luticate
/
api-auth
Watch 1
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 6 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
97 Commits
2 Branches
Tree: a4b86dd2f6
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'a4b86dd2f6'
${ noResults }
api-auth/src/Auth/Business/LuticateUsersBusiness.php

LuticateUsersBusiness.php 5.6KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188 
  1. <?php

  2. 

  3. namespace Luticate\Auth\Business;

  4. 

  5. use Illuminate\Support\Facades\DB;

  6. use Luticate\Auth\DBO\LuticatePermissions;

  7. use Luticate\Auth\DBO\LuticateUsersLightDbo;

  8. use Luticate\Auth\DBO\LuticateUsersLoginDbo;

  9. use Luticate\Utils\LuBusiness;

  10. use Luticate\Auth\DataAccess\LuticateUsersDataAccess;

  11. use Luticate\Auth\DBO\LuticateUsersDbo;

  12. use Luticate\Utils\LuMultipleDbo;

  13. 

  14. class LuticateUsersBusiness extends LuBusiness {

  15. 

  16.     const KEY_USER_ID =  "user_id";

  17.     const KEY_SALT =  "salt";

  18.     const KEY_DATA =  "data";

  19. 

  20.     protected static function getDataAccess()

  21.     {

  22.         return new LuticateUsersDataAccess();

  23.     }

  24. 

  25.     protected static function badPassword()

  26.     {

  27.         abort(401, "Bad username/password");

  28.     }

  29. 

  30.     public static function hashPassword($password)

  31.     {

  32.         return password_hash($password, PASSWORD_BCRYPT);

  33.     }

  34. 

  35.     public static function verifyPassword($password, $hash)

  36.     {

  37.         return password_verify($password, $hash);

  38.     }

  39. 

  40.     public static function getSalt($length = 10)

  41.     {

  42.         $characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';

  43.         $charactersLength = strlen($characters);

  44.         $randomString = '';

  45.         for ($i = 0; $i < $length; $i++) {

  46.             $randomString .= $characters[rand(0, $charactersLength - 1)];

  47.         }

  48.         return $randomString;

  49.     }

  50. 

  51.     /**

  52.      * @param $user LuticateUsersDbo

  53.      * @param $data mixed

  54.      * @return string

  55.      */

  56.     public static function getToken($user, $data = null)

  57.     {

  58.         return JwtHelper::encode(array(

  59.             self::KEY_USER_ID => $user->getId(),

  60.             self::KEY_SALT => $user->getSalt(),

  61.             self::KEY_DATA => $data

  62.             ));

  63.     }

  64. 

  65.     /**

  66.      * @param $user_id

  67.      * @return LuticateUsersDbo|null

  68.      */

  69.     public static function checkUserId($user_id)

  70.     {

  71.         $user = LuticateUsersDataAccess::getById($user_id);

  72.         if (is_null($user)) {

  73.             self::notFound("User not found");

  74.         }

  75.         return $user;

  76.     }

  77. 

  78.     public static function login($username, $password)

  79.     {

  80.         $user = LuticateUsersDataAccess::getByUsernameOrEmail($username);

  81.         if (is_null($user))

  82.             self::badPassword();

  83.         if (!self::verifyPassword($password, $user->getPassword()))

  84.             self::badPassword();

  85. 

  86.         $user = LuticateUsersLoginDbo::fromUserDbo($user);

  87.         $user->setToken(self::getToken($user));

  88.         return $user;

  89.     }

  90. 

  91.     /**

  92.      * @param $user LuticateUsersDbo

  93.      * @return bool

  94.      */

  95.     public static function logout($user)

  96.     {

  97.         if ($user->getId() != 0) {

  98.             $user->setSalt(self::getSalt());

  99.             LuticateUsersDataAccess::editById($user->getId(), $user);

  100.         }

  101.         return true;

  102.     }

  103. 

  104.     public static function getAllLight($page = 0, $perPage = PHP_INT_MAX, $query = "")

  105.     {

  106.         $users = self::getAll($page, $perPage, $query);

  107.         return $users->map(function($user)

  108.         {

  109.             return LuticateUsersLightDbo::fromUserDbo($user);

  110.         });

  111.     }

  112. 

  113.     public static function getLightById($user_id)

  114.     {

  115.         $user = self::getById($user_id);

  116.         if (is_null($user)) {

  117.             self::notFound(self::getResourceName() . " not found");

  118.         }

  119.         return LuticateUsersLightDbo::fromUserDbo($user);

  120.     }

  121. 

  122.     public static function deleteById($id)

  123.     {

  124.         if ($id != 0) {

  125.             $res = static::getDataAccess()->deleteById($id);

  126.             if (!$res)

  127.                 self::notFound(static::getResourceName() . " not found");

  128.         }

  129.         return true;

  130.     }

  131. 

  132.     public static function add($username, $email, $firstname, $lastname, $password)

  133.     {

  134.         if (strlen($password) < 5) {

  135.             self::badInput("Password must have at least 5 characters");

  136.         }

  137.         $hash = self::hashPassword($password);

  138.         if (filter_var($username, FILTER_VALIDATE_EMAIL))

  139.             self::badInput("Username can not be an email");

  140.         if (!filter_var($email, FILTER_VALIDATE_EMAIL))

  141.             self::badInput("Invalid email address");

  142.         $user = LuticateUsersDataAccess::getByUsernameOrEmail($username);

  143.         if (!is_null($user))

  144.             self::badInput("Username already exists");

  145.         $user = LuticateUsersDataAccess::getByUsernameOrEmail($email);

  146.         if (!is_null($user))

  147.             self::badInput("Email already used");

  148. 

  149.         $user = new LuticateUsersDbo();

  150.         $user->setEmail($email);

  151.         $user->setPassword($hash);

  152.         $user->setUsername($username);

  153.         $user->setFirstname($firstname);

  154.         $user->setLastname($lastname);

  155.         $user->setSalt(self::getSalt());

  156. 

  157.         return LuticateUsersDataAccess::addId($user);

  158.     }

  159. 

  160.     public static function edit($user_id, $firstname, $lastname, $email)

  161.     {

  162.         $user = self::checkUserId($user_id);

  163.         if (!filter_var($email, FILTER_VALIDATE_EMAIL))

  164.             self::badInput("Invalid email address");

  165.         $user->setEmail($email);

  166.         $user->setFirstname($firstname);

  167.         $user->setLastname($lastname);

  168.         LuticateUsersDataAccess::editById($user_id, $user);

  169.         return true;

  170.     }

  171. 

  172.     public static function setPassword($user_id, $password)

  173.     {

  174.         if ($user_id != 0) {

  175.             $user = self::checkUserId($user_id);

  176.             $user->setPassword(self::hashPassword($password));

  177.             $user->setSalt(self::getSalt());

  178.             LuticateUsersDataAccess::editById($user_id, $user);

  179.         }

  180.         return true;

  181.     }

  182. 

  183.     public static function setPasswordMe($password, $oldPassword, $user)

  184.     {

  185.         self::login($user->getUsername(), $oldPassword);

  186.         return self::setPassword($user->getId(), $password);

  187.     }

  188. }