miniflux-legacy/models/user.php

79 lines
2.1 KiB
PHP
Raw Normal View History

<?php
namespace Model\User;
use SimpleValidator\Validator;
use SimpleValidator\Validators;
2014-02-08 20:13:14 +01:00
use PicoDb\Database;
2015-08-29 03:34:34 +02:00
use Session;
use Request;
2014-05-27 02:47:40 +02:00
use Model\Config;
use Model\RememberMe;
use Model\Database as DatabaseModel;
// Check if the user is logged in
function is_loggedin()
{
return ! empty($_SESSION['loggedin']);
}
2015-01-18 00:53:40 +01:00
// Destroy the session and the rememberMe cookie
function logout()
{
2015-01-18 00:53:40 +01:00
RememberMe\destroy();
Session\close();
}
// Get the credentials from the current selected database
function get_credentials()
{
2015-08-15 03:33:39 +02:00
return Database::getInstance('db')
2015-01-28 05:26:36 +01:00
->hashtable('settings')
->get('username', 'password');
}
// Set last login date
function set_last_login()
{
return Database::getInstance('db')
->hashtable('settings')
->put(array('last_login' => time()));
}
// Validate authentication
function validate_login(array $values)
{
$v = new Validator($values, array(
new Validators\Required('username', t('The user name is required')),
new Validators\MaxLength('username', t('The maximum length is 50 characters'), 50),
new Validators\Required('password', t('The password is required'))
));
$result = $v->execute();
$errors = $v->getErrors();
if ($result) {
$credentials = get_credentials();
if ($credentials && $credentials['username'] === $values['username'] && password_verify($values['password'], $credentials['password'])) {
set_last_login();
$_SESSION['loggedin'] = true;
2014-05-27 02:47:40 +02:00
$_SESSION['config'] = Config\get_all();
// Setup the remember me feature
if (! empty($values['remember_me'])) {
$cookie = RememberMe\create(DatabaseModel\select(), $values['username'], Request\get_ip_address(), Request\get_user_agent());
RememberMe\write_cookie($cookie['token'], $cookie['sequence'], $cookie['expiration']);
2014-05-27 02:47:40 +02:00
}
2016-04-18 01:44:45 +02:00
} else {
$result = false;
$errors['login'] = t('Bad username or password');
}
}
return array(
$result,
$errors
);
}