$user->getId(), self::KEY_SALT => $user->getSalt(), self::KEY_DATA => $data ), $session_time); } public function login(LuUsersLoginDbo $login) { $user = static::getDataAccess()->getByUsernameOrEmail($login->getUsername()); if (is_null($user)) self::badPassword(); if (!self::verifyPassword($login->getPassword(), $user->getPassword())) self::badPassword(); /** * @var $result LuUsersLoginResultDbo */ $result = $user->castAs(LuUsersLoginResultDbo::class); $result->setToken(self::getToken($user)); return $result; } public function logout(LuUsersDbo $user) { if ($user->getId() != 0) { $user->setSalt(self::getSalt()); static::getDataAccess()->editSingleById($user); } return true; } public function getSingleLiteById($userId) { /** * @var $user LuUsersDbo */ $user = static::getById($userId); return $user->toLite(); } /** * @param LuQueryDbo $query * @return LuPaginatedDbo */ public function getAllLite(LuQueryDbo $query) { return static::getDataAccess()->getAll($query)->map(function($user) { /** * @var $user LuUsersDbo */ return $user->toLite(); }); } public function add(LuUsersAddDbo $user) { static::checkPasswordRequirements($user->getPassword()); if (filter_var($user->getUsername(), FILTER_VALIDATE_EMAIL)) { self::badInput("Username can not be an email"); } if (!preg_match("/^[A-Za-z0-9\\-_\\.]+$/", $user->getUsername())) { self::badInput("Username can only contain letters (A-Z a-z), numbers (0-9), hyphen (-), underscore (_) and dot (.)"); } if (!filter_var($user->getEmail(), FILTER_VALIDATE_EMAIL)) { self::badInput("Invalid email address"); } $existingUser = static::getDataAccess()->getByUsernameOrEmail($user->getUsername()); if ($existingUser != null) { self::badInput("Username already exists"); } $existingUser = static::getDataAccess()->getByUsernameOrEmail($user->getEmail()); if ($existingUser != null) { self::badInput("Email already used"); } $user->setPassword(self::hashPassword($user->getPassword())); $user->setExternalAuth(null); $user->setProfileId(null); /** * @var LuUsersDbo $newUser */ $newUser = $user->castAs(LuUsersDbo::class); $newUser->setSalt(static::getSalt()); $id = static::getDataAccess()->addSingleId($newUser); return self::getById($id); } public function del(int $userId) { $user = static::getSingleLiteById($userId); if ($userId != 0) { static::deleteById($user->getId()); } return $user; } public function edit(int $userId, LuUsersEditDbo $user) { $existingUser = static::getSingleLiteById($userId); if (!filter_var($user->getEmail(), FILTER_VALIDATE_EMAIL)) { self::badInput("Invalid email address"); } $anotherExistingUser = static::getDataAccess()->getByUsernameOrEmail($user->getEmail()); if ($anotherExistingUser != null && $anotherExistingUser->getId() != $existingUser->getId()) { self::badInput("Email already used"); } $existingUser->setEmail($user->getEmail()); $existingUser->setFirstname($user->getFirstname()); $existingUser->setLastname($user->getLastname()); static::getDataAccess()->editSingleById($existingUser); return static::getSingleLiteById($existingUser->getId()); } public function setPassword(int $userId, string $password) { $this->checkPasswordRequirements($password); /** * @var $existingUser LuUsersDbo */ $existingUser = static::getDataAccess()->getSingleById($userId); $existingUser->setPassword(static::hashPassword($password)); $existingUser->setSalt(static::getSalt()); static::getDataAccess()->editSingleById($existingUser); return true; } public function setPasswordMe(LuUsersDbo $_user, string $password, string $oldPassword) { $loginDbo = new LuUsersLoginDbo(); $loginDbo->setUsername($_user->getUsername()); $loginDbo->setPassword($oldPassword); static::login($loginDbo); return static::setPassword($_user->getId(), $password); } }