From 5b9a5ad5a438c963cdfae75835a94823c76bd05f Mon Sep 17 00:00:00 2001
From: William <william@willy.club>
Date: Wed, 23 Feb 2022 16:45:12 +0100
Subject: [PATCH] Commit

---
 app/core/Session.php |  4 +--
 app/core/User.php    | 64 +++++++++++++++++++++++++-------------------
 2 files changed, 38 insertions(+), 30 deletions(-)

diff --git a/app/core/Session.php b/app/core/Session.php
index eb0e40a..084cfff 100644
--- a/app/core/Session.php
+++ b/app/core/Session.php
@@ -78,7 +78,7 @@ class Session
         );
     }
 
-    public function getFlashedMessages(): ?array
+    public function getFlashedMessages(): array
     {
         $key = 'flashed_messages';
         if ($this->has($key))
@@ -87,7 +87,7 @@ class Session
             $this->remove($key);
             return $msgs;
         }
-        return NULL;
+        return [];
     }
     // END TODO;
 }
\ No newline at end of file
diff --git a/app/core/User.php b/app/core/User.php
index 3b53aa2..ab9a1ac 100644
--- a/app/core/User.php
+++ b/app/core/User.php
@@ -1,37 +1,46 @@
 <?php
 
-// TODO: this shit stinks...
+// TODO:
 class User 
 {
-    private Session $session;
+    private Session  $session;
     private Database $database;
 
-    public ?bool    $loggedIn;
-    public ?string  $username;
-    public ?string  $password;
-    public ?int     $powerLevel;
+    public bool    $loggedIn;
+    public int     $powerLevel; // Set to 0 when not logged in
+    public string  $username;   // Username and password is only initalized if logged in
+    public string  $password;
 
     public function __construct(Session $session, Database $database)
     {
-        $this->session = $session;
+        $this->session  = $session;
         $this->database = $database;
-        $this->setProps();
-    }
 
-    private function setProps(): void
-    {
-        $this->loggedIn = $this->session->get('loggedIn');
-        $this->username = $this->session->get('username');
-        $this->password = $this->session->get('password');
+        $user = $this->session->get('user');
+        if ($user)
+        {
+            // User session was set previously
+            $this->loggedIn = $user['loggedIn'];
+            $this->username = $user['username'];
+            $this->password = $user['password'];
+        } else {
+            // User session has not been set yet
+            $this->loggedIn = FALSE;
+        }
 
+        // Check if username and password matches
         if ($this->loggedIn && !$this->authenticate($this->username, $this->password))
         {
             $this->logout();
             $this->session->flash('Kontodetaljer endret, vennligst logg inn igjen', 'warning');
         }
 
-        if ($this->loggedIn) {
-            $sth = $this->database->conn->prepare('SELECT * FROM brukertabell WHERE Navn = ? AND Passord = ?');
+        // Set powerLevel
+        if ($this->loggedIn)
+        {
+            $sth = $this->database->conn->prepare(
+                'SELECT * FROM brukertabell WHERE Navn = ? AND Passord = ?'
+            );
             $sth->execute([$this->username, $this->password]);
             $row = $sth->fetch(PDO::FETCH_ASSOC);
 
@@ -39,28 +48,30 @@ class User
         } else {
             $this->powerLevel = 0;
         }
-   }
+    }
 
     // Set session if user and password match
     public function login(string $username, string $password): bool
     {
         if ($this->authenticate($username, $password))
         {
-            $this->session->set('loggedIn', TRUE);
-            $this->session->set('username', $username);
-            $this->session->set('password', $password);
-            $this->setProps();
+            $this->session->set('user', [
+                'loggedIn' => TRUE,
+                'username' => $username,
+                'password' => $password
+            ]);
             return TRUE;
         }
         return FALSE;
     }
 
-    // Check if user and pass match
+    // Check if user and password match database
     private function authenticate(string $username, string $password): bool
     {
-        $sth = $this->database->conn->prepare('SELECT * FROM brukertabell WHERE Navn = ? AND Passord = ?');
+        $sth = $this->database->conn->prepare(
+            'SELECT * FROM brukertabell WHERE Navn = ? AND Passord = ?'
+        );
         $sth->execute([$username, $password]);
-
         if ($sth->rowCount())
         {
             return TRUE;
@@ -70,9 +81,6 @@ class User
 
     public function logout(): void
     {
-        $this->session->remove('loggedIn');
-        $this->session->remove('username');
-        $this->session->remove('password');
-        $this->setProps();
+        $this->session->remove('user');
     }
 }
\ No newline at end of file