Auth\Db::add_user(): add check of username uniqueness

This commit is contained in:
Benjamin Renard 2024-09-13 18:43:33 +02:00
parent e2dca482b3
commit 2ee5c7540b
Signed by: bn8
GPG key ID: 3E2E1CE1907115BC

View file

@ -138,18 +138,29 @@ class Db extends Backend {
*/ */
public static function add_user($info) { public static function add_user($info) {
$values = [ $values = [
App::get('auth.db.username_field') => $info['username'], self :: $username_field => $info['username'] ?? null,
App::get('auth.db.password_field') => password_hash( self :: $password_field => (
$info['password'], ($info['password'] ?? null)?
constant('PASSWORD_'.strtoupper(App::get('auth.db.password_hash_algo'))) password_hash(
$info['password'],
constant('PASSWORD_'.strtoupper(App::get('auth.db.password_hash_algo')))
):
null
), ),
]; ];
foreach($info as $field => $value) { foreach($info as $field => $value) {
if (!$value) { if (!$value) {
Log :: error("add_user: field %s is missing", $field); Log :: error("add_user: field %s is missing (or null)", $field);
return false; return false;
} }
} }
// Check username uniqueness
if (self :: get_user($info['username'])) {
Log :: error("add_user: a user with username %s already exist");
return false;
}
foreach(App :: get('auth.db.exposed_fields') as $field) foreach(App :: get('auth.db.exposed_fields') as $field)
if (isset($info[$field]) && $info[$field]) if (isset($info[$field]) && $info[$field])
$values[$field] = $info[$field]; $values[$field] = $info[$field];