-
Notifications
You must be signed in to change notification settings - Fork 10
Expand file tree
/
Copy pathAuth.php
More file actions
169 lines (147 loc) · 5.64 KB
/
Auth.php
File metadata and controls
169 lines (147 loc) · 5.64 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
<?php
/**
* Copyright (C) 2015-2019 FeatherBB
* based on code by (C) 2008-2015 FluxBB
* and Rickard Andersson (C) 2002-2008 PunBB
* License: http://www.gnu.org/licenses/gpl.html GPL version 2 or higher
*/
namespace FeatherBB\Model;
use FeatherBB\Core\Database as DB;
use FeatherBB\Core\Interfaces\ForumEnv;
use FeatherBB\Core\Interfaces\Hooks;
use FeatherBB\Core\Random;
use FeatherBB\Core\Url;
use FeatherBB\Core\Utils;
use Firebase\JWT\JWT;
class Auth
{
public static function loadUser($userId)
{
$userId = (int) $userId;
$result['select'] = ['u.*', 'g.*', 'o.logged', 'o.idle'];
$result['where'] = ['u.id' => $userId];
$result['join'] = ($userId == 1) ? Utils::getIp() : 'u.id';
$escape = ($userId == 1) ? true : false;
$result = DB::table('users')
->tableAlias('u')
->selectMany($result['select'])
->innerJoin('groups', ['u.group_id', '=', 'g.g_id'], 'g')
->leftOuterJoin('online', ['o.user_id', '=', $result['join']], 'o', $escape)
->where($result['where'])
->findOne();
return $result;
}
public static function deleteOnlineByIP($ip)
{
$deleteOnline = DB::table('online')->where('ident', $ip);
$deleteOnline = Hooks::fireDB('delete_online_login', $deleteOnline);
return $deleteOnline->deleteMany();
}
public static function deleteOnlineById($userId)
{
// Remove user from "users online" list
$deleteOnline = DB::table('online')->where('user_id', $userId);
$deleteOnline = Hooks::fireDB('delete_online_logout', $deleteOnline);
return $deleteOnline->deleteMany();
}
public static function getUserFromName($username)
{
$user = DB::table('users')->where('username', $username);
$user = Hooks::fireDB('find_user_login', $user);
return $user->findOne();
}
public static function getUserFromEmail($email)
{
$result['select'] = ['id', 'username', 'last_email_sent'];
$result = DB::table('users')
->selectMany($result['select'])
->where('email', $email);
$result = Hooks::fireDB('password_forgotten_query', $result);
return $result->findOne();
}
public static function updateGroup($userId, $groupId)
{
$updateUsergroup = DB::table('users')->where('id', $userId)
->findOne()
->set('group_id', $groupId);
$updateUsergroup = Hooks::fireDB('update_usergroup_login', $updateUsergroup);
return $updateUsergroup->save();
}
public static function setLastVisit($userId, $lastVisit)
{
$updateLastVisit = DB::table('users')->where('id', (int) $userId)
->findOne()
->set('last_visit', (int) $lastVisit);
$updateLastVisit = Hooks::fireDB('update_online_logout', $updateLastVisit);
return $updateLastVisit->save();
}
public static function setNewPassword($pass, $key, $userId)
{
$query['update'] = [
'activate_string' => Utils::passwordHash($pass),
'activate_key' => $key,
'last_email_sent' => time(),
];
$query = DB::table('users')
->where('id', $userId)
->findOne()
->set($query['update']);
$query = Hooks::fireDB('password_forgotten_mail_query', $query);
return $query->save();
}
public static function updatePassword($userId, $clearPassword)
{
$query = DB::table('users')
->where('id', $userId)
->findOne()
->set('password', Utils::passwordHash($clearPassword));
$query = Hooks::fireDB('update_password_query', $query);
return $query->save();
}
public static function generateJwt($user, $expire)
{
$issuedAt = time();
$tokenId = base64_encode(Random::key(32));
$serverName = Url::baseStatic();
/*
* Create the token as an array
*/
$data = [
'iat' => $issuedAt, // Issued at: time when the token was generated
'jti' => $tokenId, // Json Token Id: an unique identifier for the token
'iss' => $serverName, // Issuer
'exp' => $expire, // Expire after 30 minutes of idle or 14 days if "remember me"
'data' => [ // Data related to the signer user
'userId' => $user->id, // userid from the users table
'userName' => $user->username, // User name
]
];
/*
* Extract the key, which is coming from the config file.
*
* Generated with base64_encode(openssl_random_pseudo_bytes(64));
*/
$secretKey = base64_decode(ForumEnv::get('JWT_TOKEN'));
/*
* Extract the algorithm from the config file too
*/
$algorithm = ForumEnv::get('JWT_ALGORITHM');
/*
* Encode the array to a JWT string.
* Second parameter is the key to encode the token.
*
* The output string can be validated at http://jwt.io/
*/
$jwt = JWT::encode(
$data, //Data to be encoded in the JWT
$secretKey, // The signing key
$algorithm // Algorithm used to sign the token, see https://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-40#section-3
);
return $jwt;
}
public static function setCookie($jwt, $expire)
{
// Store cookie to client storage
setcookie(ForumEnv::get('COOKIE_NAME'), $jwt, $expire, '/', '', false, true);
}
}