105 lines
2.6 KiB
PHP
105 lines
2.6 KiB
PHP
|
<?php
|
||
|
|
||
|
namespace api\module;
|
||
|
|
||
|
|
||
|
use \error\core\Error;
|
||
|
use \error\core\Err;
|
||
|
use \database\core\Repo;
|
||
|
use \api\core\AuthSystemDefault;
|
||
|
|
||
|
|
||
|
class authentication{
|
||
|
|
||
|
public function __construct(){}
|
||
|
|
||
|
public function __destruct(){}
|
||
|
|
||
|
|
||
|
|
||
|
public function POST_admin($argv){
|
||
|
extract($argv);
|
||
|
|
||
|
/* (1) Logout by default
|
||
|
---------------------------------------------------------*/
|
||
|
$_SESSION['TOKEN'] = [];
|
||
|
|
||
|
|
||
|
/* (2) Search for @id_admin from username
|
||
|
---------------------------------------------------------*/
|
||
|
/* (1) Fetch by username */
|
||
|
$fetched_admin = Repo::request('admin', 'getByUsername', $username);
|
||
|
|
||
|
/* (2) If not found -> error */
|
||
|
if( !is_array($fetched_admin) || !isset($fetched_admin['id_admin']) || !is_numeric($fetched_admin['id_admin']) )
|
||
|
return ['connected' => false];
|
||
|
|
||
|
/* (3) Extract @id_admin */
|
||
|
$id_admin = intval( $fetched_admin['id_admin'] );
|
||
|
|
||
|
|
||
|
/* (3) Check password for admin
|
||
|
---------------------------------------------------------*/
|
||
|
/* (1) Check password */
|
||
|
$valid_pass = Repo::request('admin', 'checkPassword', $id_admin, $password);
|
||
|
|
||
|
/* (2) If wrong password -> error */
|
||
|
if( !$valid_pass )
|
||
|
return ['connected' => false];
|
||
|
|
||
|
|
||
|
/* (4) Update session to be connected
|
||
|
---------------------------------------------------------*/
|
||
|
/* (1) Update session */
|
||
|
$_SESSION['TOKEN'] = 'a'.$fetched_admin['token'];
|
||
|
new AuthSystemDefault;
|
||
|
|
||
|
/* (2) Return status */
|
||
|
return ['connected' => true];
|
||
|
|
||
|
}
|
||
|
|
||
|
public function POST_user($argv){
|
||
|
extract($argv);
|
||
|
|
||
|
|
||
|
/* (1) Logout by default
|
||
|
---------------------------------------------------------*/
|
||
|
$_SESSION['TOKEN'] = [];
|
||
|
|
||
|
|
||
|
/* (2) Search for @id_user from username
|
||
|
---------------------------------------------------------*/
|
||
|
/* (1) Fetch by username */
|
||
|
$fetched_user = Repo::request('user', 'getByUsername', $username);
|
||
|
|
||
|
/* (2) If not found -> error */
|
||
|
if( !is_array($fetched_user) || !isset($fetched_user['id_user']) || !is_numeric($fetched_user['id_user']) )
|
||
|
return ['connected' => false];
|
||
|
|
||
|
/* (3) Extract @id_user */
|
||
|
$id_user = intval( $fetched_user['id_user'] );
|
||
|
|
||
|
|
||
|
/* (3) Check password for user
|
||
|
---------------------------------------------------------*/
|
||
|
/* (1) Check password */
|
||
|
$valid_pass = Repo::request('user', 'checkPassword', $id_user, $password);
|
||
|
|
||
|
/* (2) If wrong password -> error */
|
||
|
if( !$valid_pass )
|
||
|
return ['connected' => false];
|
||
|
|
||
|
|
||
|
/* (4) Update session to be connected
|
||
|
---------------------------------------------------------*/
|
||
|
/* (1) Update session */
|
||
|
$_SESSION['TOKEN'] = 'u'.$fetched_user['token'];
|
||
|
new AuthSystemDefault;
|
||
|
|
||
|
/* (2) Return status */
|
||
|
return ['connected' => true];
|
||
|
}
|
||
|
|
||
|
}
|