ndi-2018
/
main
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

removed 'module.authentication' to 'user/login' and 'admin/login' + ADDED 'user/signup' and 'admin/signup'

This commit is contained in:
xdrm-brackets 2017-12-07 21:51:32 +01:00
parent 216412f26a
commit 9f0f82c521
3 changed files with 158 additions and 69 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

50
build/api/module/authentication.php → build/api/module/admin.php
View File

@ -9,7 +9,7 @@ use \database\core\Repo;
use \api\core\AuthSystemDefault;
class authentication{
class admin{
public function __construct(){}
@ -17,7 +17,7 @@ class authentication{
public function POST_admin($argv){
public function POST_login($argv){
extract($argv);
/* (1) Logout by default
@ -59,7 +59,10 @@ class authentication{
}
public function POST_user($argv){
public function POST_signup($argv){
extract($argv);
@ -68,37 +71,38 @@ class authentication{
$_SESSION['TOKEN'] = [];
/* (2) Search for @id_user from username
/* (2) Check if @username is unique
---------------------------------------------------------*/
/* (1) Fetch by username */
$fetched_user = Repo::request('user', 'getByUsername', $username);
$fetched_admin = Repo::request('admin', 'getByUsername', $username);
/* (2) If not found -> error */
if( !is_array($fetched_user) || !isset($fetched_user['id_user']) || !is_numeric($fetched_user['id_user']) )
return ['connected' => false];
/* (3) Extract @id_user */
$id_user = intval( $fetched_user['id_user'] );
/* (2) If found -> error */
if( $fetched_admin !== false )
return ['error' => new Error(Err::AlreadyExists)];
/* (3) Check password for user
/* (3) Check if @mail is unique
---------------------------------------------------------*/
/* (1) Check password */
$valid_pass = Repo::request('user', 'checkPassword', $id_user, $password);
/* (1) Fetch by mail */
$fetched_admin = Repo::request('admin', 'getByMail', $mail);
/* (2) If wrong password -> error */
if( !$valid_pass )
return ['connected' => false];
/* (2) If found -> error */
if( $fetched_admin !== false )
return ['error' => new Error(Err::AlreadyExists)];
/* (4) Update session to be connected
/* (4) Create user
---------------------------------------------------------*/
/* (1) Update session */
$_SESSION['TOKEN'] = 'u'.$fetched_user['token'];
new AuthSystemDefault;
/* (1) Create repo request */
$id_created = Repo::request('admin', 'create', $username, $mail, $password);
/* (2) If error -> dispatch */
if( $id_created === false )
return [ 'error' => new Error(Err::RepoError) ];
/* (3) Return status */
return [ 'registered' => $id_created ];
/* (2) Return status */
return ['connected' => true];
}
}

107
build/api/module/user.php Normal file
View File

@ -0,0 +1,107 @@
<?php
namespace api\module;
use \error\core\Error;
use \error\core\Err;
use \database\core\Repo;
use \api\core\AuthSystemDefault;
class user{
public function __construct(){}
public function __destruct(){}
public function POST_login($argv){
extract($argv);
/* (1) Logout by default
---------------------------------------------------------*/
$_SESSION['TOKEN'] = [];
/* (2) Search for @id_user from username
---------------------------------------------------------*/
/* (1) Fetch by username */
$fetched_user = Repo::request('user', 'getByUsername', $username);
/* (2) If not found -> error */
if( !is_array($fetched_user) || !isset($fetched_user['id_user']) || !is_numeric($fetched_user['id_user']) )
return ['connected' => false];
/* (3) Extract @id_user */
$id_user = intval( $fetched_user['id_user'] );
/* (3) Check password for user
---------------------------------------------------------*/
/* (1) Check password */
$valid_pass = Repo::request('user', 'checkPassword', $id_user, $password);
/* (2) If wrong password -> error */
if( !$valid_pass )
return ['connected' => false];
/* (4) Update session to be connected
---------------------------------------------------------*/
/* (1) Update session */
$_SESSION['TOKEN'] = 'u'.$fetched_user['token'];
new AuthSystemDefault;
/* (2) Return status */
return ['connected' => true];
}
public function POST_signup($argv){
extract($argv);
/* (1) Logout by default
---------------------------------------------------------*/
$_SESSION['TOKEN'] = [];
/* (2) Check if @username is unique
---------------------------------------------------------*/
/* (1) Fetch by username */
$fetched_user = Repo::request('user', 'getByUsername', $username);
/* (2) If found -> error */
if( $fetched_user !== false )
return ['error' => new Error(Err::AlreadyExists)];
/* (3) Check if @mail is unique
---------------------------------------------------------*/
/* (1) Fetch by mail */
$fetched_user = Repo::request('user', 'getByMail', $mail);
/* (2) If found -> error */
if( $fetched_user !== false )
return ['error' => new Error(Err::AlreadyExists)];
/* (4) Create user
---------------------------------------------------------*/
/* (1) Create repo request */
$id_created = Repo::request('user', 'create', $username, $mail, $password);
/* (2) If error -> dispatch */
if( $id_created === false )
return [ 'error' => new Error(Err::RepoError) ];
/* (3) Return status */
return [ 'registered' => $id_created ];
}
}

70
config/modules.json
View File

@ -1,7 +1,8 @@
{
"authentication": {
"POST admin": {
"admin": {
"POST login": {
"description": "Connexion administrateur",
"permissions": [],
"parameters": {
@ -13,7 +14,25 @@
}
},
"POST user": {
"POST signup": {
"description": "Formulaire d'inscription",
"permissions": [],
"parameters": {
"username": { "description": "Identifiant de l'administrateur", "type": "varchar(3,20,alphanumeric)" },
"mail": { "description": "Adresse mail de l'administrateur", "type": "text" },
"password": { "description": "Mot de passe de l'administrateur", "type": "text" }
},
"output": {
"registered": { "description": "UID du nouvel administrateur", "type": "id" }
}
}
},
"user": {
"POST login": {
"description": "Connexion utilisateur",
"permissions": [],
"parameters": {
@ -23,6 +42,7 @@
"output": {
"connected": { "description": "Vrai si connecté.", "type": "boolean" }
}
},
"POST signup": {
@ -34,49 +54,7 @@
"password": { "description": "Mot de passe de l'utilisateur", "type": "text" }
},
"output": {
"sent": { "description": "Etat de l'inscription, VRAI si le mail de confirmation a été envoyé", "type": "boolean" }
}
},
"GET signup_token": {
"description": "Validation de l'inscription par lien envoyé par mail",
"permissions": [],
"parameters": {
"URL_0": { "description": "Token de confirmation URL", "type": "hash" }
},
"output": {
"confirmed": { "description": "Etat de la validité du token", "type": "boolean" }
}
},
"POST pass": {
"description": "Demande de nouveau mot de passe",
"permissions": ["user"],
"parameters": {},
"output": {
"sent": { "description": "Etat de la demande de nouveau mot de passe, VRAI si le mail de confirmation a été envoyé", "type": "boolean" }
}
},
"POST pass_token": {
"description": "Changement de mot de passe",
"permissions": [],
"parameters": {
"URL_0": { "description": "Token de confirmation URL", "type": "hash" }
},
"output": {
"confirmed": { "description": "Etat de la validité du token", "type": "boolean" }
}
},
"POST pass_update": {
"description": "Changement de mot de passe",
"permissions": [],
"parameters": {
"password": { "description": "Nouveau mot de passe", "type": "text" }
},
"output": {
"updated": { "description": "Vrai si mot de passe mis à jour", "type": "boolean" }
"registered": { "description": "UID du nouvel utilisateur", "type": "id" }
}
}