Login #1

Merged
PBS2H21ASH merged 15 commits from feat/login into don 2023-01-18 08:40:26 +01:00
4 changed files with 100 additions and 10 deletions

View File

@ -100,16 +100,23 @@ class BancaDati {
} }
} }
/**
public function select(string $table, array $data, array $order = null){ * einheitliche Select Funktion
$where = ""; * @param string $table
foreach ($data as $col => $v) { * @param array $where ["column"]=>"value" es wird mit LIKE verglichen und mit AND verbunden
if($where != ""){ * @param array|null $order ["by"]=>"column"; ["order"]=>"ASC|DESC"
$where .= " AND "; * @return void
* @author Malte Schulze Hobeling
*/
public function select(string $table, array $where, array $order = null){
$whereString = "";
foreach ($where as $col => $v) {
if($whereString != ""){
$whereString .= " AND ";
} }
$where .= $col . "=" . $v; $whereString .= $col . " LIKE " . $v;
} }
$sql = "SELECT * FROM ".$table." WHERE ".$where; $sql = "SELECT * FROM ".$table." WHERE ".$whereString;
if(isset($order["by"])){ if(isset($order["by"])){
$sql .= " ORDER BY ".$order["by"]; $sql .= " ORDER BY ".$order["by"];
} }

View File

@ -30,7 +30,7 @@ class Router
$this->request = $_SERVER; $this->request = $_SERVER;
} }
if (isset($_POST)) { if (isset($_POST)) {
$this->request["body"] = $_POST; $this->request["body"] = json_decode(file_get_contents('php://input'), true);
} }
if (isset($_POST)) { if (isset($_POST)) {
$this->request["params"] = $_GET; $this->request["params"] = $_GET;

53
User.php Normal file
View File

@ -0,0 +1,53 @@
<?php
require_once("BancaDati/BancaDati.php");
use BancaDati\BancaDati;
class User {
public string $id;
public string $username;
public string $email;
public string $token;
private string $password;
private BancaDati $db;
public function __construct() {
$this->db = new BancaDati();
return $this;
}
public function exists() {
return true;
}
public function loginWithUsername(string $username, string $password) : string {
$userObject = $this->db->select("utente", ["nomeUtente" => $username]);
if(!$userObject){
return false;
}
$this->id = $userObject["id"];
$this->username = $userObject["nomeUtente"];
$this->email = $userObject["email"];
$this->password = $userObject["parolaDordine"];
$this->token = $this->db->createUUID();
if($this->password != $password){
return false; // ungültiges password
}
$this->db->update("utente", $this->id, ["gettone" => $this->token]);
return $this->token;
}
public function loginWithToken(string $token){
$userObject = $this->db->select("utente", ["gettone" => $token]);
if(!$userObject){
return false;
}
$this->id = $userObject["id"];
$this->username = $userObject["nomeUtente"];
$this->email = $userObject["email"];
$this->password = $userObject["parolaDordine"];
$this->token = $token;
return $this;
}
}

View File

@ -3,6 +3,7 @@
require_once("Router/Router.php"); require_once("Router/Router.php");
require_once("Router/Response.php"); require_once("Router/Response.php");
require_once("BancaDati/BancaDati.php"); require_once("BancaDati/BancaDati.php");
require_once("User.php");
use Router\Response; use Router\Response;
use Router\Router; use Router\Router;
@ -11,16 +12,45 @@ use BancaDati\BancaDati;
$app = new Router("/DirektiveDesDons"); $app = new Router("/DirektiveDesDons");
$db = new BancaDati(); $db = new BancaDati();
$app->use("/", function (array &$req, Response $res) {
if(isset($_COOKIE["TOKEN"])){
$user = new User();
if($user->loginWithToken($_COOKIE["TOKEN"])){
$req["user"] = $user;
}
}
});
$app->get("/", function (array $req, Response $res) { $app->get("/", function (array $req, Response $res) {
$res->send("Hello World"); $res->send("Hello World");
//var_dump($req["user"]);
}); });
$app->get("/user", function (array $req, Response $res) { $app->get("/user", function (array $req, Response $res) {
$res->send("user"); $res->send("user");
}); });
$app->get("/user/:id", function (array $req, Response $res) { $app->get("/user/:id", function (array $req, Response $res) use ($db) {
$db->select("utente", ["username" => $req["id"]]);
$res->send("user " . $req["params"]["id"]); $res->send("user " . $req["params"]["id"]);
}); });
$app->post("/createuser", function (array $req, Response $res) use ($db) {
$db->insert("utente", ["email" => "test@email.com", "parolaDordine" => "password", "nomeUtente" => "testuser"]);
$res->send("user ");
});
$app->post("/login", function( array $req, Response $res) use ($db) {
$username = $req["body"]["username"];
$password = $req["body"]["password"];
$user = new User();
$usertoken = $user->loginWithUsername($username, $password);
if($usertoken){
setcookie("TOKEN", $usertoken, time()+3600); // 1h
$res->send("Login successful" . "token: " . $usertoken, 200);
}else{
$res->send("Login failed", 403);
}
});
$app->start(); $app->start();