Auth\Db::add_user(): add check of username uniqueness

This commit is contained in:
Benjamin Renard 2024-09-13 18:43:33 +02:00
parent e2dca482b3
commit 2ee5c7540b
Signed by: bn8
GPG key ID: 3E2E1CE1907115BC

View file

@ -138,18 +138,29 @@ class Db extends Backend {
*/
public static function add_user($info) {
$values = [
App::get('auth.db.username_field') => $info['username'],
App::get('auth.db.password_field') => password_hash(
$info['password'],
constant('PASSWORD_'.strtoupper(App::get('auth.db.password_hash_algo')))
self :: $username_field => $info['username'] ?? null,
self :: $password_field => (
($info['password'] ?? null)?
password_hash(
$info['password'],
constant('PASSWORD_'.strtoupper(App::get('auth.db.password_hash_algo')))
):
null
),
];
foreach($info as $field => $value) {
if (!$value) {
Log :: error("add_user: field %s is missing", $field);
Log :: error("add_user: field %s is missing (or null)", $field);
return false;
}
}
// Check username uniqueness
if (self :: get_user($info['username'])) {
Log :: error("add_user: a user with username %s already exist");
return false;
}
foreach(App :: get('auth.db.exposed_fields') as $field)
if (isset($info[$field]) && $info[$field])
$values[$field] = $info[$field];