === false or !password_verify($token, $login->token) or !$login->isValid()) {
|
||||
return false;
|
||||
}
|
||||
return $login;
|
||||
}
|
||||
public function validate(Request $request, Response $response, Factory $factory): Response {
|
||||
public function validate(Request $request, Response $response, LoginService $loginService): Response {
|
||||
$post = json_decode($request->getBody());
|
||||
if (!$this->getLogin($post, $factory)) {
|
||||
return $this->withJson($response, ['token' => $post->token, 'error' => 'Not authorized'], 401);
|
||||
$valid = $loginService->validate($post);
|
||||
$output = [
|
||||
'token' => $post->token
|
||||
];
|
||||
if ($valid) {
|
||||
$output['status'] = 'Authorized';
|
||||
} else {
|
||||
$output['error'] = 'Not authorized';
|
||||
}
|
||||
return $this->withJson($response, ['token' => $post->token, 'status' => 'Authorized']);
|
||||
return $this->withJson($response, $output, $valid ? 200 : 401);
|
||||
}
|
||||
public function user(Request $request, Response $response, Factory $factory): Response {
|
||||
public function user(Request $request, Response $response, LoginService $loginService): Response {
|
||||
$post = json_decode($request->getBody());
|
||||
$login = $this->getLogin($post, $factory);
|
||||
if (!$login) {
|
||||
$user = $loginService->getUser($post);
|
||||
if (!$user) {
|
||||
return $this->withJson($response, ['token' => $post->token, 'error' => 'Not authorized'], 401);
|
||||
}
|
||||
$output = [
|
||||
'token' => $post->token,
|
||||
'user' => $login->user()->name
|
||||
'user' => $user->name
|
||||
];
|
||||
return $this->withJson($response, $output);
|
||||
}
|
||||
public function logout(Request $request, Response $response, Factory $factory): Response {
|
||||
public function logout(Request $request, Response $response, LoginService $loginService): Response {
|
||||
$post = json_decode($request->getBody());
|
||||
list($selector, $token) = explode(':', $post->token); //Token from the cookie
|
||||
$login = $factory->find(Login::class)->where([['selector', $selector]])->one();
|
||||
$user = $loginService->getUser($post);
|
||||
if (!$user) {
|
||||
return $this->withJson($response, ['logout' => true]);
|
||||
}
|
||||
$output = [
|
||||
'token' => $post->token,
|
||||
'logout' => false
|
||||
'logout' => $loginService->logout($user)
|
||||
];
|
||||
if ($login !== false) {
|
||||
$output['logout'] = $login->user()->logout();
|
||||
} else {
|
||||
$output['logout'] = true;
|
||||
}
|
||||
return $this->withJson($response, $output);
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user