* @version 0.1.0 * @TODO Documentation * */ class auth { private const TOKEN_SIGNATURE = "5641189c6596892b8b03a8d939803747"; public function __construct() { $mysql = new mysql(); $fluent = $mysql->getBuilder(); if(get_class($fluent) === "sven\sys\sven\uncallable") { CORE::addException(new \sven\sys\Exception("\sven\sys\sven\uncallable", "Can't find/use FluentPDO")); } } public function loggedIn() { $cookie = new cookie(); $body = \sven\sys\sven\web::getRequestBody(); $token = ($cookie->read("JWT_SVEN") ? $cookie->read("JWT_SVEN") : null); if($token) { if($cookie->read("JWT_SVEN") || $token) { $token = (new JWT_Parser())->parse((string) $token); $signer = new JWT_Sha256; return $token->verify($signer, self::TOKEN_SIGNATURE); } } else { if(isset($user) && isset($pass)) return $this->verifyLogin($user, $pass); } return false; } public function verifyLogin($username, $password) { $mysql = new mysql(); $fluent = $mysql->getBuilder(); if(get_class($fluent) !== "sven\sys\sven\uncallable") { $query = $fluent->from('t_benutzer')->select('t_benutzer.*')->where("Name = ?", $username); $data = $query->fetch(); if($data && $this->verifyPassword($password, $data->Passwort)) { return true; } } else { CORE::addException(new \sven\sys\Exception("\sven\sys\sven\uncallable", "Can't find/use FluentPDO")); } return false; } public function login($username) { $session = new session(); $session->write('auth_username', $username); $session->write('auth_ip', $_SERVER['REMOTE_ADDR']); $signer = new JWT_Sha256; $time = time(); $token = (new JWT_Builder())->setIssuer('https://rxbn.de') ->setAudience('http://eps.local') ->setId('4f1g26a1aba', true) ->setIssuedAt($time) ->setNotBefore($time+60) ->setExpiration($time+60*60) ->set('username', $username) ->sign($signer, self::TOKEN_SIGNATURE) ->getToken(); $cookie = new cookie(); $cookie->write('JWT_SVEN', (string) $token); return (string) $token; } public function logout() { $cookie = new cookie(); $cookie->drop(); $session = new session(); $session->drop(); } public function createCSRF($form_name) { $token = bin2hex(random_bytes(32)); $session = new session(); $session->write('csrf_form_'.$form_name, $token); return $token; } public function validateCSRF($form_name, $token) { $session = new session(); return hash_equals($session->read('csrf_form_'.$form_name), $token); } public function hashPassword($password) { return password_hash($password, PASSWORD_DEFAULT, ["cost" => 12]); } public function verifyPassword($password, $hash) { return password_verify($password, $hash); } public function getSomething(){} }; ?>