session = $session; $this->database = $database; $user = $this->session->get(self::SESSION_KEY); // Check if user session has been set if (!$user) { $this->loggedIn = FALSE; return; } // Check if username and password match if (!$this->authenticate($user['username'], $user['password'])) { $this->loggedIn = FALSE; $this->logout(); $this->session->flash('Kontodetaljer er blitt endret, vennligst logg inn igjen', 'warning'); return; } // All is good, we should be logged in now! (hopefully) $this->loggedIn = TRUE; $this->username = $user['username']; $this->password = $user['password']; $this->powerLevel = $this->getPowerLevel(); } // Get current user power level private function getPowerLevel(): int { if (!$this->loggedIn) { throw new Exception("Can't get power level without being logged in!"); } $sth = $this->database->conn->prepare( 'SELECT Nivå FROM brukertabell WHERE Navn = ? AND Passord = ?' ); $sth->execute([$this->username, $this->password]); $row = $sth->fetch(PDO::FETCH_ASSOC); return $row['Nivå']; } // Set session if user and password match public function login(string $username, string $password): bool { if ($this->authenticate($username, $password)) { $this->session->set(self::SESSION_KEY, [ 'loggedIn' => TRUE, 'username' => $username, 'password' => $password ]); return TRUE; } return FALSE; } // Check if user and password match database private function authenticate(string $username, string $password): bool { $sth = $this->database->conn->prepare( 'SELECT * FROM brukertabell WHERE Navn = ? AND Passord = ?' ); $sth->execute([$username, $password]); if ($sth->rowCount()) { return TRUE; } return FALSE; } public function logout(): void { $this->session->remove(self::SESSION_KEY); } }