eesyphp/src/Auth/Db.php

<?php

namespace EesyPHP\Auth;

use EesyPHP\App;
use EesyPHP\Cli;
use EesyPHP\Log;

use Exception;

class Db extends Backend {

  /**
   * Database connection object
   * @var class-string|null
   */
  private static $class = null;

  /**
   * Users table name
   * @var string
   */
  private static $users_table;

  /**
   * Username field name
   * @var string
   */
  private static $username_field;

  /**
   * Password field name
   * @var string
   */
  private static $password_field;

  /**
   * List of Db fields exposed in User object
   * @var array
   */
  private static $exposed_fields;

  /**
   * Initialize
   * @return boolean
   */
  public static function init() {
    // Set config default values
    App :: set_default(
      'auth.db',
      array(
        'class' => '\\EesyPHP\\Db',
        'users_table' => 'users',
        'username_field' => 'username',
        'password_field' => 'password',
        'password_hash_algo' => 'default',
        'exposed_fields' => array('name', 'mail'),
      )
    );
    self :: $class = App::get('auth.db.class', null, 'string');
    if (!self :: $class || !class_exists(self :: $class)) {
      Log :: warning(
        'Database class %s configured as authentication backend does not exists, can not '.
        'initialize this authentication backend.', self :: $class
      );
      return false;
    }
    self :: $users_table = App::get('auth.db.users_table', null, 'string');
    self :: $username_field = App::get('auth.db.username_field', null, 'string');
    self :: $password_field = App::get('auth.db.password_field', null, 'string');
    self :: $exposed_fields = App::get('auth.db.exposed_fields', null, 'array');

    if (App :: get('cli.enabled'))
      Cli :: add_command('add_user', ['\\EesyPHP\\Auth\\Db', 'cli_add_user'], 'Add user');
    return true;
  }

  /**
   * Connect to database
   * @return void
   */
  private static function connect() {
    self :: $class :: connect();
  }

  /**
   * Retrieve a user by its username
   * @param string $username
   * @return \EesyPHP\Auth\User|null|false The user object if found, null it not, false in case of error
   */
  public static function get_user($username) {
    self :: connect();
    try {
      $info = self :: $class :: get_one(
        self :: $users_table,
        [self :: $username_field => $username],
        self :: $exposed_fields
      );
      if ($info === false)
        return null;
      return new User($username, '\\EesyPHP\\Auth\\Db', $info);
    }
    catch (Exception $e) {
      Log :: error("Error retrieving user %s info from database: %s", $username, $e->getMessage());
    }
    return false;
  }

  /**
   * Check a user password
   * @param \EesyPHP\Auth\User $user The user object
   * @param string $password The password to check
   * @return boolean
   */
  public static function check_password($user, $password) {
    self :: connect();
    try {
      $info = self :: $class :: get_one(
        self :: $users_table,
        [self :: $username_field => $user->username],
        [self :: $password_field]
      );
      if ($info === false)
        return false;
      return password_verify($password, $info[self :: $password_field]);
    }
    catch (Exception $e) {
      Log :: error("Error retrieving user %s password from database: %s", $user, $e->getMessage());
    }
    return false;
  }

  /**
   * Add user in database
   * @param array $info  User info with at least username, password (clear) and all required exposed
   *                     fields
   * @return bool
   */
  public static function add_user($info) {
    $values = [
      App::get('auth.db.username_field') => $info['username'],
      App::get('auth.db.password_field') => password_hash(
        $info['password'],
        constant('PASSWORD_'.strtoupper(App::get('auth.db.password_hash_algo')))
      ),
    ];
    foreach($info as $field => $value) {
      if (!$value) {
        Log :: error("add_user: field %s is missing", $field);
        return false;
      }
    }
    foreach(App :: get('auth.db.exposed_fields') as $field)
      if (isset($info[$field]) && $info[$field])
        $values[$field] = $info[$field];

    if (self :: $class :: insert(self :: $users_table, $values)) {
      Log :: info('add_user(%s): user added', $values['username']);
      return true;
    }
    Log :: error('add_user(%s): error adding user', $values['username']);
    return false;
  }

  /**
   * CLI command to add user
   * @param array $command_args  Command arguments
   * @return bool
   */
  public static function cli_add_user($command_args) {
    $info = ['username' => null, 'password' => null];
    foreach($info as $field => $value) {
      while(!$value) {
        $value = Cli::ask_user("Please enter user $field: ", $field == 'password');
        if (empty($value))
          print("Invalid value\n");
      }
      $info[$field] = $value;
    }
    foreach(self :: $exposed_fields as $field) {
      $value = readline("Please enter user $field: ");
      if (empty($value))
          continue;
      $info[$field] = $value;
    }
    if (self :: add_user($info)) {
      printf("User %s added\n", $info['username']);
      return true;
    }
    Log :: fatal("Error occurred adding user %s", $info['username']);
  }
}