fixed login function
This commit is contained in:
Max538
parent
49a8f6a1dc
commit
8d4376d313
@ -2,33 +2,43 @@
|
|||||||
|
|
||||||
namespace Blog\Model;
|
namespace Blog\Model;
|
||||||
|
|
||||||
|
use Cassandra\Date;
|
||||||
use PDOException;
|
use PDOException;
|
||||||
|
|
||||||
class AuthModel extends Database
|
class AuthModel extends Database
|
||||||
{
|
{
|
||||||
public function login($email, $password){
|
public function login($email, $password){
|
||||||
$hashedPassword = password_hash($password, PASSWORD_DEFAULT);
|
$params = [":email" => $email];
|
||||||
|
$sql = "SELECT email, password, validUntil FROM user WHERE email = :email";
|
||||||
$params=array();
|
|
||||||
$params[":email"] = $email;
|
|
||||||
$params[":password"] = $hashedPassword;
|
|
||||||
|
|
||||||
$sql = "SELECT email, password, validUntil FROM user WHERE email = $email AND password = $password";
|
|
||||||
|
|
||||||
$pdo = $this->linkDB();
|
$pdo = $this->linkDB();
|
||||||
|
|
||||||
try {
|
try {
|
||||||
$sth = $pdo->prepare($sql);
|
$sth = $pdo->prepare($sql);
|
||||||
$sth->execute($params);
|
$sth->execute($params);
|
||||||
$result = $sth->fetchAll();
|
$user = $sth->fetch(PDO::FETCH_ASSOC);
|
||||||
} catch (PDOException $e) {
|
} catch (PDOException $e) {
|
||||||
new \Blog\Library\ErrorMsg("Fehler beim Schreiben der Daten.", $e);
|
new \Blog\Library\ErrorMsg("Fehler beim Abrufen der Daten.", $e);
|
||||||
die;
|
die;
|
||||||
}
|
}
|
||||||
if(new \DateTime() <= DateTime($result['validUntil']))
|
|
||||||
return $result ? true : false;
|
|
||||||
else
|
if (!$user) {
|
||||||
return "Ihr Passwort ist abgelaufen \n bitte erstellen Sie ein neues über: Passwort Vergessen";
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!password_verify($password, $user['password'])) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
$now = new DateTime();
|
||||||
|
$validUntil = new DateTime($user['validUntil']);
|
||||||
|
|
||||||
|
if ($now > $validUntil) {
|
||||||
|
return "Ihr Passwort ist abgelaufen. Bitte setzen Sie ein neues über: \"Passwort vergessen\".";
|
||||||
|
}
|
||||||
|
|
||||||
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
public function register($email, $password, $straße, $hausnr, $ort, $postleitzahl, $land, $vorname, $nachname, $tel)
|
public function register($email, $password, $straße, $hausnr, $ort, $postleitzahl, $land, $vorname, $nachname, $tel)
|
||||||
@ -123,14 +133,18 @@ class AuthModel extends Database
|
|||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
$validUntil = (new DateTime())->add(new DateInterval('PT2H'))->format('Y-m-d H:i:s');
|
||||||
|
|
||||||
|
|
||||||
$sql = "UPDATE user
|
$sql = "UPDATE user
|
||||||
SET passwort = :password
|
SET passwort = :password AND validUntil = :validUntil
|
||||||
WHERE email = :email";
|
WHERE email = :email";
|
||||||
|
|
||||||
$stmt = $pdo->prepare($sql);
|
$stmt = $pdo->prepare($sql);
|
||||||
return $stmt->execute([
|
return $stmt->execute([
|
||||||
':email' => $email,
|
':email' => $email,
|
||||||
':password' => $hashedPassword
|
':password' => $hashedPassword,
|
||||||
|
':validUntil' => $validUntil
|
||||||
]);
|
]);
|
||||||
} catch (PDOException $e) {
|
} catch (PDOException $e) {
|
||||||
new \Blog\Library\ErrorMsg("Fehler beim Aktualisieren der Daten.", $e);
|
new \Blog\Library\ErrorMsg("Fehler beim Aktualisieren der Daten.", $e);
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user