ndi-2018
/
main
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

upd: api.core.AuthSystemDefault (implemented authentication by token)

This commit is contained in:
xdrm-brackets 2017-11-26 12:10:10 +01:00
parent e33e6714d7
commit 2c713f48e8
1 changed files with 32 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

43
build/api/core/AuthSystemDefault.php
View File

@ -5,6 +5,7 @@
use \error\core\Error; use \error\core\Error;
use \error\core\Err; use \error\core\Err;
use \api\core\AuthSystem; use \api\core\AuthSystem;
use \database\core\Repo;
@ -43,12 +44,12 @@
/* (3) Gestion de AUTH en fonction des tokens /* (3) Gestion de AUTH en fonction des tokens
---------------------------------------------------------*/ ---------------------------------------------------------*/
/* (1) Token Authentication: ADMIN */ /* (1) Token Authentication: ADMIN */
if( preg_match('/^(u[a-f0-9]{128})$/', $AUTH, $match) ) if( preg_match('/^a([a-f0-9]{128})$/', $AUTH, $match) )
$_SESSION['AUTH'] = [ 'token' => $match[1], 'type' => 'user' ]; $_SESSION['AUTH'] = [ 'token' => $match[1], 'type' => 'admin' ];
/* (2) Token Authentication: USER */ /* (2) Token Authentication: USER */
elseif( preg_match('/^(a[a-f0-9]{128})$/', $AUTH, $match) ) elseif( preg_match('/^u([a-f0-9]{128})$/', $AUTH, $match) )
$_SESSION['AUTH'] = [ 'token' => $match[1], 'type' => 'admin' ]; $_SESSION['AUTH'] = [ 'token' => $match[1], 'type' => 'user' ];
/* (2) Aucune authentification */ /* (2) Aucune authentification */
else{ else{
@ -85,9 +86,19 @@
=========================================================*/ =========================================================*/
if( self::auth_level() == 2 ){ if( self::auth_level() == 2 ){
// TODO: implement ADMIN database auth. check /* (1) Fetch admin by token */
// + set $_SESSION['ADMIN'] $fetched_admin = Repo::request('admin', 'getByToken', $_SESSION['AUTH']['token']);
// + return FALSE on error
/* (2) If does not exist -> no auth */
if( !is_array($fetched_admin) )
return false;
/* (3) Update global admin informations */
$_SESSION['ADMIN'] = [
'id' => $fetched_admin['id_admin'],
'username' => $fetched_admin['username'],
'mail' => $fetched_admin['mail']
];
} }
@ -96,9 +107,19 @@
=========================================================*/ =========================================================*/
if( self::auth_level() == 1 ){ if( self::auth_level() == 1 ){
// TODO: implement USER database auth. check /* (1) Fetch user by token */
// + set $_SESSION['USER'] $fetched_user = Repo::request('user', 'getByToken', $_SESSION['AUTH']['token']);
// + return FALSE on error
/* (2) If does not exist -> no auth */
if( !is_array($fetched_user) )
return false;
/* (3) Update global user informations */
$_SESSION['USER'] = [
'id' => $fetched_user['id_user'],
'username' => $fetched_user['username'],
'mail' => $fetched_user['mail']
];
} }
@ -223,7 +244,7 @@
public static function auth_level(){ public static function auth_level(){
/* (1) Not set */ /* (1) Not set */
if( !is_array($_SESSION['AUTH']) || !isset($_SESSION['AUTH']['type']) ) if( !is_array($_SESSION['AUTH']) || !isset($_SESSION['AUTH']['token']) || !isset($_SESSION['AUTH']['type']) )
return 0; return 0;
/* (2) Admin / User */ /* (2) Admin / User */