Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- defined("AUTH_SESSION_VAR_NAME") || define("AUTH_SESSION_VAR_NAME", "user");
- if (!isset($_REQUEST["nosess"]))
- session_start();
- class Auth {
- /*
- * The Authenticator v3.0 by Gydo194
- * Date: 1611171716
- * Author: Gydo194
- * Description: Simple and efficient authentication mechanism with both session and sessionless mode support.
- */
- /**
- * The user's username
- * @var string username
- */
- private static $username = "";
- /**
- *
- * @var type string the user's password
- */
- private static $password = "";
- /**
- * Dual purpose; both serves as the user's access level and as an
- * indicator whether the user is logged in.
- *
- * @var int the user's access level
- */
- private static $accessLevel = 0;
- //getters
- public static function getUserName(): string {
- return self::$username;
- }
- public static function getPassword(): string {
- return self::$password;
- }
- public static function getAccessLevel(): int {
- return self::$accessLevel;
- }
- //no public setters on purpose.
- //these vars have to be set by the authentication mechanism itself.
- private static function setUserName(string $user) {
- self::$username = $user;
- }
- private static function setPassword(string $pass) {
- self::$password = $pass;
- }
- private static function setAccessLevel(int $accessLevel) {
- self::$accessLevel = $accessLevel;
- }
- //state getters
- public static function isLoggedIn(): bool {
- return self::$accessLevel > 0 ? true : false;
- }
- /**
- * Gets a request parameter value
- *
- * @param string $param the parameter to get
- * @return string the value of the parameter, "" if not set.
- */
- private static function getRequestParameter(string $param): string {
- switch ($_SERVER["REQUEST_METHOD"]) {
- case "GET":
- if (isset($_GET[$param]))
- return filter_input(INPUT_GET, $param);
- else
- return "";
- break;
- case "POST":
- if (isset($_POST[$param]))
- return filter_input(INPUT_POST, $param);
- else
- return "";
- break;
- }
- return "";
- }
- //session login handling functions
- /**
- * check if the session hold user data.
- * @return bool
- */
- private static function hasSessionLogin(): bool {
- if (session_id()) {
- if (isset($_SESSION[AUTH_SESSION_VAR_NAME]["access"])) {
- if ($_SESSION[AUTH_SESSION_VAR_NAME] > 0)
- return true;
- }
- }
- return false;
- }
- private static function getSessionLogin(): void {
- if(!session_id()) return;
- self::setUserName($_SESSION[AUTH_SESSION_VAR_NAME]["user"]);
- self::setPassword($_SESSION[AUTH_SESSION_VAR_NAME]["pass"]);
- self::setAccessLevel($_SESSION[AUTH_SESSION_VAR_NAME]["access"]);
- }
- private static function saveSessionLogin(): void {
- if(!session_id()) return;
- $_SESSION[AUTH_SESSION_VAR_NAME]["user"] = self::getUserName();
- $_SESSION[AUTH_SESSION_VAR_NAME]["pass"] = self::getPassword();
- $_SESSION[AUTH_SESSION_VAR_NAME]["access"] = self::getAccessLevel();
- }
- //credential validating
- private static function validateCredentials(string $user, string $pass): bool {
- //function to be extended
- if ($user === "ADMIN" && $pass === "admin") {
- self::setAccessLevel(2);
- return true;
- }
- if ($user === "USER" && $pass === "user") {
- self::setAccessLevel(1);
- return true;
- }
- return false;
- }
- public static function login(string $user, string $pass): void {
- if (self::validateCredentials($user, $pass)) {
- self::setUserName($user);
- self::setPassword($pass);
- }
- }
- public static function autoLogin(): void {
- if(self::hasSessionLogin()) { self::getSessionLogin(); return; }
- //nope no session login
- $user = self::getRequestParameter("user");
- $pass = self::getRequestParameter("pass");
- if (self::validateCredentials($user, $pass)) {
- self::setUserName($user);
- self::setPassword($pass);
- self::saveSessionLogin(); //save login to session
- }
- }
- }
- /*
- * TESTING
- */
- /*
- echo Auth::isLoggedIn() ? "true" : "false";
- echo "<br>Logging in<br>";
- */
- Auth::autoLogin(); // <-- login using ONE function call!!
- $access = Auth::getAccessLevel();
- $user = Auth::getUserName();
- $pass = Auth::getPassword();
- $login = Auth::isLoggedIn();
- if ($login) {
- echo "Welcome, <b>$user</b>! Your access level is <b>$access</b>, and your password is <b>$pass</b>.<br>";
- } else {
- echo "Nope that doesn't work.<br>";
- }
Add Comment
Please, Sign In to add comment