removed 'module.authentication' to 'user/login' and 'admin/login' + ADDED 'user/signup' and 'admin/signup'

This commit is contained in:
xdrm-brackets 2017-12-07 21:51:32 +01:00
parent 1552c09636
commit ff8a7c9bf1
3 changed files with 158 additions and 69 deletions

View File

@ -9,7 +9,7 @@ use \database\core\Repo;
use \api\core\AuthSystemDefault; use \api\core\AuthSystemDefault;
class authentication{ class admin{
public function __construct(){} public function __construct(){}
@ -17,7 +17,7 @@ class authentication{
public function POST_admin($argv){ public function POST_login($argv){
extract($argv); extract($argv);
/* (1) Logout by default /* (1) Logout by default
@ -59,7 +59,10 @@ class authentication{
} }
public function POST_user($argv){
public function POST_signup($argv){
extract($argv); extract($argv);
@ -68,37 +71,38 @@ class authentication{
$_SESSION['TOKEN'] = []; $_SESSION['TOKEN'] = [];
/* (2) Search for @id_user from username /* (2) Check if @username is unique
---------------------------------------------------------*/ ---------------------------------------------------------*/
/* (1) Fetch by username */ /* (1) Fetch by username */
$fetched_user = Repo::request('user', 'getByUsername', $username); $fetched_admin = Repo::request('admin', 'getByUsername', $username);
/* (2) If not found -> error */ /* (2) If found -> error */
if( !is_array($fetched_user) || !isset($fetched_user['id_user']) || !is_numeric($fetched_user['id_user']) ) if( $fetched_admin !== false )
return ['connected' => false]; return ['error' => new Error(Err::AlreadyExists)];
/* (3) Extract @id_user */
$id_user = intval( $fetched_user['id_user'] );
/* (3) Check password for user /* (3) Check if @mail is unique
---------------------------------------------------------*/ ---------------------------------------------------------*/
/* (1) Check password */ /* (1) Fetch by mail */
$valid_pass = Repo::request('user', 'checkPassword', $id_user, $password); $fetched_admin = Repo::request('admin', 'getByMail', $mail);
/* (2) If wrong password -> error */ /* (2) If found -> error */
if( !$valid_pass ) if( $fetched_admin !== false )
return ['connected' => false]; return ['error' => new Error(Err::AlreadyExists)];
/* (4) Update session to be connected /* (4) Create user
---------------------------------------------------------*/ ---------------------------------------------------------*/
/* (1) Update session */ /* (1) Create repo request */
$_SESSION['TOKEN'] = 'u'.$fetched_user['token']; $id_created = Repo::request('admin', 'create', $username, $mail, $password);
new AuthSystemDefault;
/* (2) If error -> dispatch */
if( $id_created === false )
return [ 'error' => new Error(Err::RepoError) ];
/* (3) Return status */
return [ 'registered' => $id_created ];
/* (2) Return status */
return ['connected' => true];
} }
} }

107
build/api/module/user.php Normal file
View File

@ -0,0 +1,107 @@
<?php
namespace api\module;
use \error\core\Error;
use \error\core\Err;
use \database\core\Repo;
use \api\core\AuthSystemDefault;
class user{
public function __construct(){}
public function __destruct(){}
public function POST_login($argv){
extract($argv);
/* (1) Logout by default
---------------------------------------------------------*/
$_SESSION['TOKEN'] = [];
/* (2) Search for @id_user from username
---------------------------------------------------------*/
/* (1) Fetch by username */
$fetched_user = Repo::request('user', 'getByUsername', $username);
/* (2) If not found -> error */
if( !is_array($fetched_user) || !isset($fetched_user['id_user']) || !is_numeric($fetched_user['id_user']) )
return ['connected' => false];
/* (3) Extract @id_user */
$id_user = intval( $fetched_user['id_user'] );
/* (3) Check password for user
---------------------------------------------------------*/
/* (1) Check password */
$valid_pass = Repo::request('user', 'checkPassword', $id_user, $password);
/* (2) If wrong password -> error */
if( !$valid_pass )
return ['connected' => false];
/* (4) Update session to be connected
---------------------------------------------------------*/
/* (1) Update session */
$_SESSION['TOKEN'] = 'u'.$fetched_user['token'];
new AuthSystemDefault;
/* (2) Return status */
return ['connected' => true];
}
public function POST_signup($argv){
extract($argv);
/* (1) Logout by default
---------------------------------------------------------*/
$_SESSION['TOKEN'] = [];
/* (2) Check if @username is unique
---------------------------------------------------------*/
/* (1) Fetch by username */
$fetched_user = Repo::request('user', 'getByUsername', $username);
/* (2) If found -> error */
if( $fetched_user !== false )
return ['error' => new Error(Err::AlreadyExists)];
/* (3) Check if @mail is unique
---------------------------------------------------------*/
/* (1) Fetch by mail */
$fetched_user = Repo::request('user', 'getByMail', $mail);
/* (2) If found -> error */
if( $fetched_user !== false )
return ['error' => new Error(Err::AlreadyExists)];
/* (4) Create user
---------------------------------------------------------*/
/* (1) Create repo request */
$id_created = Repo::request('user', 'create', $username, $mail, $password);
/* (2) If error -> dispatch */
if( $id_created === false )
return [ 'error' => new Error(Err::RepoError) ];
/* (3) Return status */
return [ 'registered' => $id_created ];
}
}

View File

@ -1,7 +1,8 @@
{ {
"authentication": { "admin": {
"POST admin": {
"POST login": {
"description": "Connexion administrateur", "description": "Connexion administrateur",
"permissions": [], "permissions": [],
"parameters": { "parameters": {
@ -13,7 +14,25 @@
} }
}, },
"POST user": { "POST signup": {
"description": "Formulaire d'inscription",
"permissions": [],
"parameters": {
"username": { "description": "Identifiant de l'administrateur", "type": "varchar(3,20,alphanumeric)" },
"mail": { "description": "Adresse mail de l'administrateur", "type": "text" },
"password": { "description": "Mot de passe de l'administrateur", "type": "text" }
},
"output": {
"registered": { "description": "UID du nouvel administrateur", "type": "id" }
}
}
},
"user": {
"POST login": {
"description": "Connexion utilisateur", "description": "Connexion utilisateur",
"permissions": [], "permissions": [],
"parameters": { "parameters": {
@ -23,6 +42,7 @@
"output": { "output": {
"connected": { "description": "Vrai si connecté.", "type": "boolean" } "connected": { "description": "Vrai si connecté.", "type": "boolean" }
} }
}, },
"POST signup": { "POST signup": {
@ -34,49 +54,7 @@
"password": { "description": "Mot de passe de l'utilisateur", "type": "text" } "password": { "description": "Mot de passe de l'utilisateur", "type": "text" }
}, },
"output": { "output": {
"sent": { "description": "Etat de l'inscription, VRAI si le mail de confirmation a été envoyé", "type": "boolean" } "registered": { "description": "UID du nouvel utilisateur", "type": "id" }
}
},
"GET signup_token": {
"description": "Validation de l'inscription par lien envoyé par mail",
"permissions": [],
"parameters": {
"URL_0": { "description": "Token de confirmation URL", "type": "hash" }
},
"output": {
"confirmed": { "description": "Etat de la validité du token", "type": "boolean" }
}
},
"POST pass": {
"description": "Demande de nouveau mot de passe",
"permissions": ["user"],
"parameters": {},
"output": {
"sent": { "description": "Etat de la demande de nouveau mot de passe, VRAI si le mail de confirmation a été envoyé", "type": "boolean" }
}
},
"POST pass_token": {
"description": "Changement de mot de passe",
"permissions": [],
"parameters": {
"URL_0": { "description": "Token de confirmation URL", "type": "hash" }
},
"output": {
"confirmed": { "description": "Etat de la validité du token", "type": "boolean" }
}
},
"POST pass_update": {
"description": "Changement de mot de passe",
"permissions": [],
"parameters": {
"password": { "description": "Nouveau mot de passe", "type": "text" }
},
"output": {
"updated": { "description": "Vrai si mot de passe mis à jour", "type": "boolean" }
} }
} }