[add] Endpoints to handle sessions

2018-08-05 20:06:43 -06:00
parent d7be1f1d9c
commit 816b1e356a
3 changed files with 81 additions and 31 deletions
--- a/api-payroll/src/application/SessionApplication.php
+++ b/api-payroll/src/application/SessionApplication.php
@@ -1,26 +1,88 @@
 <?php

 class SessionApplication{
-    // The to be connection
-    private $pdo = '';
+    private $pdo;
    private $cryptographyService;

    function __construct($mysql, $cryptographyService){
-        // Services
        $this->cryptographyService = $cryptographyService;
        $this->pdo = $mysql;
+
+        $this->databaseSelectQueryErrorMessage = 'There was an error inserting the record.';
    }

-    function newSession($userName, $password){
-        $real = 'slothness';
-        $password = "$2y$12$51mfESaLEGXDT4u9Bd9kiOHEpaJ1Bx4SEcVwsU5K6jVPMNkrnpJAa";
+    /**
+     * @return bool
+     */
+    function verifySession(){
+        return isset($_SESSION['userName']);
+    }

-        if($this->cryptographyService->decryptPassword($real, $password)){
-            return "yea";
+    /**
+     * @return array
+     */
+    function checkCurrentSession(){
+        $session = array();
+
+        $session['loggedIn'] = $this->verifySession();
+
+        if($this->verifySession()){
+            $session['userName'] = $_SESSION['userName'];
+        }
+
+        return $session;
+    }
+
+    /**
+     * @param $userName string
+     * @return mixed
+     */
+    function getPassword($userName){
+        $stmt = $this->pdo->prepare("SELECT password FROM users WHERE name = :userName");
+        $stmt->execute(array(':userName' => $userName));
+        $results = $stmt->fetchAll();
+        if(!$results){
+            exit($this->databaseSelectQueryErrorMessage);
+        }
+        $stmt = null;
+        return $results[0]['password'];
+    }
+
+    /**
+     * @param $userName string
+     * @param $password string
+     * @return bool
+     * @throws Exception
+     */
+    function newSession($userName, $password){
+        $storedPassword = $this->getPassword($userName);
+
+        // If the credentials don't match anything in the the records
+        if(!isset($storedPassword)){
+            throw new Exception('The user or password didnt match, please try again.');
+        }
+
+        // Already has a session
+        if($this->verifySession()){
+            return true;
+        }
+
+        if($this->cryptographyService->decryptPassword($password, $storedPassword)){
+            $_SESSION['userName'] = $userName;
+            return true;
        }
        else{
-            return "nay";
+            return false;
        }
    }
+
+    /**
+     * @return string
+     */
+    function destroySession(){
+        session_destroy();
+
+        return "Sucessfully logged out.";
+    }
 }
 ?>