api-payroll/src/application/SessionApplication.php

@@ -1,26 +1,88 @@
 <?php
 
 class SessionApplication{
-    // The to be connection
-    private $pdo = '';
+    private $pdo;
     private $cryptographyService;
 
     function __construct($mysql, $cryptographyService){
-        // Services
         $this->cryptographyService = $cryptographyService;
         $this->pdo = $mysql;
+
+        $this->databaseSelectQueryErrorMessage = 'There was an error inserting the record.';
     }
 
-    function newSession($userName, $password){
-        $real = 'slothness';
-        $password = "$2y$12$51mfESaLEGXDT4u9Bd9kiOHEpaJ1Bx4SEcVwsU5K6jVPMNkrnpJAa";
+    /**
+     * @return bool
+     */
+    function verifySession(){
+        return isset($_SESSION['userName']);
+    }
 
-        if($this->cryptographyService->decryptPassword($real, $password)){
-            return "yea";
+    /**
+     * @return array
+     */
+    function checkCurrentSession(){
+        $session = array();
+
+        $session['loggedIn'] = $this->verifySession();
+
+        if($this->verifySession()){
+            $session['userName'] = $_SESSION['userName'];
+        }
+
+        return $session;
+    }
+
+    /**
+     * @param $userName string
+     * @return mixed
+     */
+    function getPassword($userName){
+        $stmt = $this->pdo->prepare("SELECT password FROM users WHERE name = :userName");
+        $stmt->execute(array(':userName' => $userName));
+        $results = $stmt->fetchAll();
+        if(!$results){
+            exit($this->databaseSelectQueryErrorMessage);
+        }
+        $stmt = null;
+        return $results[0]['password'];
+    }
+
+    /**
+     * @param $userName string
+     * @param $password string
+     * @return bool
+     * @throws Exception
+     */
+    function newSession($userName, $password){
+        $storedPassword = $this->getPassword($userName);
+
+        // If the credentials don't match anything in the the records
+        if(!isset($storedPassword)){
+            throw new Exception('The user or password didnt match, please try again.');
+        }
+
+        // Already has a session
+        if($this->verifySession()){
+            return true;
+        }
+
+        if($this->cryptographyService->decryptPassword($password, $storedPassword)){
+            $_SESSION['userName'] = $userName;
+            return true;
         }
         else{
-            return "nay";
+            return false;
         }
     }
+
+    /**
+     * @return string
+     */
+    function destroySession(){
+        session_destroy();
+
+        return "Sucessfully logged out.";
+    }
 }
 ?>

api-payroll/src/routes.php

@@ -13,6 +13,11 @@ $app->get('/[{name}]', function (Request $request, Response $response, array $ar
     return $this->renderer->render($response, 'index.phtml', $args);
 });
 
+$app->get('/api/session', function (Request $request, Response $response, array $args) {
+    return $response->withStatus(200)
+        ->withHeader('Content-Type', 'application/json')
+        ->write(json_encode($this->sessionApplication->checkCurrentSession()));
+});
 
 $app->post('/api/session/login', function ($request, $response) {
     $RequestData = $request->getParsedBody();
@@ -24,25 +29,8 @@ $app->post('/api/session/login', function ($request, $response) {
         ->write(json_encode($data));
 });
 
-
-$app->get('/api/encrypt/{string}', function (Request $request, Response $response, array $args) {
-    return $this->cryptographyService->encryptString($args['string']);
-});
-
-$app->get('/api/decrypt/{string}', function (Request $request, Response $response, array $args) {
-    return $this->cryptographyService->decryptString($args['string']);
-});
-
-$app->get('/api/encrypt/password/{string}', function (Request $request, Response $response, array $args) {
-    return $this->cryptographyService->encryptPassword($args['string']);
-});
-
-$app->get('/api/decrypt/password/{string}', function (Request $request, Response $response, array $args) {
-    $cosa = $this->cryptographyService->decryptPassword("pablso", "$2y$12$4T.gxWkQNPPFQau7ghfiQegdJQOm1yLTlbOTvcI3AizyqF/JSHr06");
-    if ($cosa){
-        return "yea";
-    }
-    else{
-        "nah";
-    }
+$app->post('/api/session/logout', function (Request $request, Response $response, array $args) {
+    return $response->withStatus(200)
+        ->withHeader('Content-Type', 'application/json')
+        ->write(json_encode($this->sessionApplication->destroySession()));
 });

api-payroll/src/service/CryptographyService.php

@@ -80,7 +80,7 @@ class CryptographyService{
      *
      * @param $plainPassword string
      * @param $encryptedPassword string
-     * @return boolean
+     * @return bool
     */
     function decryptPassword($plainPassword, $encryptedPassword) {
         return password_verify($plainPassword, $encryptedPassword);