From 929b4dc7fd1c3e8aae40324cf605d988e00afffc Mon Sep 17 00:00:00 2001
From: xdrm-brackets <doowap31@gmail.com>
Date: Tue, 8 Nov 2016 10:14:31 +0100
Subject: [PATCH] [api\Authentification] management (almost done, module
 'authentification/renew' todo)

---
 build/api/chs/hash                  |  1 +
 build/api/core/Authentification.php | 47 +++++++++++++++--------------
 2 files changed, 25 insertions(+), 23 deletions(-)
 create mode 100644 build/api/chs/hash

diff --git a/build/api/chs/hash b/build/api/chs/hash
new file mode 100644
index 0000000..4030334
--- /dev/null
+++ b/build/api/chs/hash
@@ -0,0 +1 @@
+52add802518cc5e81705e05f44abb920bc0cbf674bba0166e4c229022f4301bb
diff --git a/build/api/core/Authentification.php b/build/api/core/Authentification.php
index 1e4aca3..cdb1dea 100644
--- a/build/api/core/Authentification.php
+++ b/build/api/core/Authentification.php
@@ -42,23 +42,29 @@
 		*
 		*/
 		public static function check(){
-			/* (1) Initialisation des permissions */
+			/* (1) Initialisation des variables
+			---------------------------------------------------------*/
+			/* (1) Token de header */
+			if( !isset($GLOBALS['TOKEN']) )
+				$GLOBALS['TOKEN'] = null;
+
+			/* (1) Liste des permissions */
 			if( !isset($GLOBALS['PERM']) )
 				$GLOBALS['PERM'] = [];
 
 
-			/* (1) Gestion de AUTH (authentification) dans HEADER
+			/* (2) Gestion de AUTH (authentification) dans HEADER
 			---------------------------------------------------------*/
-			define('__TOKEN__', isset($_SERVER['PHP_AUTH_DIGEST']) ? $_SERVER['PHP_AUTH_DIGEST'] : '' );
+			$GLOBALS['TOKEN'] = isset($_SERVER['PHP_AUTH_DIGEST']) ? $_SERVER['PHP_AUTH_DIGEST'] : '';
 
-			/* (2) Gestion de AUTH en fonction du token
+			/* (3) Gestion de AUTH en fonction du token
 			---------------------------------------------------------*/
-			define('__TOKEN__', preg_match('/^[a-f0-9]{64}$/', __TOKEN__, $match) ? $match[0] : null );
+			$GLOBALS['TOKEN'] = preg_match('/^[a-f0-9]{64}$/', $GLOBALS['TOKEN'], $match) ? $match[0] : null;
 
-			/* (3) On vérifie l'authentification par BDD
+			/* (4) On vérifie l'authentification par BDD
 			---------------------------------------------------------*/
 			if( !self::deepCheck() )
-				define('__TOKEN__', null);
+				$GLOBALS['TOKEN'] = null;
 		}
 
 
@@ -77,31 +83,26 @@
 
 			/* [2] Vérification de l'authentification
 			=========================================================*/
-				/* (1) Fetch cyclic-hashing-system -> check files */
-				$fn = [
-					'hash'  => __BUILD__.'/api/chs/hash',
-					'cycle' => __BUILD__.'/api/chs/cycle'
-				];
+				/* (1) Fetch cyclic-hashing-system -> check file */
+				$fn =  __BUILD__.'/api/chs/hash';
 
-				if( !is_file($fn['hash']) || !is_file($fn['hash']) )
+				if( !is_file($fn) )
 					return false;
 
-				/* (2) Read files -> check contents */
-				$fc = [
-					'hash'  => file_get_contents($fn['hash']),
-					'cycle' => file_get_contents($fn['cycle'])
-				];
+				/* (2) Read file -> check content */
+				$fc = file_get_contents($fn);
 
-				if( strlen($fc['hash']) !== 64 || !is_numeric($fc['cycle']) )
+				if( strlen($fc) !== 64 )
 					return false;
 
 				/* (3) Compares content */
-				if(  __TOKEN__ !== self::secure_hash($fc['hash'], intval($fc['cycle'])) )
+				$hashed = self::secure_hash($fc);
+
+				if( strlen($hashed) !== 64 || $GLOBALS['TOKEN'] !== $hashed )
 					return false;
 
 				/* (4) Stores new content */
-				file_put_contents($fn['hash'],  __TOKEN__);
-				file_put_contents($fn['cycle'], intval($fc['cycle'])-1);
+				file_put_contents($fn, $GLOBALS['TOKEN']);
 
 				/* (5) Stores permission */
 				if( !in_array('cyclic-hash-system', $GLOBALS['PERM']) )
@@ -155,7 +156,7 @@
 		*
 		*/
 		public static function auth(){
-			return is_null(__AUTH_) ? 0 : 1;
+			return is_null($GLOBALS['TOKEN']) ? 0 : 1;
 		}
 
 	}