Commit
This commit is contained in:
parent
8ef2098dcd
commit
5b9a5ad5a4
@ -78,7 +78,7 @@ class Session
|
|||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
public function getFlashedMessages(): ?array
|
public function getFlashedMessages(): array
|
||||||
{
|
{
|
||||||
$key = 'flashed_messages';
|
$key = 'flashed_messages';
|
||||||
if ($this->has($key))
|
if ($this->has($key))
|
||||||
@ -87,7 +87,7 @@ class Session
|
|||||||
$this->remove($key);
|
$this->remove($key);
|
||||||
return $msgs;
|
return $msgs;
|
||||||
}
|
}
|
||||||
return NULL;
|
return [];
|
||||||
}
|
}
|
||||||
// END TODO;
|
// END TODO;
|
||||||
}
|
}
|
@ -1,37 +1,46 @@
|
|||||||
<?php
|
<?php
|
||||||
|
|
||||||
// TODO: this shit stinks...
|
// TODO:
|
||||||
class User
|
class User
|
||||||
{
|
{
|
||||||
private Session $session;
|
private Session $session;
|
||||||
private Database $database;
|
private Database $database;
|
||||||
|
|
||||||
public ?bool $loggedIn;
|
public bool $loggedIn;
|
||||||
public ?string $username;
|
public int $powerLevel; // Set to 0 when not logged in
|
||||||
public ?string $password;
|
public string $username; // Username and password is only initalized if logged in
|
||||||
public ?int $powerLevel;
|
public string $password;
|
||||||
|
|
||||||
public function __construct(Session $session, Database $database)
|
public function __construct(Session $session, Database $database)
|
||||||
{
|
{
|
||||||
$this->session = $session;
|
$this->session = $session;
|
||||||
$this->database = $database;
|
$this->database = $database;
|
||||||
$this->setProps();
|
|
||||||
|
$user = $this->session->get('user');
|
||||||
|
if ($user)
|
||||||
|
{
|
||||||
|
// User session was set previously
|
||||||
|
$this->loggedIn = $user['loggedIn'];
|
||||||
|
$this->username = $user['username'];
|
||||||
|
$this->password = $user['password'];
|
||||||
|
} else {
|
||||||
|
// User session has not been set yet
|
||||||
|
$this->loggedIn = FALSE;
|
||||||
}
|
}
|
||||||
|
|
||||||
private function setProps(): void
|
// Check if username and password matches
|
||||||
{
|
|
||||||
$this->loggedIn = $this->session->get('loggedIn');
|
|
||||||
$this->username = $this->session->get('username');
|
|
||||||
$this->password = $this->session->get('password');
|
|
||||||
|
|
||||||
if ($this->loggedIn && !$this->authenticate($this->username, $this->password))
|
if ($this->loggedIn && !$this->authenticate($this->username, $this->password))
|
||||||
{
|
{
|
||||||
$this->logout();
|
$this->logout();
|
||||||
$this->session->flash('Kontodetaljer endret, vennligst logg inn igjen', 'warning');
|
$this->session->flash('Kontodetaljer endret, vennligst logg inn igjen', 'warning');
|
||||||
}
|
}
|
||||||
|
|
||||||
if ($this->loggedIn) {
|
// Set powerLevel
|
||||||
$sth = $this->database->conn->prepare('SELECT * FROM brukertabell WHERE Navn = ? AND Passord = ?');
|
if ($this->loggedIn)
|
||||||
|
{
|
||||||
|
$sth = $this->database->conn->prepare(
|
||||||
|
'SELECT * FROM brukertabell WHERE Navn = ? AND Passord = ?'
|
||||||
|
);
|
||||||
$sth->execute([$this->username, $this->password]);
|
$sth->execute([$this->username, $this->password]);
|
||||||
$row = $sth->fetch(PDO::FETCH_ASSOC);
|
$row = $sth->fetch(PDO::FETCH_ASSOC);
|
||||||
|
|
||||||
@ -46,21 +55,23 @@ class User
|
|||||||
{
|
{
|
||||||
if ($this->authenticate($username, $password))
|
if ($this->authenticate($username, $password))
|
||||||
{
|
{
|
||||||
$this->session->set('loggedIn', TRUE);
|
$this->session->set('user', [
|
||||||
$this->session->set('username', $username);
|
'loggedIn' => TRUE,
|
||||||
$this->session->set('password', $password);
|
'username' => $username,
|
||||||
$this->setProps();
|
'password' => $password
|
||||||
|
]);
|
||||||
return TRUE;
|
return TRUE;
|
||||||
}
|
}
|
||||||
return FALSE;
|
return FALSE;
|
||||||
}
|
}
|
||||||
|
|
||||||
// Check if user and pass match
|
// Check if user and password match database
|
||||||
private function authenticate(string $username, string $password): bool
|
private function authenticate(string $username, string $password): bool
|
||||||
{
|
{
|
||||||
$sth = $this->database->conn->prepare('SELECT * FROM brukertabell WHERE Navn = ? AND Passord = ?');
|
$sth = $this->database->conn->prepare(
|
||||||
|
'SELECT * FROM brukertabell WHERE Navn = ? AND Passord = ?'
|
||||||
|
);
|
||||||
$sth->execute([$username, $password]);
|
$sth->execute([$username, $password]);
|
||||||
|
|
||||||
if ($sth->rowCount())
|
if ($sth->rowCount())
|
||||||
{
|
{
|
||||||
return TRUE;
|
return TRUE;
|
||||||
@ -70,9 +81,6 @@ class User
|
|||||||
|
|
||||||
public function logout(): void
|
public function logout(): void
|
||||||
{
|
{
|
||||||
$this->session->remove('loggedIn');
|
$this->session->remove('user');
|
||||||
$this->session->remove('username');
|
|
||||||
$this->session->remove('password');
|
|
||||||
$this->setProps();
|
|
||||||
}
|
}
|
||||||
}
|
}
|
Reference in New Issue
Block a user