123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192 |
- <?php
-
- namespace Luticate\Auth\Business;
-
- use Illuminate\Support\Facades\DB;
- use Luticate\Auth\DBO\LuticatePermissions;
- use Luticate\Auth\DBO\LuticateUsersLightDbo;
- use Luticate\Auth\DBO\LuticateUsersLoginDbo;
- use Luticate\Utils\LuBusiness;
- use Luticate\Auth\DataAccess\LuticateUsersDataAccess;
- use Luticate\Auth\DBO\LuticateUsersDbo;
- use Luticate\Utils\LuMultipleDbo;
-
- class LuticateUsersBusiness extends LuBusiness {
-
- const KEY_USER_ID = "user_id";
- const KEY_SALT = "salt";
- const KEY_DATA = "data";
-
- protected static function getDataAccess()
- {
- return new LuticateUsersDataAccess();
- }
-
- protected static function badPassword()
- {
- abort(401, "Bad username/password");
- }
-
- public static function hashPassword($password)
- {
- return password_hash($password, PASSWORD_BCRYPT);
- }
-
- public static function verifyPassword($password, $hash)
- {
- return password_verify($password, $hash);
- }
-
- public static function getSalt($length = 10)
- {
- $characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
- $charactersLength = strlen($characters);
- $randomString = '';
- for ($i = 0; $i < $length; $i++) {
- $randomString .= $characters[rand(0, $charactersLength - 1)];
- }
- return $randomString;
- }
-
- /**
- * @param $user LuticateUsersDbo
- * @param $data mixed
- * @return string
- */
- public static function getToken($user, $data = null)
- {
- $session_time = LuticateSettingsBusiness::getValue("LU_SESSION_DAYS");
- return JwtHelper::encode(array(
- self::KEY_USER_ID => $user->getId(),
- self::KEY_SALT => $user->getSalt(),
- self::KEY_DATA => $data
- ), $session_time);
- }
-
- /**
- * @param $user_id
- * @return LuticateUsersDbo|null
- */
- public static function checkUserId($user_id)
- {
- $user = LuticateUsersDataAccess::getById($user_id);
- if (is_null($user)) {
- self::notFound("User not found");
- }
- return $user;
- }
-
- public static function login($username, $password)
- {
- $user = LuticateUsersDataAccess::getByUsernameOrEmail($username);
- if (is_null($user))
- self::badPassword();
- if (!self::verifyPassword($password, $user->getPassword()))
- self::badPassword();
-
- $user = LuticateUsersLoginDbo::fromUserDbo($user);
- $user->setToken(self::getToken($user));
- return $user;
- }
-
- /**
- * @param $user LuticateUsersDbo
- * @return bool
- */
- public static function logout($user)
- {
- if ($user->getId() != 0) {
- $user->setSalt(self::getSalt());
- LuticateUsersDataAccess::editById($user->getId(), $user);
- }
- return true;
- }
-
- public static function getAllLight($page = 0, $perPage = 2000000000, $query = "")
- {
- $users = self::getAll($page, $perPage, $query);
- return $users->map(function($user)
- {
- return LuticateUsersLightDbo::fromUserDbo($user);
- });
- }
-
- public static function getLightById($user_id)
- {
- $user = self::getById($user_id);
- if (is_null($user)) {
- self::notFound(self::getResourceName() . " not found");
- }
- return LuticateUsersLightDbo::fromUserDbo($user);
- }
-
- public static function deleteById($id)
- {
- if ($id != 0) {
- $res = static::getDataAccess()->deleteById($id);
- if (!$res)
- self::notFound(static::getResourceName() . " not found");
- }
- return true;
- }
-
- public static function add($username, $email, $firstname, $lastname, $password)
- {
- if (strlen($password) < 5) {
- self::badInput("Password must have at least 5 characters");
- }
- $hash = self::hashPassword($password);
- if (filter_var($username, FILTER_VALIDATE_EMAIL))
- self::badInput("Username can not be an email");
- if (!preg_match("/^[A-Za-z0-9\\-_\\.]+$/", $username)) {
- self::badInput("Username can only contain letters (A-Z a-z), numbers (0-9), hyphen (-), underscore (_) and dot (.)");
- }
- if (!filter_var($email, FILTER_VALIDATE_EMAIL))
- self::badInput("Invalid email address");
- $user = LuticateUsersDataAccess::getByUsernameOrEmail($username);
- if (!is_null($user))
- self::badInput("Username already exists");
- $user = LuticateUsersDataAccess::getByUsernameOrEmail($email);
- if (!is_null($user))
- self::badInput("Email already used");
-
- $user = new LuticateUsersDbo();
- $user->setEmail($email);
- $user->setPassword($hash);
- $user->setUsername($username);
- $user->setFirstname($firstname);
- $user->setLastname($lastname);
- $user->setSalt(self::getSalt());
-
- return LuticateUsersDataAccess::addId($user);
- }
-
- public static function edit($user_id, $firstname, $lastname, $email)
- {
- $user = self::checkUserId($user_id);
- if (!filter_var($email, FILTER_VALIDATE_EMAIL))
- self::badInput("Invalid email address");
- $user->setEmail($email);
- $user->setFirstname($firstname);
- $user->setLastname($lastname);
- LuticateUsersDataAccess::editById($user_id, $user);
- return true;
- }
-
- public static function setPassword($user_id, $password)
- {
- if ($user_id != 0) {
- $user = self::checkUserId($user_id);
- $user->setPassword(self::hashPassword($password));
- $user->setSalt(self::getSalt());
- LuticateUsersDataAccess::editById($user_id, $user);
- }
- return true;
- }
-
- public static function setPasswordMe($password, $oldPassword, $user)
- {
- self::login($user->getUsername(), $oldPassword);
- return self::setPassword($user->getId(), $password);
- }
- }
|