Compare commits

...

2 Commits

4 changed files with 161 additions and 69 deletions

View File

@ -9,7 +9,7 @@ use \database\core\Repo;
use \api\core\AuthSystemDefault; use \api\core\AuthSystemDefault;
class authentication{ class admin{
public function __construct(){} public function __construct(){}
@ -17,7 +17,7 @@ class authentication{
public function POST_admin($argv){ public function POST_login($argv){
extract($argv); extract($argv);
/* (1) Logout by default /* (1) Logout by default
@ -59,7 +59,10 @@ class authentication{
} }
public function POST_user($argv){
public function POST_signup($argv){
extract($argv); extract($argv);
@ -68,37 +71,38 @@ class authentication{
$_SESSION['TOKEN'] = []; $_SESSION['TOKEN'] = [];
/* (2) Search for @id_user from username /* (2) Check if @username is unique
---------------------------------------------------------*/ ---------------------------------------------------------*/
/* (1) Fetch by username */ /* (1) Fetch by username */
$fetched_user = Repo::request('user', 'getByUsername', $username); $fetched_admin = Repo::request('admin', 'getByUsername', $username);
/* (2) If not found -> error */ /* (2) If found -> error */
if( !is_array($fetched_user) || !isset($fetched_user['id_user']) || !is_numeric($fetched_user['id_user']) ) if( $fetched_admin !== false )
return ['connected' => false]; return ['error' => new Error(Err::AlreadyExists)];
/* (3) Extract @id_user */
$id_user = intval( $fetched_user['id_user'] );
/* (3) Check password for user /* (3) Check if @mail is unique
---------------------------------------------------------*/ ---------------------------------------------------------*/
/* (1) Check password */ /* (1) Fetch by mail */
$valid_pass = Repo::request('user', 'checkPassword', $id_user, $password); $fetched_admin = Repo::request('admin', 'getByMail', $mail);
/* (2) If wrong password -> error */ /* (2) If found -> error */
if( !$valid_pass ) if( $fetched_admin !== false )
return ['connected' => false]; return ['error' => new Error(Err::AlreadyExists)];
/* (4) Update session to be connected /* (4) Create user
---------------------------------------------------------*/ ---------------------------------------------------------*/
/* (1) Update session */ /* (1) Create repo request */
$_SESSION['TOKEN'] = 'u'.$fetched_user['token']; $id_created = Repo::request('admin', 'create', $username, $mail, $password);
new AuthSystemDefault;
/* (2) If error -> dispatch */
if( $id_created === false )
return [ 'error' => new Error(Err::RepoError) ];
/* (3) Return status */
return [ 'registered' => $id_created ];
/* (2) Return status */
return ['connected' => true];
} }
} }

107
build/api/module/user.php Normal file
View File

@ -0,0 +1,107 @@
<?php
namespace api\module;
use \error\core\Error;
use \error\core\Err;
use \database\core\Repo;
use \api\core\AuthSystemDefault;
class user{
public function __construct(){}
public function __destruct(){}
public function POST_login($argv){
extract($argv);
/* (1) Logout by default
---------------------------------------------------------*/
$_SESSION['TOKEN'] = [];
/* (2) Search for @id_user from username
---------------------------------------------------------*/
/* (1) Fetch by username */
$fetched_user = Repo::request('user', 'getByUsername', $username);
/* (2) If not found -> error */
if( !is_array($fetched_user) || !isset($fetched_user['id_user']) || !is_numeric($fetched_user['id_user']) )
return ['connected' => false];
/* (3) Extract @id_user */
$id_user = intval( $fetched_user['id_user'] );
/* (3) Check password for user
---------------------------------------------------------*/
/* (1) Check password */
$valid_pass = Repo::request('user', 'checkPassword', $id_user, $password);
/* (2) If wrong password -> error */
if( !$valid_pass )
return ['connected' => false];
/* (4) Update session to be connected
---------------------------------------------------------*/
/* (1) Update session */
$_SESSION['TOKEN'] = 'u'.$fetched_user['token'];
new AuthSystemDefault;
/* (2) Return status */
return ['connected' => true];
}
public function POST_signup($argv){
extract($argv);
/* (1) Logout by default
---------------------------------------------------------*/
$_SESSION['TOKEN'] = [];
/* (2) Check if @username is unique
---------------------------------------------------------*/
/* (1) Fetch by username */
$fetched_user = Repo::request('user', 'getByUsername', $username);
/* (2) If found -> error */
if( $fetched_user !== false )
return ['error' => new Error(Err::AlreadyExists)];
/* (3) Check if @mail is unique
---------------------------------------------------------*/
/* (1) Fetch by mail */
$fetched_user = Repo::request('user', 'getByMail', $mail);
/* (2) If found -> error */
if( $fetched_user !== false )
return ['error' => new Error(Err::AlreadyExists)];
/* (4) Create user
---------------------------------------------------------*/
/* (1) Create repo request */
$id_created = Repo::request('user', 'create', $username, $mail, $password);
/* (2) If error -> dispatch */
if( $id_created === false )
return [ 'error' => new Error(Err::RepoError) ];
/* (3) Return status */
return [ 'registered' => $id_created ];
}
}

View File

@ -88,6 +88,7 @@
case Err::UnknownTemplate: return $this->UnknownTemplate(); break; case Err::UnknownTemplate: return $this->UnknownTemplate(); break;
case Err::UnknownAddress: return $this->UnknownAddress(); break; case Err::UnknownAddress: return $this->UnknownAddress(); break;
case Err::UnknownError: return $this->UnknownError(); break; case Err::UnknownError: return $this->UnknownError(); break;
case Err::AlreadyExists: return $this->AlreadyExists(); break;
default: return $this->UnknownDebugError(); break; default: return $this->UnknownDebugError(); break;
} }
@ -179,6 +180,8 @@
return 'unknown'; return 'unknown';
}private function UnknownError(){ }private function UnknownError(){
return 'unknown error'; return 'unknown error';
}private function AlreadyExists(){
return 'item already exists';
}private function UnknownDebugError(){ }private function UnknownDebugError(){
return 'unknown debug error'; return 'unknown debug error';
} }

View File

@ -1,7 +1,8 @@
{ {
"authentication": { "admin": {
"POST admin": {
"POST login": {
"description": "Connexion administrateur", "description": "Connexion administrateur",
"permissions": [], "permissions": [],
"parameters": { "parameters": {
@ -13,7 +14,25 @@
} }
}, },
"POST user": { "POST signup": {
"description": "Formulaire d'inscription",
"permissions": [],
"parameters": {
"username": { "description": "Identifiant de l'administrateur", "type": "varchar(3,20,alphanumeric)" },
"mail": { "description": "Adresse mail de l'administrateur", "type": "text" },
"password": { "description": "Mot de passe de l'administrateur", "type": "text" }
},
"output": {
"registered": { "description": "UID du nouvel administrateur", "type": "id" }
}
}
},
"user": {
"POST login": {
"description": "Connexion utilisateur", "description": "Connexion utilisateur",
"permissions": [], "permissions": [],
"parameters": { "parameters": {
@ -23,6 +42,7 @@
"output": { "output": {
"connected": { "description": "Vrai si connecté.", "type": "boolean" } "connected": { "description": "Vrai si connecté.", "type": "boolean" }
} }
}, },
"POST signup": { "POST signup": {
@ -34,49 +54,7 @@
"password": { "description": "Mot de passe de l'utilisateur", "type": "text" } "password": { "description": "Mot de passe de l'utilisateur", "type": "text" }
}, },
"output": { "output": {
"sent": { "description": "Etat de l'inscription, VRAI si le mail de confirmation a été envoyé", "type": "boolean" } "registered": { "description": "UID du nouvel utilisateur", "type": "id" }
}
},
"GET signup_token": {
"description": "Validation de l'inscription par lien envoyé par mail",
"permissions": [],
"parameters": {
"URL_0": { "description": "Token de confirmation URL", "type": "hash" }
},
"output": {
"confirmed": { "description": "Etat de la validité du token", "type": "boolean" }
}
},
"POST pass": {
"description": "Demande de nouveau mot de passe",
"permissions": ["user"],
"parameters": {},
"output": {
"sent": { "description": "Etat de la demande de nouveau mot de passe, VRAI si le mail de confirmation a été envoyé", "type": "boolean" }
}
},
"POST pass_token": {
"description": "Changement de mot de passe",
"permissions": [],
"parameters": {
"URL_0": { "description": "Token de confirmation URL", "type": "hash" }
},
"output": {
"confirmed": { "description": "Etat de la validité du token", "type": "boolean" }
}
},
"POST pass_update": {
"description": "Changement de mot de passe",
"permissions": [],
"parameters": {
"password": { "description": "Nouveau mot de passe", "type": "text" }
},
"output": {
"updated": { "description": "Vrai si mot de passe mis à jour", "type": "boolean" }
} }
} }