webcron/src/Repository/User.php

<?php


namespace JeroenED\Webcron\Repository;


use Doctrine\DBAL\Connection;
use JeroenED\Framework\Repository;

class User extends Repository
{

    /**
     * @param string $user
     * @param string $password
     * @param bool $autologin
     * @return int|bool
     * @throws \Doctrine\DBAL\Driver\Exception
     * @throws \Doctrine\DBAL\Exception
     */
    public function checkAuthentication(string $user, string $password, bool $autologin = false): int|bool
    {
        $userSql = "SELECT * from user WHERE email = :user";
        $userStmt = $this->dbcon->prepare($userSql);
        $userRslt = $userStmt->executeQuery([':user' => $user]);
        if($user = $userRslt->fetchAssociative()) {
            if($autologin) $password = $this->getPassFromAutologinToken($password);

            $password = hash($_ENV['HASHING_METHOD'], $password);

            if(password_verify($password, $user['password'])) {
                return $user['id'];
            }
        }
        return false;
    }

    public function createAutologinToken($password): string
    {
        $time = time();
        $password = $password . substr($time, -7) ;
        $encrypted = Secret::encrypt($password);
        return base64_encode(json_encode(['time' => $time, 'password' => base64_encode($encrypted)]));
    }

    public function getPassFromAutologinToken($token) {
        $extracted = json_decode(base64_decode($token), true);
        $encrypted = base64_decode($extracted['password']);

        $decrypted = Secret::decrypt($encrypted);

        return (
            (($extracted['time'] + $_ENV['COOKIE_LIFETIME']) > time()) &&
            substr($extracted['time'], -7) == substr($decrypted, -7)
        )
            ? substr($decrypted, 0, -7) : null;
    }

    public function getMailAddresses() {
        $emailSql = "SELECT email FROM user WHERE sendmail = 1";
        $emailStmt = $this->dbcon->prepare($emailSql);
        $emailRslt = $emailStmt->executeQuery();

        $return = [];
        foreach($emailRslt->fetchAllAssociative() as $email) {
            $return[] = $email['email'];
        }
        return $return;
    }
}
Added authentication and overview 2021-04-08 12:54:49 +02:00			`<?php`


			`namespace JeroenED\Webcron\Repository;`


			`use Doctrine\DBAL\Connection;`
NEW FEATURE: overview of runs 2021-05-27 11:46:30 +02:00			`use JeroenED\Framework\Repository;`
Added authentication and overview 2021-04-08 12:54:49 +02:00
NEW FEATURE: overview of runs 2021-05-27 11:46:30 +02:00			`class User extends Repository`
Added authentication and overview 2021-04-08 12:54:49 +02:00			`{`

Added logout and autologin 2021-04-09 15:14:35 +02:00			`/**`
			`* @param string $user`
			`* @param string $password`
			`* @param bool $autologin`
			`* @return int\|bool`
			`* @throws \Doctrine\DBAL\Driver\Exception`
			`* @throws \Doctrine\DBAL\Exception`
			`*/`
			`public function checkAuthentication(string $user, string $password, bool $autologin = false): int\|bool`
Added authentication and overview 2021-04-08 12:54:49 +02:00			`{`
			`$userSql = "SELECT * from user WHERE email = :user";`
			`$userStmt = $this->dbcon->prepare($userSql);`
NEW FEATURE: added mailing for failed runs 2021-11-19 15:13:20 +01:00			`$userRslt = $userStmt->executeQuery([':user' => $user]);`
Added authentication and overview 2021-04-08 12:54:49 +02:00			`if($user = $userRslt->fetchAssociative()) {`
Added logout and autologin 2021-04-09 15:14:35 +02:00			`if($autologin) $password = $this->getPassFromAutologinToken($password);`

			`$password = hash($_ENV['HASHING_METHOD'], $password);`

			`if(password_verify($password, $user['password'])) {`
			`return $user['id'];`
Added authentication and overview 2021-04-08 12:54:49 +02:00			`}`
			`}`
			`return false;`
			`}`
Added logout and autologin 2021-04-09 15:14:35 +02:00
Added input fields for secrets 2021-04-13 14:44:58 +02:00			`public function createAutologinToken($password): string`
			`{`
Added logout and autologin 2021-04-09 15:14:35 +02:00			`$time = time();`
BUGFIX: autologin wa going wrong 2021-04-15 13:02:21 +02:00			`$password = $password . substr($time, -7) ;`
Added input fields for secrets 2021-04-13 14:44:58 +02:00			`$encrypted = Secret::encrypt($password);`
			`return base64_encode(json_encode(['time' => $time, 'password' => base64_encode($encrypted)]));`
Added logout and autologin 2021-04-09 15:14:35 +02:00			`}`

			`public function getPassFromAutologinToken($token) {`
			`$extracted = json_decode(base64_decode($token), true);`
			`$encrypted = base64_decode($extracted['password']);`

Added input fields for secrets 2021-04-13 14:44:58 +02:00			`$decrypted = Secret::decrypt($encrypted);`
Added logout and autologin 2021-04-09 15:14:35 +02:00
			`return (`
			`(($extracted['time'] + $_ENV['COOKIE_LIFETIME']) > time()) &&`
Added input fields for secrets 2021-04-13 14:44:58 +02:00			`substr($extracted['time'], -7) == substr($decrypted, -7)`
Added logout and autologin 2021-04-09 15:14:35 +02:00			`)`
Added input fields for secrets 2021-04-13 14:44:58 +02:00			`? substr($decrypted, 0, -7) : null;`
Added logout and autologin 2021-04-09 15:14:35 +02:00			`}`
NEW FEATURE: added mailing for failed runs 2021-11-19 15:13:20 +01:00
			`public function getMailAddresses() {`
			`$emailSql = "SELECT email FROM user WHERE sendmail = 1";`
			`$emailStmt = $this->dbcon->prepare($emailSql);`
			`$emailRslt = $emailStmt->executeQuery();`

			`$return = [];`
			`foreach($emailRslt->fetchAllAssociative() as $email) {`
			`$return[] = $email['email'];`
			`}`
			`return $return;`
			`}`
Added authentication and overview 2021-04-08 12:54:49 +02:00			`}`