This commit is contained in:
William 2022-02-23 16:45:12 +01:00
parent 8ef2098dcd
commit 5b9a5ad5a4
2 changed files with 38 additions and 30 deletions

View File

@ -78,7 +78,7 @@ class Session
); );
} }
public function getFlashedMessages(): ?array public function getFlashedMessages(): array
{ {
$key = 'flashed_messages'; $key = 'flashed_messages';
if ($this->has($key)) if ($this->has($key))
@ -87,7 +87,7 @@ class Session
$this->remove($key); $this->remove($key);
return $msgs; return $msgs;
} }
return NULL; return [];
} }
// END TODO; // END TODO;
} }

View File

@ -1,37 +1,46 @@
<?php <?php
// TODO: this shit stinks... // TODO:
class User class User
{ {
private Session $session; private Session $session;
private Database $database; private Database $database;
public ?bool $loggedIn; public bool $loggedIn;
public ?string $username; public int $powerLevel; // Set to 0 when not logged in
public ?string $password; public string $username; // Username and password is only initalized if logged in
public ?int $powerLevel; public string $password;
public function __construct(Session $session, Database $database) public function __construct(Session $session, Database $database)
{ {
$this->session = $session; $this->session = $session;
$this->database = $database; $this->database = $database;
$this->setProps();
$user = $this->session->get('user');
if ($user)
{
// User session was set previously
$this->loggedIn = $user['loggedIn'];
$this->username = $user['username'];
$this->password = $user['password'];
} else {
// User session has not been set yet
$this->loggedIn = FALSE;
} }
private function setProps(): void // Check if username and password matches
{
$this->loggedIn = $this->session->get('loggedIn');
$this->username = $this->session->get('username');
$this->password = $this->session->get('password');
if ($this->loggedIn && !$this->authenticate($this->username, $this->password)) if ($this->loggedIn && !$this->authenticate($this->username, $this->password))
{ {
$this->logout(); $this->logout();
$this->session->flash('Kontodetaljer endret, vennligst logg inn igjen', 'warning'); $this->session->flash('Kontodetaljer endret, vennligst logg inn igjen', 'warning');
} }
if ($this->loggedIn) { // Set powerLevel
$sth = $this->database->conn->prepare('SELECT * FROM brukertabell WHERE Navn = ? AND Passord = ?'); if ($this->loggedIn)
{
$sth = $this->database->conn->prepare(
'SELECT * FROM brukertabell WHERE Navn = ? AND Passord = ?'
);
$sth->execute([$this->username, $this->password]); $sth->execute([$this->username, $this->password]);
$row = $sth->fetch(PDO::FETCH_ASSOC); $row = $sth->fetch(PDO::FETCH_ASSOC);
@ -46,21 +55,23 @@ class User
{ {
if ($this->authenticate($username, $password)) if ($this->authenticate($username, $password))
{ {
$this->session->set('loggedIn', TRUE); $this->session->set('user', [
$this->session->set('username', $username); 'loggedIn' => TRUE,
$this->session->set('password', $password); 'username' => $username,
$this->setProps(); 'password' => $password
]);
return TRUE; return TRUE;
} }
return FALSE; return FALSE;
} }
// Check if user and pass match // Check if user and password match database
private function authenticate(string $username, string $password): bool private function authenticate(string $username, string $password): bool
{ {
$sth = $this->database->conn->prepare('SELECT * FROM brukertabell WHERE Navn = ? AND Passord = ?'); $sth = $this->database->conn->prepare(
'SELECT * FROM brukertabell WHERE Navn = ? AND Passord = ?'
);
$sth->execute([$username, $password]); $sth->execute([$username, $password]);
if ($sth->rowCount()) if ($sth->rowCount())
{ {
return TRUE; return TRUE;
@ -70,9 +81,6 @@ class User
public function logout(): void public function logout(): void
{ {
$this->session->remove('loggedIn'); $this->session->remove('user');
$this->session->remove('username');
$this->session->remove('password');
$this->setProps();
} }
} }