luticate
/
api-auth
Watch 1
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 6 Wiki Activity
Browse Source

login

tags/0.1.0
Robin Thoni 9 years ago
parent
14fa75e2e7
commit
50a4ea3ce2
3 changed files with 108 additions and 35 deletions
Split View Show Diff Stats
  1. 77
    0
      src/Auth/Business/LuticateBusiness.php
  2. 19
    35
      src/Auth/Business/LuticateUsersBusiness.php
  3. 12
    0
      src/Auth/DataAccess/LuticateUsersDataAccess.php

+ 77
- 0
src/Auth/Business/LuticateBusiness.php View File 

@@ -0,0 +1,77 @@
1 
+<?php
2 
+/**
3 
+ * Created by PhpStorm.
4 
+ * User: robin
5 
+ * Date: 9/30/15
6 
+ * Time: 7:04 PM
7 
+ */
8 
+
9 
+namespace Luticate\Auth\Business;
10 
+
11 
+use Illuminate\Http\Request;
12 
+use Luticate\Auth\DBO\LuticateUsersDbo;
13 
+use Luticate\Utils\LuRoute;
14 
+
15 
+class LuticateBusiness
16 
+{
17 
+    const TOKEN_HEADER = "X-Authentication";
18 
+
19 
+    /**
20 
+     * @var LuticateUsersDbo
21 
+     */
22 
+    private static $_currentUser;
23 
+
24 
+    public static function getCurrentUser()
25 
+    {
26 
+        return self::$_currentUser;
27 
+    }
28 
+
29 
+    /**
30 
+     * @param $permissions string[]
31 
+     * @param $request Request
32 
+     * @return bool
33 
+     */
34 
+    public static function authFilter($permissions, $request)
35 
+    {
36 
+        $token = $request->header(self::TOKEN_HEADER);
37 
+        if ($token != null && $token != "") {
38 
+            $data = JwtHelper::decode($token);
39 
+            if ($data != null) {
40 
+                $user_id = $data[JwtHelper::USER_KEY];
41 
+                self::$_currentUser = LuticateUsersBusiness::getById($user_id);
42 
+            }
43 
+        }
44 
+
45 
+        if (self::$_currentUser == null && count($permissions) != 0) {
46 
+            return false;
47 
+        }
48 
+
49 
+        foreach ($permissions as $permission) {
50 
+            $value = LuticatePermissionsBusiness::getUserPermission(self::$_currentUser->getId(), $permission);
51 
+            if (!$value->getVal()) {
52 
+                return false;
53 
+            }
54 
+        }
55 
+        return true;
56 
+    }
57 
+
58 
+    /**
59 
+     * @param $route LuRoute
60 
+     */
61 
+    public static function setupAuth($route)
62 
+    {
63 
+        $route->setMiddleware(function($permissions, $request)
64 
+        {
65 
+            return self::authFilter($permissions, $request);
66 
+        });
67 
+    }
68 
+
69 
+    /**
70 
+     * @param $route LuRoute
71 
+     */
72 
+    public static function setupRoutes($route)
73 
+    {
74 
+        $prefix = "/luticate";
75 
+        $route->post("$prefix/login", "LuticateUsers", "login");
76 
+    }
77 
+}

+ 19
- 35
src/Auth/Business/LuticateUsersBusiness.php View File 

@@ -2,55 +2,39 @@
2 2
3 3 
 namespace Luticate\Auth\Business;
4 4
5 
-use Illuminate\Http\Request;
6 5 
 use Luticate\Utils\LuBusiness;
7 6 
 use Luticate\Auth\DataAccess\LuticateUsersDataAccess;
8 7 
 use Luticate\Auth\DBO\LuticateUsersDbo;
9 8
10 9 
 class LuticateUsersBusiness extends LuBusiness {
11 
-    /**
12 
-     * @var LuticateUsersDbo
13 
-     */
14 
-    private static $_currentUser;
15 
-
16 
-    const TOKEN_HEADER = "X-Authentication";
17 10
18 11 
     protected static function getDataAccess()
19 12 
     {
20 13 
         return new LuticateUsersDataAccess();
21 14 
     }
22 15
23 
-    public static function getCurrentUser()
16 
+    protected static function badPassword()
17 
+    {
18 
+        abort(401, "Bad username/password");
19 
+    }
20 
+
21 
+    public static function hashPassword($password)
22 
+    {
23 
+        return password_hash($password, PASSWORD_BCRYPT);
24 
+    }
25 
+
26 
+    public static function verifyPassword($password, $hash)
24 27 
     {
25 
-        return self::$_currentUser;
28 
+        return password_verify($password, $hash);
26 29 
     }
27 30
28 
-    /**
29 
-     * @param $permissions string[]
30 
-     * @param $request Request
31 
-     * @return bool
32 
-     */
33 
-    public static function authFilter($permissions, $request)
31 
+    public static function login($username, $password)
34 32 
     {
35 
-        $token = $request->header(self::TOKEN_HEADER);
36 
-        if ($token != null && $token != "") {
37 
-            $data = JwtHelper::decode($token);
38 
-            if ($data != null) {
39 
-                $user_id = $data[JwtHelper::USER_KEY];
40 
-                self::$_currentUser = self::getById($user_id);
41 
-            }
42 
-        }
43 
-
44 
-        if (self::$_currentUser == null && count($permissions) != 0) {
45 
-            return false;
46 
-        }
47 
-
48 
-        foreach ($permissions as $permission) {
49 
-            $value = LuticatePermissionsBusiness::getUserPermission(self::$_currentUser->getId(), $permission);
50 
-            if (!$value->getVal()) {
51 
-                return false;
52 
-            }
53 
-        }
54 
-        return true;
33 
+        $user = LuticateUsersDataAccess::getByUsername($username);
34 
+        if (is_null($user))
35 
+            self::badPassword();
36 
+        if (!self::verifyPassword($password, $user->getPassword()))
37 
+            self::badPassword();
38 
+        return $user;
55 39 
     }
56 40 
 }

+ 12
- 0
src/Auth/DataAccess/LuticateUsersDataAccess.php View File 

@@ -11,4 +11,16 @@ class LuticateUsersDataAccess extends LuDataAccess {
11 11 
     {
12 12 
         return new LuticateUsers();
13 13 
     }
14 
+
15 
+    /**
16 
+     * @param $username string
17 
+     * @return LuticateUsersDbo|null
18 
+     */
19 
+    public static function getByUsername($username)
20 
+    {
21 
+        $user = LuticateUsers::where("username", "=", $username);
22 
+        if (is_null($user))
23 
+            return null;
24 
+        return $user->toDbo();
25 
+    }
14 26 
 }

Write Preview
Loading…
Cancel
Save