Compare commits

..

2 commits

Author SHA1 Message Date
460d6f788a Add Auth Db backend 2023-02-26 13:15:31 +01:00
895d27c21b Db: fix debugging query 2023-02-26 13:14:42 +01:00
3 changed files with 157 additions and 1 deletions

View file

@ -1,3 +1,15 @@
CREATE TABLE users (
username text NOT NULL PRIMARY KEY,
name text COLLATE NOCASE NOT NULL,
mail text COLLATE NOCASE,
password text NOT NULL
);
INSERT INTO users (username, name, mail, password) VALUES (
"admin", "Administrator", "admin@example.com",
"$argon2id$v=19$m=65536,t=4,p=1$WTQ0di44NW11MUJ1b3RMQw$+LRAQRaIXE2jhfavNFNuxnEtEUT6tEBz/98pTtD0EnM"
);
CREATE TABLE item ( CREATE TABLE item (
id INTEGER PRIMARY KEY, id INTEGER PRIMARY KEY,
name text COLLATE NOCASE NOT NULL, name text COLLATE NOCASE NOT NULL,

144
src/Auth/Db.php Normal file
View file

@ -0,0 +1,144 @@
<?php
namespace EesyPHP\Auth;
use EesyPHP\App;
use EesyPHP\Db as DbConnection;
use EesyPHP\Log;
use Exception;
class Db extends Backend {
/**
* Database connection object
* @var \EesyPHP\Db|null
*/
private static $db = null;
/**
* Database connection parameters
*/
/**
* @var string
*/
private static $dsn;
/**
* @var string|null
*/
private static $user;
/**
* @var string|null
*/
private static $password;
/**
* @var array
*/
private static $options;
/**
* Users table name
* @var string
*/
private static $users_table;
/**
* Username field name
* @var string
*/
private static $username_field;
/**
* Password field name
* @var string
*/
private static $password_field;
/**
* List of Db fields exposed in User object
* @var array
*/
private static $exposed_fields;
/**
* Initialize
* @return boolean
*/
public static function init() {
self :: $dsn = App::get('auth.db.dsn', null, 'string');
self :: $user = App::get('auth.db.user', null, 'string');
self :: $password = App::get('auth.db.password', null, 'string');
self :: $options = App::get('auth.db.options', array(), 'array');
self :: $users_table = App::get('auth.db.users_table', 'users', 'string');
self :: $username_field = App::get('auth.db.username_field', 'username', 'string');
self :: $password_field = App::get('auth.db.password_field', 'password', 'string');
self :: $exposed_fields = App::get('auth.db.exposed_fields', array('name', 'mail'), 'array');
return boolval(self :: $dsn);
}
/**
* Connect to database
* @return void
*/
private static function connect() {
if (!self :: $db)
self :: $db = new DbConnection(
self :: $dsn, self :: $user, self :: $password, self :: $options
);
}
/**
* Retreive a user by its username
* @param string $username
* @return \EesyPHP\Auth\User|null|false The user object if found, null it not, false in case of error
*/
public static function get_user($username) {
self :: connect();
try {
$query = self :: $db -> fpdo -> from(self :: $users_table)
-> select(null)
-> select(self :: $exposed_fields)
-> where(self :: $username_field, $username);
$result = $query -> execute();
$info = $result -> fetch();
if ($info === false)
return null;
return new User($username, '\\EesyPHP\\Auth\\Db', $info);
}
catch (Exception $e) {
Log :: error("Error retreiving user %s info from database: %s", $username, $e->getMessage());
}
return false;
}
/**
* Check a user password
* @param \EesyPHP\Auth\User $user The user object
* @param string $password The password to check
* @return boolean
*/
public static function check_password($user, $password) {
self :: connect();
try {
$query = self :: $db -> fpdo -> from(self :: $users_table)
-> select(null)
-> select(self :: $password_field)
-> where(self :: $username_field, $user->username);
$result = $query -> execute();
$info = $result -> fetch();
if ($info === false)
return false;
return password_verify($password, $info['password']);
}
catch (Exception $e) {
Log :: error("Error retreiving user %s password from database: %s", $user, $e->getMessage());
}
return false;
}
}

View file

@ -100,7 +100,7 @@ class Db {
} }
} }
Log :: debug('DEBUG', $msg); Log :: debug($msg);
} }
/* /*