diff --git a/Router/Router.php b/Router/Router.php index 7926b5b..35d05fc 100644 --- a/Router/Router.php +++ b/Router/Router.php @@ -30,7 +30,7 @@ class Router $this->request = $_SERVER; } if (isset($_POST)) { - $this->request["body"] = $_POST; + $this->request["body"] = json_decode(file_get_contents('php://input'), true); } if (isset($_POST)) { $this->request["params"] = $_GET; diff --git a/User.php b/User.php new file mode 100644 index 0000000..203368b --- /dev/null +++ b/User.php @@ -0,0 +1,53 @@ +db = new BancaDati(); + return $this; + } + + public function exists() { + return true; + } + public function loginWithUsername(string $username, string $password) : string { + $userObject = $this->db->select("utente", ["nomeUtente" => $username]); + + if(!$userObject){ + return false; + } + $this->id = $userObject["id"]; + $this->username = $userObject["nomeUtente"]; + $this->email = $userObject["email"]; + $this->password = $userObject["parolaDordine"]; + $this->token = $this->db->createUUID(); + + if($this->password != $password){ + return false; // ungültiges password + } + + $this->db->update("utente", $this->id, ["gettone" => $this->token]); + + return $this->token; + } + public function loginWithToken(string $token){ + $userObject = $this->db->select("utente", ["gettone" => $token]); + if(!$userObject){ + return false; + } + $this->id = $userObject["id"]; + $this->username = $userObject["nomeUtente"]; + $this->email = $userObject["email"]; + $this->password = $userObject["parolaDordine"]; + $this->token = $token; + + return $this; + } +} \ No newline at end of file diff --git a/index.php b/index.php index 224a190..374358d 100644 --- a/index.php +++ b/index.php @@ -3,6 +3,7 @@ require_once("Router/Router.php"); require_once("Router/Response.php"); require_once("BancaDati/BancaDati.php"); +require_once("User.php"); use Router\Response; use Router\Router; @@ -11,16 +12,45 @@ use BancaDati\BancaDati; $app = new Router("/DirektiveDesDons"); $db = new BancaDati(); +$app->use("/", function (array &$req, Response $res) { + if(isset($_COOKIE["TOKEN"])){ + $user = new User(); + if($user->loginWithToken($_COOKIE["TOKEN"])){ + $req["user"] = $user; + } + } +}); $app->get("/", function (array $req, Response $res) { $res->send("Hello World"); + //var_dump($req["user"]); }); $app->get("/user", function (array $req, Response $res) { $res->send("user"); }); -$app->get("/user/:id", function (array $req, Response $res) { +$app->get("/user/:id", function (array $req, Response $res) use ($db) { + $db->select("utente", ["username" => $req["id"]]); $res->send("user " . $req["params"]["id"]); }); +$app->post("/createuser", function (array $req, Response $res) use ($db) { + $db->insert("utente", ["email" => "test@email.com", "parolaDordine" => "password", "nomeUtente" => "testuser"]); + $res->send("user "); +}); + +$app->post("/login", function( array $req, Response $res) use ($db) { + $username = $req["body"]["username"]; + $password = $req["body"]["password"]; + + $user = new User(); + $usertoken = $user->loginWithUsername($username, $password); + + if($usertoken){ + setcookie("TOKEN", $usertoken, time()+3600); // 1h + $res->send("Login successful" . "token: " . $usertoken, 200); + }else{ + $res->send("Login failed", 403); + } +}); $app->start(); \ No newline at end of file