83 lines
3.3 KiB
PHP
83 lines
3.3 KiB
PHP
<?php
|
|
namespace Incoviba\API\Common\Controller;
|
|
|
|
use Psr\Http\Message\ServerRequestInterface as Request;
|
|
use Psr\Http\Message\ResponseInterface as Response;
|
|
use Incoviba\API\Common\Define\Controller\Json;
|
|
use Incoviba\API\Common\Service\Auth as Service;
|
|
use Incoviba\API\Common\Factory\Model as Factory;
|
|
use Incoviba\Auth\User;
|
|
use Incoviba\Auth\Login;
|
|
|
|
class Auth {
|
|
use Json;
|
|
|
|
public function generate(Request $request, Response $response, Service $service): Response {
|
|
$key = $service->generate();
|
|
return $this->withJson($response, compact('key'));
|
|
}
|
|
public function login(Request $request, Response $response, Service $service, Factory $factory): Response {
|
|
$post = json_decode($request->getBody());
|
|
$user = $factory->find(User::class)->where([['name', $post->name]])->one();
|
|
$output = [
|
|
'login' => false,
|
|
'token' => ''
|
|
];
|
|
if ($user->enabled == 0) {
|
|
$this->withJson($response, $output);
|
|
}
|
|
if ($user->validate($post->password)) {
|
|
$token = $service->generateToken();
|
|
$status = $user->setToken($token->selector, $token->token);
|
|
if ($status['logged_in']) {
|
|
$output['login'] = true;
|
|
$output['token'] = $token->full;
|
|
$output['expires'] = $status['expires'];
|
|
}
|
|
}
|
|
return $this->withJson($response, $output);
|
|
}
|
|
protected function getLogin(object $post, Factory $factory): bool|Login {
|
|
list($selector, $token) = explode(':', $post->token); //Token from the cookie
|
|
$login = $factory->find(Login::class)->where([['selector', $selector]])->one();
|
|
if ($login === false or !password_verify($token, $login->token) or !$login->isValid()) {
|
|
return false;
|
|
}
|
|
return $login;
|
|
}
|
|
public function validate(Request $request, Response $response, Factory $factory): Response {
|
|
$post = json_decode($request->getBody());
|
|
if (!$this->getLogin($post, $factory)) {
|
|
return $this->withJson($response, ['token' => $post->token, 'error' => 'Not authorized'], 401);
|
|
}
|
|
return $this->withJson($response, ['token' => $post->token, 'status' => 'Authorized']);
|
|
}
|
|
public function user(Request $request, Response $response, Factory $factory): Response {
|
|
$post = json_decode($request->getBody());
|
|
$login = $this->getLogin($post, $factory);
|
|
if (!$login) {
|
|
return $this->withJson($response, ['token' => $post->token, 'error' => 'Not authorized'], 401);
|
|
}
|
|
$output = [
|
|
'token' => $post->token,
|
|
'user' => $login->user()->name
|
|
];
|
|
return $this->withJson($response, $output);
|
|
}
|
|
public function logout(Request $request, Response $response, Factory $factory): Response {
|
|
$post = json_decode($request->getBody());
|
|
list($selector, $token) = explode(':', $post->token); //Token from the cookie
|
|
$login = $factory->find(Login::class)->where([['selector', $selector]])->one();
|
|
$output = [
|
|
'token' => $post->token,
|
|
'logout' => false
|
|
];
|
|
if ($login !== false) {
|
|
$output['logout'] = $login->user()->logout();
|
|
} else {
|
|
$output['logout'] = true;
|
|
}
|
|
return $this->withJson($response, $output);
|
|
}
|
|
}
|