193 lines
5.2 KiB
PHP
193 lines
5.2 KiB
PHP
<?php
|
|
|
|
namespace EesyPHP\Auth;
|
|
|
|
use EesyPHP\App;
|
|
use EesyPHP\Cli;
|
|
use EesyPHP\Log;
|
|
|
|
use Exception;
|
|
|
|
class Db extends Backend {
|
|
|
|
/**
|
|
* Database connection object
|
|
* @var class-string|null
|
|
*/
|
|
private static $class = null;
|
|
|
|
/**
|
|
* Users table name
|
|
* @var string
|
|
*/
|
|
private static $users_table;
|
|
|
|
/**
|
|
* Username field name
|
|
* @var string
|
|
*/
|
|
private static $username_field;
|
|
|
|
/**
|
|
* Password field name
|
|
* @var string
|
|
*/
|
|
private static $password_field;
|
|
|
|
/**
|
|
* List of Db fields exposed in User object
|
|
* @var array
|
|
*/
|
|
private static $exposed_fields;
|
|
|
|
/**
|
|
* Initialize
|
|
* @return boolean
|
|
*/
|
|
public static function init() {
|
|
// Set config default values
|
|
App :: set_default(
|
|
'auth.db',
|
|
array(
|
|
'class' => '\\EesyPHP\\Db',
|
|
'users_table' => 'users',
|
|
'username_field' => 'username',
|
|
'password_field' => 'password',
|
|
'password_hash_algo' => 'default',
|
|
'exposed_fields' => array('name', 'mail'),
|
|
)
|
|
);
|
|
self :: $class = App::get('auth.db.class', null, 'string');
|
|
if (!self :: $class || !class_exists(self :: $class)) {
|
|
Log :: warning(
|
|
'Database class %s configured as authentication backend does not exists, can not '.
|
|
'initialize this authentication backend.', self :: $class
|
|
);
|
|
return false;
|
|
}
|
|
self :: $users_table = App::get('auth.db.users_table', null, 'string');
|
|
self :: $username_field = App::get('auth.db.username_field', null, 'string');
|
|
self :: $password_field = App::get('auth.db.password_field', null, 'string');
|
|
self :: $exposed_fields = App::get('auth.db.exposed_fields', null, 'array');
|
|
|
|
if (App :: get('cli.enabled'))
|
|
Cli :: add_command('add_user', ['\\EesyPHP\\Auth\\Db', 'cli_add_user'], 'Add user');
|
|
return true;
|
|
}
|
|
|
|
/**
|
|
* Connect to database
|
|
* @return void
|
|
*/
|
|
private static function connect() {
|
|
self :: $class :: connect();
|
|
}
|
|
|
|
/**
|
|
* Retrieve a user by its username
|
|
* @param string $username
|
|
* @return \EesyPHP\Auth\User|null|false The user object if found, null it not, false in case of error
|
|
*/
|
|
public static function get_user($username) {
|
|
self :: connect();
|
|
try {
|
|
$info = self :: $class :: get_one(
|
|
self :: $users_table,
|
|
[self :: $username_field => $username],
|
|
self :: $exposed_fields
|
|
);
|
|
if ($info === false)
|
|
return null;
|
|
return new User($username, '\\EesyPHP\\Auth\\Db', $info);
|
|
}
|
|
catch (Exception $e) {
|
|
Log :: error("Error retrieving user %s info from database: %s", $username, $e->getMessage());
|
|
}
|
|
return false;
|
|
}
|
|
|
|
/**
|
|
* Check a user password
|
|
* @param \EesyPHP\Auth\User $user The user object
|
|
* @param string $password The password to check
|
|
* @return boolean
|
|
*/
|
|
public static function check_password($user, $password) {
|
|
self :: connect();
|
|
try {
|
|
$info = self :: $class :: get_one(
|
|
self :: $users_table,
|
|
[self :: $username_field => $user->username],
|
|
[self :: $password_field]
|
|
);
|
|
if ($info === false)
|
|
return false;
|
|
return password_verify($password, $info[self :: $password_field]);
|
|
}
|
|
catch (Exception $e) {
|
|
Log :: error("Error retrieving user %s password from database: %s", $user, $e->getMessage());
|
|
}
|
|
return false;
|
|
}
|
|
|
|
/**
|
|
* Add user in database
|
|
* @param array $info User info with at least username, password (clear) and all required exposed
|
|
* fields
|
|
* @return bool
|
|
*/
|
|
public static function add_user($info) {
|
|
$values = [
|
|
App::get('auth.db.username_field') => $info['username'],
|
|
App::get('auth.db.password_field') => password_hash(
|
|
$info['password'],
|
|
constant('PASSWORD_'.strtoupper(App::get('auth.db.password_hash_algo')))
|
|
),
|
|
];
|
|
foreach($info as $field => $value) {
|
|
if (!$value) {
|
|
Log :: error("add_user: field %s is missing", $field);
|
|
return false;
|
|
}
|
|
}
|
|
foreach(App :: get('auth.db.exposed_fields') as $field)
|
|
if (isset($info[$field]) && $info[$field])
|
|
$values[$field] = $info[$field];
|
|
|
|
if (self :: $class :: insert(self :: $users_table, $values)) {
|
|
Log :: info('add_user(%s): user added', $values['username']);
|
|
return true;
|
|
}
|
|
Log :: error('add_user(%s): error adding user', $values['username']);
|
|
return false;
|
|
}
|
|
|
|
/**
|
|
* CLI command to add user
|
|
* @param array $command_args Command arguments
|
|
* @return bool
|
|
*/
|
|
public static function cli_add_user($command_args) {
|
|
$info = ['username' => null, 'password' => null];
|
|
foreach($info as $field => $value) {
|
|
while(!$value) {
|
|
$value = Cli::ask_user("Please enter user $field: ", $field == 'password');
|
|
if (empty($value))
|
|
print("Invalid value\n");
|
|
}
|
|
$info[$field] = $value;
|
|
}
|
|
foreach(self :: $exposed_fields as $field) {
|
|
$value = readline("Please enter user $field: ");
|
|
if (empty($value))
|
|
continue;
|
|
$info[$field] = $value;
|
|
}
|
|
if (self :: add_user($info)) {
|
|
printf("User %s added\n", $info['username']);
|
|
return true;
|
|
}
|
|
Log :: fatal("Error occurred adding user %s", $info['username']);
|
|
}
|
|
}
|