126 lines
3.9 KiB
PHP
126 lines
3.9 KiB
PHP
<?php
|
|
namespace App\Application;
|
|
|
|
use Exception;
|
|
|
|
class SessionApplication{
|
|
private $pdo;
|
|
private $cryptographyService;
|
|
private $asserts;
|
|
|
|
function __construct($mysql, $cryptographyService, $asserts){
|
|
$this->cryptographyService = $cryptographyService;
|
|
$this->pdo = $mysql;
|
|
$this->asserts = $asserts;
|
|
}
|
|
|
|
/**
|
|
* @return bool
|
|
*/
|
|
function verifySession(){
|
|
return isset($_SESSION['userName']);
|
|
}
|
|
|
|
/**
|
|
* @return array
|
|
*/
|
|
function checkCurrentSession(){
|
|
$session = array();
|
|
|
|
$session['loggedIn'] = $this->verifySession();
|
|
|
|
if($this->verifySession()){
|
|
$session['userName'] = $_SESSION['userName'];
|
|
}
|
|
|
|
return $session;
|
|
}
|
|
|
|
/**
|
|
* @param $userName string
|
|
* @return mixed
|
|
* @throws Exception
|
|
*/
|
|
function getPassword($userName){
|
|
$this->asserts->isNotEmpty($userName, "The username can't be empty");
|
|
$this->asserts->isString($userName, "The username must be a string.");
|
|
$this->asserts->betweenLength($userName, 1, 50, "The username must have a length between 1 and 50 characters.");
|
|
|
|
$stmt = $this->pdo->prepare("SELECT password FROM users WHERE name = :userName");
|
|
$stmt->execute(array(':userName' => $userName));
|
|
$results = $stmt->fetchAll();
|
|
if(!$results){
|
|
throw new Exception('The user or password didnt match, please try again.');
|
|
}
|
|
$stmt = null;
|
|
return $results[0]['password'];
|
|
}
|
|
|
|
/**
|
|
* @param $userName string
|
|
* @param $password string
|
|
* @return bool
|
|
* @throws Exception
|
|
*/
|
|
function newSession($userName, $password){
|
|
$this->asserts->isNotEmpty($userName, "The username can't be empty");
|
|
$this->asserts->isString($userName, "The username must be a string.");
|
|
$this->asserts->betweenLength($userName, 1, 50, "The username must have a length between 1 and 50 characters.");
|
|
$this->asserts->isNotEmpty($password, "The password can't be empty");
|
|
$this->asserts->isString($password, "The password must be a string.");
|
|
$this->asserts->betweenLength($password, 1, 50, "The password must have a length between 1 and 50 characters.");
|
|
|
|
$storedPassword = $this->getPassword($userName);
|
|
|
|
// If the credentials don't match anything in the the records
|
|
if(!isset($storedPassword)){
|
|
return false;
|
|
}
|
|
|
|
// Already has a session
|
|
if($this->verifySession()){
|
|
return true;
|
|
}
|
|
|
|
if($this->cryptographyService->decryptPassword($password, $storedPassword)){
|
|
$_SESSION['userName'] = $userName;
|
|
return true;
|
|
}
|
|
else{
|
|
throw new Exception('The user or password didnt match, please try again.');
|
|
}
|
|
}
|
|
|
|
/**
|
|
* @param $userName
|
|
* @param $password
|
|
* @return array
|
|
* @throws Exception
|
|
*/
|
|
function login($userName, $password){
|
|
$this->asserts->isNotEmpty($userName, "The username can't be empty");
|
|
$this->asserts->isString($userName, "The username must be a string.");
|
|
$this->asserts->betweenLength($userName, 1, 50, "The username must have a length between 1 and 50 characters.");
|
|
$this->asserts->isNotEmpty($password, "The password can't be empty");
|
|
$this->asserts->isString($password, "The password must be a string.");
|
|
$this->asserts->betweenLength($password, 1, 50, "The password must have a length between 1 and 50 characters.");
|
|
|
|
|
|
if($this->newSession($userName, $password)){
|
|
return array('status' => 'success', 'message' => 'Logged in successfully.');
|
|
}
|
|
else{
|
|
throw new Exception('The user or password didnt match, please try again.');
|
|
}
|
|
}
|
|
|
|
/**
|
|
* @return array
|
|
*/
|
|
function destroySession(){
|
|
session_destroy();
|
|
|
|
return array('status' => 'success', 'message' => 'Successfully logged out.');
|
|
}
|
|
}
|
|
?>
|