luticate
/
api-auth
Watch 1
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 6 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
51 Commits
2 Branches
Tree: ba49cd5568
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'ba49cd5568'
${ noResults }
api-auth/src/Auth/Business/LuticateUsersBusiness.php

LuticateUsersBusiness.php 5.1KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181 
  1. <?php

  2. 

  3. namespace Luticate\Auth\Business;

  4. 

  5. use Illuminate\Support\Facades\DB;

  6. use Luticate\Auth\DBO\LuticatePermissions;

  7. use Luticate\Auth\DBO\LuticateUsersLightDbo;

  8. use Luticate\Auth\DBO\LuticateUsersLoginDbo;

  9. use Luticate\Utils\LuBusiness;

  10. use Luticate\Auth\DataAccess\LuticateUsersDataAccess;

  11. use Luticate\Auth\DBO\LuticateUsersDbo;

  12. 

  13. class LuticateUsersBusiness extends LuBusiness {

  14. 

  15.     const KEY_USER_ID =  "user_id";

  16.     const KEY_SALT =  "salt";

  17.     const KEY_DATA =  "data";

  18. 

  19.     protected static function getDataAccess()

  20.     {

  21.         return new LuticateUsersDataAccess();

  22.     }

  23. 

  24.     protected static function badPassword()

  25.     {

  26.         abort(401, "Bad username/password");

  27.     }

  28. 

  29.     public static function hashPassword($password)

  30.     {

  31.         return password_hash($password, PASSWORD_BCRYPT);

  32.     }

  33. 

  34.     public static function verifyPassword($password, $hash)

  35.     {

  36.         return password_verify($password, $hash);

  37.     }

  38. 

  39.     public static function getSalt($length = 10)

  40.     {

  41.         $characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';

  42.         $charactersLength = strlen($characters);

  43.         $randomString = '';

  44.         for ($i = 0; $i < $length; $i++) {

  45.             $randomString .= $characters[rand(0, $charactersLength - 1)];

  46.         }

  47.         return $randomString;

  48.     }

  49. 

  50.     /**

  51.      * @param $user LuticateUsersDbo

  52.      * @param $data mixed

  53.      * @return string

  54.      */

  55.     public static function getToken($user, $data = null)

  56.     {

  57.         return JwtHelper::encode(array(

  58.             self::KEY_USER_ID => $user->getId(),

  59.             self::KEY_SALT => $user->getSalt(),

  60.             self::KEY_DATA => $data

  61.             ));

  62.     }

  63. 

  64.     /**

  65.      * @param $user_id

  66.      * @return LuticateUsersDbo|null

  67.      */

  68.     public static function checkUserId($user_id)

  69.     {

  70.         $user = LuticateUsersDataAccess::getById($user_id);

  71.         if (is_null($user)) {

  72.             self::notFound("User not found");

  73.         }

  74.         return $user;

  75.     }

  76. 

  77.     public static function login($username, $password)

  78.     {

  79.         $user = LuticateUsersDataAccess::getByUsernameOrEmail($username);

  80.         if (is_null($user))

  81.             self::badPassword();

  82.         if (!self::verifyPassword($password, $user->getPassword()))

  83.             self::badPassword();

  84. 

  85.         $user = LuticateUsersLoginDbo::fromUserDbo($user);

  86.         $user->setToken(self::getToken($user));

  87.         return $user;

  88.     }

  89. 

  90.     /**

  91.      * @param $user LuticateUsersDbo

  92.      * @return bool

  93.      */

  94.     public static function logout($user)

  95.     {

  96.         if ($user->getId() != 0) {

  97.             $user->setSalt(self::getSalt());

  98.             LuticateUsersDataAccess::editById($user->getId(), $user);

  99.         }

  100.         return true;

  101.     }

  102. 

  103.     public static function getAll($page = 0, $perPage = PHP_INT_MAX)

  104.     {

  105.         $users = self::search($page, $perPage, "username", "ASC");

  106.         $usersLight = array();

  107.         foreach ($users as $user) {

  108.             $usersLight[] = LuticateUsersLightDbo::fromUserDbo($user);

  109.         }

  110.         return $usersLight;

  111.     }

  112. 

  113.     public static function add($username, $email, $password)

  114.     {

  115.         $hash = self::hashPassword($password);

  116.         if (filter_var($username, FILTER_VALIDATE_EMAIL))

  117.             self::badInput("Username can not be an email");

  118.         if (!filter_var($email, FILTER_VALIDATE_EMAIL))

  119.             self::badInput("Invalid email address");

  120.         $user = LuticateUsersDataAccess::getByUsernameOrEmail($username);

  121.         if (!is_null($user))

  122.             self::badInput("Username already exists");

  123.         $user = LuticateUsersDataAccess::getByUsernameOrEmail($email);

  124.         if (!is_null($user))

  125.             self::badInput("Email already used");

  126. 

  127.         $user = new LuticateUsersDbo();

  128.         $user->setEmail($email);

  129.         $user->setPassword($hash);

  130.         $user->setUsername($username);

  131.         $user->setSalt(self::getSalt());

  132. 

  133.         DB::beginTransaction();

  134. 

  135.         $user_id = LuticateUsersDataAccess::addId($user);

  136. 

  137.         if (!is_null(LuticateGroupsBusiness::getById(0))) {

  138.             LuticateGroupsBusiness::addUser($user_id, 0);

  139.         }

  140.         DB::commit();

  141. 

  142.         return $user_id;

  143.     }

  144. 

  145.     public static function edit($user_id, $email)

  146.     {

  147.         if ($user_id != 0) {

  148.             $user = self::checkUserId($user_id);

  149.             $user->setEmail($email);

  150.             LuticateUsersDataAccess::editById($user_id, $user);

  151.         }

  152.         return true;

  153.     }

  154. 

  155.     public static function editMe($email, $user)

  156.     {

  157.         return self::edit($user->getId(), $email);

  158.     }

  159. 

  160.     public static function setPassword($user_id, $password)

  161.     {

  162.         if ($user_id != 0) {

  163.             $user = self::checkUserId($user_id);

  164.             $user->setPassword(self::hashPassword($password));

  165.             $user->setSalt(self::getSalt());

  166.             LuticateUsersDataAccess::editById($user_id, $user);

  167.         }

  168.         return true;

  169.     }

  170. 

  171.     public static function setPasswordMe($password, $oldPassword, $user)

  172.     {

  173.         self::login($user->getUsername(), $oldPassword);

  174.         return self::setPassword($user->getId(), $password);

  175.     }

  176. 

  177.     public static function del($user_id)

  178.     {

  179.         parent::deleteById($user_id);

  180.     }

  181. }