This repository has been archived on 2023-01-06. You can view files and clone it, but cannot push or open issues or pull requests.
web/app/core/User.php

94 lines
2.6 KiB
PHP
Raw Normal View History

2022-01-23 21:56:36 +00:00
<?php
2022-01-25 16:50:32 +00:00
class User
2022-01-23 21:56:36 +00:00
{
2022-02-28 03:14:53 +00:00
private const SESSION_KEY = 'UserClass';
2022-02-23 15:45:12 +00:00
private Session $session;
2022-02-02 11:47:06 +00:00
private Database $database;
2022-01-23 21:56:36 +00:00
2022-02-27 08:05:48 +00:00
// Always initialized
2022-02-23 15:45:12 +00:00
public bool $loggedIn;
2022-02-27 08:05:48 +00:00
// Initialized only if logged in
public string $username;
2022-02-23 15:45:12 +00:00
public string $password;
2022-02-27 08:05:48 +00:00
public int $powerLevel;
2022-01-23 21:56:36 +00:00
2022-02-02 11:47:06 +00:00
public function __construct(Session $session, Database $database)
2022-01-23 21:56:36 +00:00
{
2022-02-23 15:45:12 +00:00
$this->session = $session;
2022-02-02 11:47:06 +00:00
$this->database = $database;
2022-01-23 21:56:36 +00:00
2022-02-28 03:14:53 +00:00
$user = $this->session->get(self::SESSION_KEY);
2022-02-27 08:05:48 +00:00
// Check if user session has been set
if (!$user)
2022-02-23 15:45:12 +00:00
{
$this->loggedIn = FALSE;
2022-02-27 08:05:48 +00:00
return;
2022-02-23 15:45:12 +00:00
}
2022-01-25 16:50:32 +00:00
2022-02-27 08:05:48 +00:00
// Check if username and password match
if (!$this->authenticate($user['username'], $user['password']))
2022-01-26 19:28:00 +00:00
{
2022-02-27 08:19:12 +00:00
$this->loggedIn = FALSE;
2022-01-26 19:28:00 +00:00
$this->logout();
2022-02-27 08:05:48 +00:00
$this->session->flash('Kontodetaljer er blitt endret, vennligst logg inn igjen', 'warning');
return;
2022-01-25 16:50:32 +00:00
}
2022-02-02 11:47:06 +00:00
2022-02-27 08:05:48 +00:00
// All is good, we should be logged in now! (hopefully)
2022-02-28 03:14:53 +00:00
$this->loggedIn = TRUE;
$this->username = $user['username'];
$this->password = $user['password'];
$this->powerLevel = $this->getPowerLevel();
}
2022-02-02 11:47:06 +00:00
2022-02-28 03:14:53 +00:00
// Get current user power level
private function getPowerLevel(): int
{
if (!$this->loggedIn)
{
throw new Exception("Can't get power level without being logged in!");
}
2022-02-27 08:05:48 +00:00
$sth = $this->database->conn->prepare(
2022-02-28 03:14:53 +00:00
'SELECT Nivå FROM brukertabell WHERE Navn = ? AND Passord = ?'
2022-02-27 08:05:48 +00:00
);
$sth->execute([$this->username, $this->password]);
$row = $sth->fetch(PDO::FETCH_ASSOC);
2022-02-28 03:14:53 +00:00
return $row['Nivå'];
2022-02-23 15:45:12 +00:00
}
2022-01-25 16:50:32 +00:00
// Set session if user and password match
2022-01-23 21:56:36 +00:00
public function login(string $username, string $password): bool
{
2022-01-25 16:50:32 +00:00
if ($this->authenticate($username, $password))
2022-01-23 21:56:36 +00:00
{
2022-02-28 03:14:53 +00:00
$this->session->set(self::SESSION_KEY, [
2022-02-23 15:45:12 +00:00
'username' => $username,
'password' => $password
]);
2022-01-25 16:50:32 +00:00
return TRUE;
}
return FALSE;
}
2022-02-23 15:45:12 +00:00
// Check if user and password match database
2022-01-25 16:50:32 +00:00
private function authenticate(string $username, string $password): bool
{
2022-02-23 15:45:12 +00:00
$sth = $this->database->conn->prepare(
'SELECT * FROM brukertabell WHERE Navn = ? AND Passord = ?'
);
2022-02-02 11:47:06 +00:00
$sth->execute([$username, $password]);
if ($sth->rowCount())
2022-01-25 16:50:32 +00:00
{
2022-01-23 21:56:36 +00:00
return TRUE;
}
return FALSE;
}
2022-01-25 16:50:32 +00:00
public function logout(): void
{
2022-02-28 03:14:53 +00:00
$this->session->remove(self::SESSION_KEY);
2022-01-25 16:50:32 +00:00
}
2022-01-23 21:56:36 +00:00
}