From 9f0f82c521ab9b5c7e4a42a5c33251aac0949fd2 Mon Sep 17 00:00:00 2001 From: xdrm-brackets Date: Thu, 7 Dec 2017 21:51:32 +0100 Subject: [PATCH] removed 'module.authentication' to 'user/login' and 'admin/login' + ADDED 'user/signup' and 'admin/signup' --- .../module/{authentication.php => admin.php} | 50 ++++---- build/api/module/user.php | 107 ++++++++++++++++++ config/modules.json | 70 ++++-------- 3 files changed, 158 insertions(+), 69 deletions(-) rename build/api/module/{authentication.php => admin.php} (66%) create mode 100644 build/api/module/user.php diff --git a/build/api/module/authentication.php b/build/api/module/admin.php similarity index 66% rename from build/api/module/authentication.php rename to build/api/module/admin.php index a0ad346..9cd5da0 100644 --- a/build/api/module/authentication.php +++ b/build/api/module/admin.php @@ -9,7 +9,7 @@ use \database\core\Repo; use \api\core\AuthSystemDefault; -class authentication{ +class admin{ public function __construct(){} @@ -17,7 +17,7 @@ class authentication{ - public function POST_admin($argv){ + public function POST_login($argv){ extract($argv); /* (1) Logout by default @@ -59,7 +59,10 @@ class authentication{ } - public function POST_user($argv){ + + + + public function POST_signup($argv){ extract($argv); @@ -68,37 +71,38 @@ class authentication{ $_SESSION['TOKEN'] = []; - /* (2) Search for @id_user from username + /* (2) Check if @username is unique ---------------------------------------------------------*/ /* (1) Fetch by username */ - $fetched_user = Repo::request('user', 'getByUsername', $username); + $fetched_admin = Repo::request('admin', 'getByUsername', $username); - /* (2) If not found -> error */ - if( !is_array($fetched_user) || !isset($fetched_user['id_user']) || !is_numeric($fetched_user['id_user']) ) - return ['connected' => false]; - - /* (3) Extract @id_user */ - $id_user = intval( $fetched_user['id_user'] ); + /* (2) If found -> error */ + if( $fetched_admin !== false ) + return ['error' => new Error(Err::AlreadyExists)]; - /* (3) Check password for user + /* (3) Check if @mail is unique ---------------------------------------------------------*/ - /* (1) Check password */ - $valid_pass = Repo::request('user', 'checkPassword', $id_user, $password); + /* (1) Fetch by mail */ + $fetched_admin = Repo::request('admin', 'getByMail', $mail); - /* (2) If wrong password -> error */ - if( !$valid_pass ) - return ['connected' => false]; + /* (2) If found -> error */ + if( $fetched_admin !== false ) + return ['error' => new Error(Err::AlreadyExists)]; - /* (4) Update session to be connected + /* (4) Create user ---------------------------------------------------------*/ - /* (1) Update session */ - $_SESSION['TOKEN'] = 'u'.$fetched_user['token']; - new AuthSystemDefault; + /* (1) Create repo request */ + $id_created = Repo::request('admin', 'create', $username, $mail, $password); + + /* (2) If error -> dispatch */ + if( $id_created === false ) + return [ 'error' => new Error(Err::RepoError) ]; + + /* (3) Return status */ + return [ 'registered' => $id_created ]; - /* (2) Return status */ - return ['connected' => true]; } } diff --git a/build/api/module/user.php b/build/api/module/user.php new file mode 100644 index 0000000..01b093b --- /dev/null +++ b/build/api/module/user.php @@ -0,0 +1,107 @@ + error */ + if( !is_array($fetched_user) || !isset($fetched_user['id_user']) || !is_numeric($fetched_user['id_user']) ) + return ['connected' => false]; + + /* (3) Extract @id_user */ + $id_user = intval( $fetched_user['id_user'] ); + + + /* (3) Check password for user + ---------------------------------------------------------*/ + /* (1) Check password */ + $valid_pass = Repo::request('user', 'checkPassword', $id_user, $password); + + /* (2) If wrong password -> error */ + if( !$valid_pass ) + return ['connected' => false]; + + + /* (4) Update session to be connected + ---------------------------------------------------------*/ + /* (1) Update session */ + $_SESSION['TOKEN'] = 'u'.$fetched_user['token']; + new AuthSystemDefault; + + /* (2) Return status */ + return ['connected' => true]; + } + + + + + public function POST_signup($argv){ + extract($argv); + + + /* (1) Logout by default + ---------------------------------------------------------*/ + $_SESSION['TOKEN'] = []; + + + /* (2) Check if @username is unique + ---------------------------------------------------------*/ + /* (1) Fetch by username */ + $fetched_user = Repo::request('user', 'getByUsername', $username); + + /* (2) If found -> error */ + if( $fetched_user !== false ) + return ['error' => new Error(Err::AlreadyExists)]; + + + /* (3) Check if @mail is unique + ---------------------------------------------------------*/ + /* (1) Fetch by mail */ + $fetched_user = Repo::request('user', 'getByMail', $mail); + + /* (2) If found -> error */ + if( $fetched_user !== false ) + return ['error' => new Error(Err::AlreadyExists)]; + + + /* (4) Create user + ---------------------------------------------------------*/ + /* (1) Create repo request */ + $id_created = Repo::request('user', 'create', $username, $mail, $password); + + /* (2) If error -> dispatch */ + if( $id_created === false ) + return [ 'error' => new Error(Err::RepoError) ]; + + /* (3) Return status */ + return [ 'registered' => $id_created ]; + + } + +} diff --git a/config/modules.json b/config/modules.json index 5065b8b..4673c94 100755 --- a/config/modules.json +++ b/config/modules.json @@ -1,7 +1,8 @@ { - "authentication": { - "POST admin": { + "admin": { + + "POST login": { "description": "Connexion administrateur", "permissions": [], "parameters": { @@ -13,7 +14,25 @@ } }, - "POST user": { + "POST signup": { + "description": "Formulaire d'inscription", + "permissions": [], + "parameters": { + "username": { "description": "Identifiant de l'administrateur", "type": "varchar(3,20,alphanumeric)" }, + "mail": { "description": "Adresse mail de l'administrateur", "type": "text" }, + "password": { "description": "Mot de passe de l'administrateur", "type": "text" } + }, + "output": { + "registered": { "description": "UID du nouvel administrateur", "type": "id" } + } + } + + }, + + "user": { + + "POST login": { + "description": "Connexion utilisateur", "permissions": [], "parameters": { @@ -23,6 +42,7 @@ "output": { "connected": { "description": "Vrai si connecté.", "type": "boolean" } } + }, "POST signup": { @@ -34,49 +54,7 @@ "password": { "description": "Mot de passe de l'utilisateur", "type": "text" } }, "output": { - "sent": { "description": "Etat de l'inscription, VRAI si le mail de confirmation a été envoyé", "type": "boolean" } - } - }, - - "GET signup_token": { - "description": "Validation de l'inscription par lien envoyé par mail", - "permissions": [], - "parameters": { - "URL_0": { "description": "Token de confirmation URL", "type": "hash" } - }, - "output": { - "confirmed": { "description": "Etat de la validité du token", "type": "boolean" } - } - }, - - "POST pass": { - "description": "Demande de nouveau mot de passe", - "permissions": ["user"], - "parameters": {}, - "output": { - "sent": { "description": "Etat de la demande de nouveau mot de passe, VRAI si le mail de confirmation a été envoyé", "type": "boolean" } - } - }, - - "POST pass_token": { - "description": "Changement de mot de passe", - "permissions": [], - "parameters": { - "URL_0": { "description": "Token de confirmation URL", "type": "hash" } - }, - "output": { - "confirmed": { "description": "Etat de la validité du token", "type": "boolean" } - } - }, - - "POST pass_update": { - "description": "Changement de mot de passe", - "permissions": [], - "parameters": { - "password": { "description": "Nouveau mot de passe", "type": "text" } - }, - "output": { - "updated": { "description": "Vrai si mot de passe mis à jour", "type": "boolean" } + "registered": { "description": "UID du nouvel utilisateur", "type": "id" } } }