Authenticacion

common/Controller/Web/Admin/Clave.php

@@ -0,0 +1,44 @@
+<?php
+namespace ProVm\NotariaRaby\Common\Controller\Web\Admin;
+
+use Psr\Container\ContainerInterface as Container;
+use Psr\Http\Message\ServerRequestInterface as Request;
+use Psr\Http\Message\ResponseInterface as Response;
+use Slim\Views\Blade as View;
+use ProVM\Common\Service\Filemanager;
+use ProVM\NotariaRaby\Common\Service\Login;
+
+class Clave {
+  public function __invoke(Request $request, Response $response, View $view): Response {
+    return $view->render($response, 'admin.clave');
+  }
+  public function do_edit(Request $request, Response $response, Container $container, Filemanager $filemanager, Login $service): Response {
+    $filename = implode(DIRECTORY_SEPARATOR, [
+      dirname(__DIR__, 4),
+      '.env'
+    ]);
+    $vars = [];
+    if (file_exists($filename)) {
+      $vars = explode(PHP_EOL, trim(file_get_contents($filename)));
+    }
+    $i = 0;
+    foreach ($vars as $i => $var) {
+      if (strpos($var, 'ADMIN_PASSWORD=') !== false) {
+        break;
+      }
+    }
+    $post = $request->getParsedBody();
+    $enc = password_hash($post['clave'], \PASSWORD_DEFAULT);
+    $vars[$i] = implode('=', [
+      'ADMIN_PASSWORD',
+      '"' . $enc . '"'
+    ]);
+    file_put_contents($filename, implode(PHP_EOL, $vars));
+    return $response
+      ->withHeader('Location', implode('/', [
+        $container->get('urls.base'),
+        'admin'
+      ]))
+      ->withStatus(301);
+  }
+}

common/Controller/Web/Admin/Login.php

@@ -1,12 +1,23 @@
 <?php
 namespace ProVM\NotariaRaby\Common\Controller\Web\Admin;
 
+use Psr\Container\ContainerInterface as Container;
 use Psr\Http\Message\ServerRequestInterface as Request;
 use Psr\Http\Message\ResponseInterface as Response;
 use Slim\Views\Blade as View;
+use ProVM\NotariaRaby\Common\Service\Login as Service;
 
 class Login {
   public function __invoke(Request $request, Response $response, View $view): Response {
     return $view->render($response, 'admin.login');
   }
+  public function do_login(Request $request, Response $response, Service $login, Container $container): Response {
+    $login->login($request);
+    return $response
+      ->withHeader('Location', implode('/', [
+        $container->get('urls.base'),
+        'admin'
+      ]))
+      ->withStatus(301);
+  }
 }

common/Controller/Web/Home.php

@@ -12,7 +12,7 @@ class Home {
   public function __invoke(Request $request, Response $response, View $view, Filemanager $manager, Container $container): Response {
     $banner = (object) [
       'titulo' => "5° NOTARÍA DE SANTIAGO",
-      'contenido' => "Gertrudis Echenique 30, of. 32, El Golf\n<i class=\"large icon icon-metro\"></i> Metro Alcantara"
+      'contenido' => '<a href="' . $container->get('urls.direccion') . '">Gertrudis Echenique 30, of. 32, El Golf' . "\n" . '<i class="large icon icon-metro"></i> Metro Alcantara</a>'
     ];
 
     $links = $manager->folder('data')->load('documentos.yml');

common/Middleware/Auth.php

@@ -0,0 +1,28 @@
+<?php
+namespace ProVM\NotariaRaby\Common\Middleware;
+
+use Psr\Http\Message\ServerRequestInterface as Request;
+use Psr\Http\Server\RequestHandlerInterface as Handler;
+use Psr\Http\Message\ResponseInterface as Response;
+use Psr\Container\ContainerInterface as Container;
+use ProVM\NotariaRaby\Common\Service\Login;
+
+class Auth {
+  protected $users;
+  public function __construct(array $users, string $login_url, Login $service) {
+    $this->users = $users;
+    $this->login_url = $login_url;
+    $this->login = $service;
+  }
+  public function __invoke(Request $request, Handler $handler): Response {
+    $response = $handler->handle($request);
+
+    $is_logged_in = $this->login->checkAuth($request);
+    if (!$is_logged_in and $request->getRequestTarget() != $this->login_url) {
+      return $response
+        ->withHeader('Location', $this->login_url)
+        ->withStatus(301);
+    }
+    return $response;
+  }
+}

common/Service/Login.php

@@ -0,0 +1,110 @@
+<?php
+namespace ProVM\NotariaRaby\Common\Service;
+
+use Psr\Http\Message\ServerRequestInterface as Request;
+use Carbon\Carbon;
+use ProVM\Common\Service\Filemanager;
+
+class Login {
+  protected $cookie_name;
+  protected $time_limit;
+  protected $password;
+  protected $filename;
+  protected $manager;
+  public function __construct(string $cookie_name, int $time_limit, string $encrypted_password, string $login_file, Filemanager $filemanager) {
+    $this->cookie_name = $cookie_name;
+    $this->time_limit = $time_limit;
+    $this->password = $encrypted_password;
+    $this->filename = $login_file;
+    $this->manager = $filemanager;
+  }
+
+  protected $selector;
+  protected $token;
+  public function loadCookie() {
+    if (isset($_COOKIE[$this->cookie_name])) {
+  		list($s, $t) = \explode(':', $_COOKIE[$this->cookie_name]);
+  		$this->selector = $s;
+  		$this->token = $t;
+  	}
+  }
+  public function saveCookie() {
+  	$now = Carbon::now();
+  	$exp = $now->addSeconds($this->time_limit);
+    \setcookie($this->cookie_name, implode(':', [$this->selector, $this->token]), $exp->timestamp, '/');
+  }
+  public function removeCookie() {
+    \setcookie($this->cookie_name, '', Carbon::now()->timestamp, '/');
+  }
+  protected function generateToken() {
+    $this->selector = bin2hex(\random_bytes(12));
+    $this->token = bin2hex(\random_bytes(20));
+  }
+  protected $data;
+  public function getData() {
+    if ($this->data === null) {
+      $this->data = (object) [
+        'ip' => 0,
+        'token' => '',
+        'time' => 0
+      ];
+      if ($this->manager->folder('data')->exists($this->filename)) {
+        $this->data = $this->manager->folder('data')->load($this->filename);
+        $this->data->time = Carbon::parse($this->data->time);
+      }
+    }
+  }
+  protected $ip;
+  public function getIp(Request $request) {
+    if ($this->ip === null) {
+      $this->ip = $request->getHeader('host')[0];
+    }
+    return $this->ip;
+  }
+
+  protected $is_logged_in;
+  public function checkAuth(Request $request): bool {
+    if ($this->is_logged_in === null) {
+      $this->loadCookie();
+      if ($this->selector === null) {
+        $this->is_logged_in = false;
+        return false;
+      }
+      $this->getIp($request);
+      $this->getData();
+
+      if ($this->data->ip != $this->ip) {
+        $this->is_logged_in = false;
+        return false;
+      }
+      if ($this->data->token != implode(':', [$this->selector, $this->token])) {
+        $this->is_logged_in = false;
+        return false;
+      }
+      $now = Carbon::now();
+      if ($this->data->time->copy()->addSeconds($this->time_limit)->diffInSeconds($now->copy()) < 0) {
+        $this->is_logged_in = false;
+      }
+      $this->is_logged_in = true;
+    }
+    return $this->is_logged_in;
+  }
+  public function login(Request $request): bool {
+    $post = $request->getParsedBody();
+    if (!password_verify($post['clave'], $this->password)) {
+      return false;
+    }
+    $this->generateToken();
+    $this->getIp($request);
+    $time = Carbon::now();
+    $data = [
+      'ip' => $this->ip,
+      'token' => implode(':', [$this->selector, $this->token]),
+      'time' => $time->format('Y-m-d H:i')
+    ];
+    $this->manager->folder('data')->save($this->filename, $data);
+    $this->saveCookie();
+    $this->is_logged_in = true;
+    return true;
+  }
+}