implemented authmodel
This commit is contained in:
Max538
parent
4fa775f326
commit
78e1e72eba
149
Model/AuthModel.php
Normal file
149
Model/AuthModel.php
Normal file
@ -0,0 +1,149 @@
|
||||
<?php
|
||||
|
||||
namespace Blog\Model;
|
||||
|
||||
use PDOException;
|
||||
|
||||
class AuthModel extends Database
|
||||
{
|
||||
public function login($email, $password){
|
||||
$hashedPassword = password_hash($password, PASSWORD_DEFAULT);
|
||||
|
||||
$params=array();
|
||||
$params[":email"] = $email;
|
||||
$params[":password"] = $hashedPassword;
|
||||
|
||||
$sql = "SELECT email, password, validUntil FROM user WHERE email = $email AND password = $password";
|
||||
|
||||
$pdo = $this->linkDB();
|
||||
|
||||
try {
|
||||
$sth = $pdo->prepare($sql);
|
||||
$sth->execute($params);
|
||||
$result = $sth->fetchAll();
|
||||
} catch (PDOException $e) {
|
||||
new \Blog\Library\ErrorMsg("Fehler beim Schreiben der Daten.", $e);
|
||||
die;
|
||||
}
|
||||
if(new \DateTime() <= DateTime($result['validUntil']))
|
||||
return $result ? true : false;
|
||||
else
|
||||
return "Ihr Passwort ist abgelaufen \n bitte erstellen Sie ein neues über: Passwort Vergessen";
|
||||
}
|
||||
|
||||
public function register($email, $password, $straße, $hausnr, $ort, $postleitzahl, $land, $vorname, $nachname, $tel)
|
||||
{
|
||||
$rtn = $this->pwRequirementCheck($password);
|
||||
if($rtn !== true){
|
||||
return $rtn;
|
||||
}
|
||||
else{
|
||||
$hashedPassword = password_hash($password, PASSWORD_DEFAULT);
|
||||
|
||||
$sql = "INSERT INTO user (email, passwort, straße, hausnr, ort, postleitzahl,land, vorname, nachname, tel)
|
||||
VALUES (:email, :password, :straße, :hausnr, :ort, :postleitzahl, :land, :vorname, :nachname, :tel)";
|
||||
|
||||
try{
|
||||
$pdo = $this->linkDB();
|
||||
$stmt = $pdo->prepare($sql);
|
||||
return $stmt->execute([
|
||||
':email' => $email,
|
||||
':password' => $hashedPassword,
|
||||
':straße' => $straße,
|
||||
':hausnr' => $hausnr,
|
||||
':ort' => $ort,
|
||||
':postleitzahl' => $postleitzahl,
|
||||
':land' => $land,
|
||||
':vorname' => $vorname,
|
||||
':nachname' => $nachname,
|
||||
':tel' => $tel
|
||||
]);
|
||||
} catch (PDOException $e) {
|
||||
new \Blog\Library\ErrorMsg("Fehler beim Schreiben der Daten.", $e);
|
||||
die;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
private function pwRequirementCheck($password){
|
||||
$error = [];
|
||||
|
||||
if(strlen($password) <= 8)
|
||||
$error[] = "min 8 Charackter";
|
||||
if(!preg_match("/[A-Z]/", $password))
|
||||
$error[] = "min one large Character";
|
||||
if(!preg_match("/[a-z]/", $password))
|
||||
$error[] = "min one small charakter";
|
||||
if(!preg_match("/[0-9]/", $password))
|
||||
$error[] = "min one number";
|
||||
if(!preg_match("/[ <>|°^,;·.:…\-_–#'’+*~!¹\"²§³\$¼%½&¬/{([)]=}?ß\\\`¸´¡⅛£¤⅜⅝⅞™±¿˛¯˘—÷×»«¢„“”µþø→↓←ŧ¶€ſ@æſðđŋħ.ĸłµ”“„¢«»›‹©‚‘’ºÆẞЪŊĦ˙&ŁΩ§€®Ŧ¥↑ıØÞ ]/", $password));
|
||||
$error[] = "min one of these: <>|°^,;·.:…\-_–#'’+*~!¹\"²§³\$¼%½&¬/{([)]=}?ß\\\`¸´¡⅛£¤⅜⅝⅞™±¿˛¯˘—÷×»«¢„“”µþø→↓←ŧ¶€ſ@æſðđŋħ.ĸłµ”“„¢«»›‹©‚‘’ºÆẞЪŊĦ˙&ŁΩ§€®Ŧ¥↑ıØÞ";
|
||||
|
||||
if(empty($error))
|
||||
return true;
|
||||
else
|
||||
return $error;
|
||||
}
|
||||
|
||||
public function pwForgot($email){
|
||||
$randomPw = bin2hex(random_bytes(12 / 2));
|
||||
$hashedPassword = password_hash($randomPw, PASSWORD_DEFAULT);
|
||||
|
||||
|
||||
|
||||
$betreff = "Passwort zurücksetzen bei bibArts";
|
||||
$nachricht = "Hallo,\n\nhier ihr temporäres Passwort:\n\n $randomPw \n\n Bitte beachten Sie, dass das Passwort nur 2 stunden Gülltig ist. \nViele Grüße,\nbibArts Team";
|
||||
|
||||
$header = "From: noreply@edu.bib.de\r\n";
|
||||
$header .= "Content-Type: text/plain; charset=UTF-8\r\n";
|
||||
|
||||
$maxTries = 5;
|
||||
$try = 0;
|
||||
$success = false;
|
||||
|
||||
while ($try < $maxTries && !$success) {
|
||||
$erfolg = mail($email, $betreff, $nachricht, $header);
|
||||
$try++;
|
||||
if (!$erfolg) {
|
||||
error_log("Mailversuch $try an $email fehlgeschlagen.");
|
||||
sleep(1);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
private function forgottenPwUpdate($email, $hashedPassword)
|
||||
{
|
||||
try{
|
||||
$pdo = $this->linkDB();
|
||||
|
||||
$sqlCheck = "SELECT COUNT(*) FROM user WHERE email = :email";
|
||||
$stmt = $pdo->prepare($sqlCheck);
|
||||
$stmt->execute([':email' => $email]);
|
||||
if ($stmt->fetchColumn() == 0) {
|
||||
return false;
|
||||
}
|
||||
|
||||
$sql = "UPDATE user
|
||||
SET passwort = :password
|
||||
WHERE email = :email";
|
||||
|
||||
$stmt = $pdo->prepare($sql);
|
||||
return $stmt->execute([
|
||||
':email' => $email,
|
||||
':password' => $hashedPassword
|
||||
]);
|
||||
} catch (PDOException $e) {
|
||||
new \Blog\Library\ErrorMsg("Fehler beim Aktualisieren der Daten.", $e);
|
||||
die;
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
public function checkDoublePw($password1, $password2){
|
||||
if($password1 === $password2){
|
||||
return true;
|
||||
}
|
||||
else
|
||||
return false;
|
||||
}
|
||||
}
|
||||
Loading…
x
Reference in New Issue
Block a user