API tools faq
paste
Advertisement
Guest User

Untitled

a guest
May 24th, 2018
209
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
PHP 4.08 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2. class Auth{
  3.  
  4.     private  $options = [
  5.         "restriction_msg" => "Vous n'avez pas le droit d'accéder à cette page."
  6.     ];
  7.     private $session;
  8.  
  9.     public function __construct($session ,$options = []){
  10.         $this->options = array_merge($this->options, $options);
  11.         $this->session = $session;
  12.     }
  13.  
  14.     public function hashPassword($password){
  15.         return password_hash($password, PASSWORD_BCRYPT);
  16.     }
  17.  
  18.     public function register($db, $username, $password, $email){
  19.         $password = $this->hashPassword($password);
  20.         $token = Str::random(60);
  21.         $db->query("INSERT INTO users SET username = ?, password = ?, email = ? ,confirmation_token = ?", [
  22.             $username,
  23.             $password,
  24.             $email,
  25.             $token
  26.         ]);
  27.         $user_id = $db->lastInsertId();
  28.         mail($email, "Casiyass prono | Confirmation d'inscription", "Bonjour $username.\n\nAfin de valider votre compte, merci de cliquer sur ce lien :\n\nhttp://localhost/casiyass_prono/site/HTML/confirm.php?id=$user_id&token=$token");
  29.     }
  30.  
  31.     public function confirm($db, $user_id, $token){
  32.         $user = $db->query("SELECT * FROM users WHERE id = ?", [$user_id])->fetch();
  33.         if ($user && $user->confirmation_token == $token){
  34.             $db->query("UPDATE users SET confirmation_token = NULL, confirmed_at = NOW() WHERE id = ?", [$user_id]);
  35.             $this->session->write("auth", $user);
  36.             return true;
  37.         }
  38.         return false;
  39.     }
  40.  
  41.     public function restrict(){
  42.         if ($this->session->read("auth")) {
  43.             $this->session->setFlash("danger", $this->options["restriction_msg"]);
  44.             header("Location: login.php");
  45.             exit();
  46.         }
  47.     }
  48.  
  49.     public function user(){
  50.         if ($this->session->read("auth"))
  51.             return false;
  52.         return $this->session->read("auth");
  53.     }
  54.  
  55.     public function connect($user){
  56.         $this->session->write("auth", $user);
  57.     }
  58.  
  59.     public function connectFromCookie($db){
  60.         if (isset($_COOKIE["remember"]) && !$this->user()) {
  61.             $remember_token = $_COOKIE["remember"];
  62.             $parts = explode("==", $remember_token);
  63.             $user_id = $parts[0];
  64.             $user = $db->query("SELECT * from users WHERE id = ?", [$user_id])->fetch();
  65.             if ($user) {
  66.                 $expected = $user_id . "==" . $user->remember_token . sha1($user->id . "lasuperclé");
  67.                 if ($expected == $remember_token) {
  68.                     $this->connect($user);
  69.                     setcookie("remember", $remember_token, time() + 60 * 60 * 24 * 7);
  70.                 } else {
  71.                     setcookie("remember", NULL, -1);
  72.                 }
  73.             } else {
  74.                 setcookie("remember", NULL, -1);
  75.             }
  76.         }
  77.     }
  78.  
  79.     public function login($db, $username, $password, $remember = false){
  80.         $user = $db->query("SELECT * FROM users WHERE (username = :username OR email = :username) AND confirmed_at IS NOT NULL", ["username" => $username])->fetch();
  81.         var_dump($user);
  82.         if (password_verify($password, $user->password)) {
  83.             $this->connect($user);
  84.             if ($remember){
  85.                 $this->remember($db, $user->id);
  86.             }
  87.             return $user;
  88.         }else{
  89.             return false;
  90.         }
  91.     }
  92.  
  93.     public function remember($db, $user_id){
  94.         $remember_token = Str::random(255);
  95.         $db->query("UPDATE users SET remember_token = ? WHERE id = ?", [$remember_token, $user_id]);
  96.         setcookie("remember", $user_id . "==" . $remember_token . sha1($user_id . "lasuperclé"), time() + 60 * 60 * 24 *7);
  97.     }
  98.  
  99.     public function logout(){
  100.         setcookie("remember", NULL, -1);
  101.         $this->session->delete("auth");
  102.     }
  103.  
  104.     public function resetPassword($db, $email){
  105.         $user = $db->query("SELECT * FROM users WHERE email = ? AND confirmed_at IS NOT NULL", [$email])->fetch();
  106.         if ($user) {
  107.             $reset_token = Str::random(60);
  108.             $db->prepare("UPDATE users SET reset_token = ?, reset_at = NOW() WHERE id = ?", [$reset_token, $user->id]);
  109.             mail($_POST["email"], "Casiyass prono | Réinitialisation du mot de passe", "Bonjour.\n\nAfin de réinitialiser votre mot de passe, merci de cliquer sur ce lien :\n\nhttp://localhost/casiyass_prono/site/HTML/reset.php?id={$user->id}&token=$reset_token");
  110.             return $user;
  111.         }
  112.         return false;
  113.     }
  114.  
  115.     public function checkResetToken($db, $user_id, $token){
  116.         return $db->query("SELECT * FROM users WHERE id = ? AND reset_token IS NOT NULL AND token = ? AND rest_at > DATE_SUB(NOW(), INTERVAL 30 MINUTE)", [$user_id, $token])->fetch();
  117.     }
  118.  
  119. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!