logauth
/
SMMP
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Renamed authentification/authentication + authenticationDefault::update_admin + iface to update admin password

This commit is contained in:
xdrm-brackets 2017-10-19 14:07:38 +02:00
parent 8e430ff242
commit a87911e76f
7 changed files with 208 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

86
build/api/module/authentificationDefault.php → build/api/module/authenticationDefault.php
View File

@ -5,15 +5,17 @@
use \api\core\Authentification; use \api\core\Authentification;
use \database\core\Repo; use \database\core\Repo;
use \manager\repo\cluster as clusterRepo; use \manager\repo\cluster as clusterRepo;
use \error\core\Error;
use \error\core\Err;
class authentificationDefault{ class authenticationDefault{
public function __construct(){ public function __construct(){
// Routine to execute before each call to authentificationDefault's method // Routine to execute before each call to authenticationDefault's method
} }
public function __destruct(){ public function __destruct(){
// Routine to execute after each call to authentificationDefault's method // Routine to execute after each call to authenticationDefault's method
} }
/* CONNEXION A UN ENTREPOT /* CONNEXION A UN ENTREPOT
@ -116,6 +118,84 @@
return [ 'status' => true ]; return [ 'status' => true ];
} }
/* MODIFICATION MOT DE PASSE ADMINISTRATEUR
*
* @old<String> Ancien mot de passe (actuel)
* @new<String> Nouveau mot de passe
* @confirm<String> Confirmation mot de passe
*
* @return status<Boolean> TRUE si les crédits sont bons, sinon FALSE
*
*/
public function update_admin($params){
extract($params);
/* [1] On vérifie la confirmation de mot de passe
=========================================================*/
if( $new !== $confirm )
return [ 'error' => new Error(Err::WrongParam, 'confirm') ];
/* [2] On vérifie le mot de passe actuel
=========================================================*/
/* (1) On hash le mot de passe actuel */
$hash_old = secure_hash($old, $_SESSION['ADMIN']['username']);
/* (2) On vérifie que le mot de passe est correct */
$checkPassword = new Repo('admin/getById', [
$_SESSION['WAREHOUSE']['id'],
$_SESSION['ADMIN']['id']
]);
$adminFetched = $checkPassword->answer();
// Si aucun résultat -> erreur
if( $adminFetched === false )
return [ 'error' => new Error(Err::NoMatchFound) ];
/* [3] On vérifie le mot de passe actuel
=========================================================*/
// Si mot de passe faux, on retourne une erreur
if( $adminFetched['password'] != $hash_old )
return [ 'error' => new Error(Err::WrongParam, 'old') ];
/* [3] On met à jour le mot de passe
=========================================================*/
/* (1) On hash le nouveau mot de passe */
$hash_new = secure_hash($new, $adminFetched['username']);
/* (w) Requête */
$update = new Repo('admin/edit', [
$adminFetched['id_admin'],
$adminFetched['username'],
$adminFetched['mail'],
$hash_new
]);
/* (3) Gestion erreur */
if( !$update->answer() )
return [ 'error' => new Error(Err::RepoError) ];
/* (4) Succès si tout ok */
return [ 'error' => new Error(Err::Success) ];
}
} }

13
config/modules.json
View File

@ -36,7 +36,7 @@
}, },
"authentificationDefault": { "authenticationDefault": {
"POST::warehouse": { "POST::warehouse": {
"description": "Connexion de premier niveau : entrepot.", "description": "Connexion de premier niveau : entrepot.",
"permissions": [], "permissions": [],
@ -59,6 +59,17 @@
"output": { "output": {
"status": { "description": "Status de la connexion.", "type": "boolean" } "status": { "description": "Status de la connexion.", "type": "boolean" }
} }
},
"POST::update_admin": {
"description": "Changement de mot de passe administrateur",
"permissions": [["admin"]],
"parameters": {
"old": { "description": "Mot de passe actuel", "type": "text" },
"new": { "description": "Nouveau mot de passe", "type": "text" },
"confirm": { "description": "Confirmation du nouveau mot de passe", "type": "text" }
},
"output": {}
} }
}, },

4
public_html/index.php
View File

@ -84,7 +84,7 @@
// logout from admin // logout from admin
$R->get('logout/?', function(){ $R->get('logout/?', function(){
$_SERVER['REQUEST_METHOD'] = 'POST'; $_SERVER['REQUEST_METHOD'] = 'POST';
$req = new Request('authentificationDefault/admin', ['username' => '-', 'password' => '']); $req = new Request('authenticationDefault/admin', ['username' => '-', 'password' => '']);
$res = $req->dispatch(); $res = $req->dispatch();
header('Location: /'); header('Location: /');
}); });
@ -108,7 +108,7 @@
// warehouse logout // warehouse logout
$R->get('logout/?', function(){ $R->get('logout/?', function(){
$_SERVER['REQUEST_METHOD'] = 'POST'; $_SERVER['REQUEST_METHOD'] = 'POST';
(new Request('authentificationDefault/warehouse', ['name' => '---', 'password' => '']))->dispatch(); (new Request('authenticationDefault/warehouse', ['name' => '---', 'password' => '']))->dispatch();
header('Location: /'); header('Location: /');
}); });

4
public_html/view/admin.php
View File

@ -144,7 +144,7 @@
/* (2) On effectue la requête pour voir si tout fonctionne bien */ /* (2) On effectue la requête pour voir si tout fonctionne bien */
var request = { var request = {
path: 'authentificationDefault/admin', path: 'authenticationDefault/admin',
username: aName.value, username: aName.value,
password: aPassword.value password: aPassword.value
}; };
@ -182,7 +182,7 @@
logout.addEventListener('click', function(){ logout.addEventListener('click', function(){
/* (1) On rédige une requête fausse (pour déconnecter) */ /* (1) On rédige une requête fausse (pour déconnecter) */
var request = { var request = {
path: 'authentificationDefault/warehouse', path: 'authenticationDefault/warehouse',
name: '-.-', name: '-.-',
password: '' password: ''
}; };

93
public_html/view/js/profile.js
View File

@ -0,0 +1,93 @@
// On referencie toutes les sections
var section = {
view: {
text: '#CONTAINER > section[data-sublink="view"] ',
element: document.querySelector('#CONTAINER > section[data-sublink="view"]')
},
password: {
text: '#CONTAINER > section[data-sublink="password"] ',
element: document.querySelector('#CONTAINER > section[data-sublink="password"]')
}
};
/* [1] view -> Visualisation profil
=========================================================*/
if( section.view.element != null ){
// TODO: Profil admin
}
/* [2] password -> Changement de mot de passe
=========================================================*/
if( section.password.element != null ){
// On récupère les champs
section.password.input = {
old: document.querySelector(section.password.text + '#old_pwd'),
new: document.querySelector(section.password.text + '#new_pwd'),
confirm: document.querySelector(section.password.text + '#confirm_pwd'),
submit: document.querySelector(section.password.text + '#update_pwd')
};
// On recupere tous les messages d'erreur
section.password.errmsg = {
old: document.querySelector(section.password.text + '.error-msg.old_pwd'),
new: document.querySelector(section.password.text + '.error-msg.new_pwd'),
confirm: document.querySelector(section.password.text + '.error-msg.confirm_pwd')
};
/* (n) Gestion de l'envoi du formulaire */
section.password.input.submit.addEventListener('click', function(e){
// On annule l'envoi de base (PHP)
e.preventDefault();
// On vide les messages erreurs
section.password.errmsg.old.innerHTML =
section.password.errmsg.new.innerHTML =
section.password.errmsg.confirm.innerHTML = '';
var request = {
path: 'authenticationDefault/update_admin', // On veut modifier le mot de passe admin
old: section.password.input.old.value,
new: section.password.input.new.value,
confirm: section.password.input.confirm.value
};
api.send(request, function(answer){
if( answer.error == 0 ){ // Tout s'est bien deroule
console.log('Mot de passe mis à jour!');
section.password.input.submit.anim('active', 1500);
// on vide les champs
section.password.input.old.value = '';
section.password.input.new.value = '';
section.password.input.confirm.value = '';
}else{ // Erreur
console.error('ModuleError::'+answer.error);
// if missing or incorrect param
if( answer.error == 16 || answer.error == 17 ){
if( section.password.errmsg[answer.ErrorArguments[0]] != null )
section.password.errmsg[answer.ErrorArguments[0]].innerHTML = 'Le champ est manquant ou incorrect !';
}
}
});
}, false);
}

21
public_html/view/profile.php
View File

@ -54,15 +54,24 @@
/* CHANGER MOT DE PASSE /* CHANGEMENT MOT DE PASSE
* *
*/ */
// if( $sublink == 'password' ){
echo "<section data-sublink='password'>"; echo "<section data-sublink='password'>";
echo 'Changement de mot de passe';
echo "<form class='search'>";
echo "<input id='old_pwd' type='password' placeholder='Mot de passe actuel'><br>";
echo "<span class='error-msg old_pwd'></span><br>";
echo "<input id='new_pwd' type='password' placeholder='Nouveau mot de passe'><br>";
echo "<span class='error-msg new_pwd'></span><br>";
echo "<input id='confirm_pwd' type='password' placeholder='Confirmation'><br>";
echo "<span class='error-msg confirm_pwd'></span><br>";
echo "<button id='update_pwd'>Mettre à jour</button>";
echo "</form>";
echo '</section>'; echo '</section>';
// }
?> ?>

2
public_html/view/warehouse.php
View File

@ -131,7 +131,7 @@
/* (2) On effectue la requête pour voir si tout fonctionne bien */ /* (2) On effectue la requête pour voir si tout fonctionne bien */
var request = { var request = {
path: 'authentificationDefault/warehouse', path: 'authenticationDefault/warehouse',
name: wName.value, name: wName.value,
password: wPassword.value password: wPassword.value
}; };