removed 'module.authentication' to 'user/login' and 'admin/login' + ADDED 'user/signup' and 'admin/signup'
This commit is contained in:
parent
1552c09636
commit
ff8a7c9bf1
|
@ -9,7 +9,7 @@ use \database\core\Repo;
|
|||
use \api\core\AuthSystemDefault;
|
||||
|
||||
|
||||
class authentication{
|
||||
class admin{
|
||||
|
||||
public function __construct(){}
|
||||
|
||||
|
@ -17,7 +17,7 @@ class authentication{
|
|||
|
||||
|
||||
|
||||
public function POST_admin($argv){
|
||||
public function POST_login($argv){
|
||||
extract($argv);
|
||||
|
||||
/* (1) Logout by default
|
||||
|
@ -59,7 +59,10 @@ class authentication{
|
|||
|
||||
}
|
||||
|
||||
public function POST_user($argv){
|
||||
|
||||
|
||||
|
||||
public function POST_signup($argv){
|
||||
extract($argv);
|
||||
|
||||
|
||||
|
@ -68,37 +71,38 @@ class authentication{
|
|||
$_SESSION['TOKEN'] = [];
|
||||
|
||||
|
||||
/* (2) Search for @id_user from username
|
||||
/* (2) Check if @username is unique
|
||||
---------------------------------------------------------*/
|
||||
/* (1) Fetch by username */
|
||||
$fetched_user = Repo::request('user', 'getByUsername', $username);
|
||||
$fetched_admin = Repo::request('admin', 'getByUsername', $username);
|
||||
|
||||
/* (2) If not found -> error */
|
||||
if( !is_array($fetched_user) || !isset($fetched_user['id_user']) || !is_numeric($fetched_user['id_user']) )
|
||||
return ['connected' => false];
|
||||
|
||||
/* (3) Extract @id_user */
|
||||
$id_user = intval( $fetched_user['id_user'] );
|
||||
/* (2) If found -> error */
|
||||
if( $fetched_admin !== false )
|
||||
return ['error' => new Error(Err::AlreadyExists)];
|
||||
|
||||
|
||||
/* (3) Check password for user
|
||||
/* (3) Check if @mail is unique
|
||||
---------------------------------------------------------*/
|
||||
/* (1) Check password */
|
||||
$valid_pass = Repo::request('user', 'checkPassword', $id_user, $password);
|
||||
/* (1) Fetch by mail */
|
||||
$fetched_admin = Repo::request('admin', 'getByMail', $mail);
|
||||
|
||||
/* (2) If wrong password -> error */
|
||||
if( !$valid_pass )
|
||||
return ['connected' => false];
|
||||
/* (2) If found -> error */
|
||||
if( $fetched_admin !== false )
|
||||
return ['error' => new Error(Err::AlreadyExists)];
|
||||
|
||||
|
||||
/* (4) Update session to be connected
|
||||
/* (4) Create user
|
||||
---------------------------------------------------------*/
|
||||
/* (1) Update session */
|
||||
$_SESSION['TOKEN'] = 'u'.$fetched_user['token'];
|
||||
new AuthSystemDefault;
|
||||
/* (1) Create repo request */
|
||||
$id_created = Repo::request('admin', 'create', $username, $mail, $password);
|
||||
|
||||
/* (2) If error -> dispatch */
|
||||
if( $id_created === false )
|
||||
return [ 'error' => new Error(Err::RepoError) ];
|
||||
|
||||
/* (3) Return status */
|
||||
return [ 'registered' => $id_created ];
|
||||
|
||||
/* (2) Return status */
|
||||
return ['connected' => true];
|
||||
}
|
||||
|
||||
}
|
|
@ -0,0 +1,107 @@
|
|||
<?php
|
||||
|
||||
namespace api\module;
|
||||
|
||||
|
||||
use \error\core\Error;
|
||||
use \error\core\Err;
|
||||
use \database\core\Repo;
|
||||
use \api\core\AuthSystemDefault;
|
||||
|
||||
|
||||
class user{
|
||||
|
||||
public function __construct(){}
|
||||
|
||||
public function __destruct(){}
|
||||
|
||||
|
||||
public function POST_login($argv){
|
||||
extract($argv);
|
||||
|
||||
|
||||
/* (1) Logout by default
|
||||
---------------------------------------------------------*/
|
||||
$_SESSION['TOKEN'] = [];
|
||||
|
||||
|
||||
/* (2) Search for @id_user from username
|
||||
---------------------------------------------------------*/
|
||||
/* (1) Fetch by username */
|
||||
$fetched_user = Repo::request('user', 'getByUsername', $username);
|
||||
|
||||
/* (2) If not found -> error */
|
||||
if( !is_array($fetched_user) || !isset($fetched_user['id_user']) || !is_numeric($fetched_user['id_user']) )
|
||||
return ['connected' => false];
|
||||
|
||||
/* (3) Extract @id_user */
|
||||
$id_user = intval( $fetched_user['id_user'] );
|
||||
|
||||
|
||||
/* (3) Check password for user
|
||||
---------------------------------------------------------*/
|
||||
/* (1) Check password */
|
||||
$valid_pass = Repo::request('user', 'checkPassword', $id_user, $password);
|
||||
|
||||
/* (2) If wrong password -> error */
|
||||
if( !$valid_pass )
|
||||
return ['connected' => false];
|
||||
|
||||
|
||||
/* (4) Update session to be connected
|
||||
---------------------------------------------------------*/
|
||||
/* (1) Update session */
|
||||
$_SESSION['TOKEN'] = 'u'.$fetched_user['token'];
|
||||
new AuthSystemDefault;
|
||||
|
||||
/* (2) Return status */
|
||||
return ['connected' => true];
|
||||
}
|
||||
|
||||
|
||||
|
||||
|
||||
public function POST_signup($argv){
|
||||
extract($argv);
|
||||
|
||||
|
||||
/* (1) Logout by default
|
||||
---------------------------------------------------------*/
|
||||
$_SESSION['TOKEN'] = [];
|
||||
|
||||
|
||||
/* (2) Check if @username is unique
|
||||
---------------------------------------------------------*/
|
||||
/* (1) Fetch by username */
|
||||
$fetched_user = Repo::request('user', 'getByUsername', $username);
|
||||
|
||||
/* (2) If found -> error */
|
||||
if( $fetched_user !== false )
|
||||
return ['error' => new Error(Err::AlreadyExists)];
|
||||
|
||||
|
||||
/* (3) Check if @mail is unique
|
||||
---------------------------------------------------------*/
|
||||
/* (1) Fetch by mail */
|
||||
$fetched_user = Repo::request('user', 'getByMail', $mail);
|
||||
|
||||
/* (2) If found -> error */
|
||||
if( $fetched_user !== false )
|
||||
return ['error' => new Error(Err::AlreadyExists)];
|
||||
|
||||
|
||||
/* (4) Create user
|
||||
---------------------------------------------------------*/
|
||||
/* (1) Create repo request */
|
||||
$id_created = Repo::request('user', 'create', $username, $mail, $password);
|
||||
|
||||
/* (2) If error -> dispatch */
|
||||
if( $id_created === false )
|
||||
return [ 'error' => new Error(Err::RepoError) ];
|
||||
|
||||
/* (3) Return status */
|
||||
return [ 'registered' => $id_created ];
|
||||
|
||||
}
|
||||
|
||||
}
|
|
@ -1,7 +1,8 @@
|
|||
{
|
||||
|
||||
"authentication": {
|
||||
"POST admin": {
|
||||
"admin": {
|
||||
|
||||
"POST login": {
|
||||
"description": "Connexion administrateur",
|
||||
"permissions": [],
|
||||
"parameters": {
|
||||
|
@ -13,7 +14,25 @@
|
|||
}
|
||||
},
|
||||
|
||||
"POST user": {
|
||||
"POST signup": {
|
||||
"description": "Formulaire d'inscription",
|
||||
"permissions": [],
|
||||
"parameters": {
|
||||
"username": { "description": "Identifiant de l'administrateur", "type": "varchar(3,20,alphanumeric)" },
|
||||
"mail": { "description": "Adresse mail de l'administrateur", "type": "text" },
|
||||
"password": { "description": "Mot de passe de l'administrateur", "type": "text" }
|
||||
},
|
||||
"output": {
|
||||
"registered": { "description": "UID du nouvel administrateur", "type": "id" }
|
||||
}
|
||||
}
|
||||
|
||||
},
|
||||
|
||||
"user": {
|
||||
|
||||
"POST login": {
|
||||
|
||||
"description": "Connexion utilisateur",
|
||||
"permissions": [],
|
||||
"parameters": {
|
||||
|
@ -23,6 +42,7 @@
|
|||
"output": {
|
||||
"connected": { "description": "Vrai si connecté.", "type": "boolean" }
|
||||
}
|
||||
|
||||
},
|
||||
|
||||
"POST signup": {
|
||||
|
@ -34,49 +54,7 @@
|
|||
"password": { "description": "Mot de passe de l'utilisateur", "type": "text" }
|
||||
},
|
||||
"output": {
|
||||
"sent": { "description": "Etat de l'inscription, VRAI si le mail de confirmation a été envoyé", "type": "boolean" }
|
||||
}
|
||||
},
|
||||
|
||||
"GET signup_token": {
|
||||
"description": "Validation de l'inscription par lien envoyé par mail",
|
||||
"permissions": [],
|
||||
"parameters": {
|
||||
"URL_0": { "description": "Token de confirmation URL", "type": "hash" }
|
||||
},
|
||||
"output": {
|
||||
"confirmed": { "description": "Etat de la validité du token", "type": "boolean" }
|
||||
}
|
||||
},
|
||||
|
||||
"POST pass": {
|
||||
"description": "Demande de nouveau mot de passe",
|
||||
"permissions": ["user"],
|
||||
"parameters": {},
|
||||
"output": {
|
||||
"sent": { "description": "Etat de la demande de nouveau mot de passe, VRAI si le mail de confirmation a été envoyé", "type": "boolean" }
|
||||
}
|
||||
},
|
||||
|
||||
"POST pass_token": {
|
||||
"description": "Changement de mot de passe",
|
||||
"permissions": [],
|
||||
"parameters": {
|
||||
"URL_0": { "description": "Token de confirmation URL", "type": "hash" }
|
||||
},
|
||||
"output": {
|
||||
"confirmed": { "description": "Etat de la validité du token", "type": "boolean" }
|
||||
}
|
||||
},
|
||||
|
||||
"POST pass_update": {
|
||||
"description": "Changement de mot de passe",
|
||||
"permissions": [],
|
||||
"parameters": {
|
||||
"password": { "description": "Nouveau mot de passe", "type": "text" }
|
||||
},
|
||||
"output": {
|
||||
"updated": { "description": "Vrai si mot de passe mis à jour", "type": "boolean" }
|
||||
"registered": { "description": "UID du nouvel utilisateur", "type": "id" }
|
||||
}
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in New Issue