miniflux-legacy/app/models/remember_me.php

<?php

namespace Miniflux\Model\RememberMe;

use Miniflux\Session\SessionStorage;
use Miniflux\Helper;
use Miniflux\Model\User;
use PicoDb\Database;

const TABLE       = 'remember_me';
const COOKIE_NAME = '_R_';
const EXPIRATION  = 5184000;

function get_record($token, $sequence)
{
    return Database::getInstance('db')
        ->table(TABLE)
        ->eq('token', $token)
        ->eq('sequence', $sequence)
        ->gt('expiration', time())
        ->findOne();
}

function authenticate()
{
    $credentials = read_cookie();

    if ($credentials !== false) {
        $record = get_record($credentials['token'], $credentials['sequence']);

        if ($record) {
            $user = User\get_user_by_id($record['user_id']);
            SessionStorage::getInstance()->setUser($user);
            return true;
        }
    }

    return false;
}

function destroy()
{
    $credentials = read_cookie();

    if ($credentials !== false) {
        Database::getInstance('db')
             ->table(TABLE)
             ->eq('token', $credentials['token'])
             ->remove();
    }

    delete_cookie();
}

function create($user_id, $ip, $user_agent)
{
    $token = hash('sha256', $user_id.$user_agent.$ip.Helper\generate_token());
    $sequence = Helper\generate_token();
    $expiration = time() + EXPIRATION;

    cleanup();

    Database::getInstance('db')
         ->table(TABLE)
         ->insert(array(
            'user_id' => $user_id,
            'ip' => $ip,
            'user_agent' => $user_agent,
            'token' => $token,
            'sequence' => $sequence,
            'expiration' => $expiration,
            'date_creation' => time(),
         ));

    return array(
        'token' => $token,
        'sequence' => $sequence,
        'expiration' => $expiration,
    );
}

function cleanup()
{
    return Database::getInstance('db')
        ->table(TABLE)
        ->lt('expiration', time())
        ->remove();
}

function remove_user_sessions($user_id)
{
    return Database::getInstance('db')
        ->table(TABLE)
        ->eq('user_id', $user_id)
        ->remove();
}

function update($token)
{
    $new_sequence = Helper\generate_token();

    Database::getInstance('db')
         ->table(TABLE)
         ->eq('token', $token)
         ->update(array('sequence' => $new_sequence));

    return $new_sequence;
}

function encode_cookie($token, $sequence)
{
    return implode('|', array($token, $sequence));
}

function decode_cookie($value)
{
    @list($token, $sequence) = explode('|', $value);

    return array(
        'token' => $token,
        'sequence' => $sequence,
    );
}

function has_cookie()
{
    return ! empty($_COOKIE[COOKIE_NAME]);
}

function write_cookie($token, $sequence, $expiration)
{
    setcookie(
        COOKIE_NAME,
        encode_cookie($token, $sequence),
        $expiration,
        BASE_URL_DIRECTORY,
        null,
        Helper\is_secure_connection(),
        true
    );
}

function read_cookie()
{
    if (empty($_COOKIE[COOKIE_NAME])) {
        return false;
    }

    return decode_cookie($_COOKIE[COOKIE_NAME]);
}

function delete_cookie()
{
    setcookie(
        COOKIE_NAME,
        '',
        time() - 3600,
        BASE_URL_DIRECTORY,
        null,
        Helper\is_secure_connection(),
        true
    );
}
Add RememberMe authentication 2014-05-27 02:47:40 +02:00			`<?php`

Add Miniflux namespace everywhere 2016-08-25 03:17:58 +02:00			`namespace Miniflux\Model\RememberMe;`
Add RememberMe authentication 2014-05-27 02:47:40 +02:00
Change the database structure to have a single database This is a major change for the next release of Miniflux. - There is now only one database that can supports multiple users - There is no automated schema migration for this release - A migration procedure is available in the ChangeLog file 2016-12-26 15:44:53 +01:00			`use Miniflux\Session\SessionStorage;`
Add Miniflux namespace everywhere 2016-08-25 03:17:58 +02:00			`use Miniflux\Helper;`
Change the database structure to have a single database This is a major change for the next release of Miniflux. - There is now only one database that can supports multiple users - There is no automated schema migration for this release - A migration procedure is available in the ChangeLog file 2016-12-26 15:44:53 +01:00			`use Miniflux\Model\User;`
			`use PicoDb\Database;`
Add RememberMe authentication 2014-05-27 02:47:40 +02:00
Change the database structure to have a single database This is a major change for the next release of Miniflux. - There is now only one database that can supports multiple users - There is no automated schema migration for this release - A migration procedure is available in the ChangeLog file 2016-12-26 15:44:53 +01:00			`const TABLE = 'remember_me';`
Add RememberMe authentication 2014-05-27 02:47:40 +02:00			`const COOKIE_NAME = '_R_';`
Change the database structure to have a single database This is a major change for the next release of Miniflux. - There is now only one database that can supports multiple users - There is no automated schema migration for this release - A migration procedure is available in the ChangeLog file 2016-12-26 15:44:53 +01:00			`const EXPIRATION = 5184000;`
Add RememberMe authentication 2014-05-27 02:47:40 +02:00
Change the database structure to have a single database This is a major change for the next release of Miniflux. - There is now only one database that can supports multiple users - There is no automated schema migration for this release - A migration procedure is available in the ChangeLog file 2016-12-26 15:44:53 +01:00			`function get_record($token, $sequence)`
Add RememberMe authentication 2014-05-27 02:47:40 +02:00			`{`
Update dependencies 2015-08-15 03:33:39 +02:00			`return Database::getInstance('db')`
Change the database structure to have a single database This is a major change for the next release of Miniflux. - There is now only one database that can supports multiple users - There is no automated schema migration for this release - A migration procedure is available in the ChangeLog file 2016-12-26 15:44:53 +01:00			`->table(TABLE)`
			`->eq('token', $token)`
			`->eq('sequence', $sequence)`
			`->gt('expiration', time())`
			`->findOne();`
Add RememberMe authentication 2014-05-27 02:47:40 +02:00			`}`

			`function authenticate()`
			`{`
			`$credentials = read_cookie();`

			`if ($credentials !== false) {`
Change the database structure to have a single database This is a major change for the next release of Miniflux. - There is now only one database that can supports multiple users - There is no automated schema migration for this release - A migration procedure is available in the ChangeLog file 2016-12-26 15:44:53 +01:00			`$record = get_record($credentials['token'], $credentials['sequence']);`
Add RememberMe authentication 2014-05-27 02:47:40 +02:00
			`if ($record) {`
Change the database structure to have a single database This is a major change for the next release of Miniflux. - There is now only one database that can supports multiple users - There is no automated schema migration for this release - A migration procedure is available in the ChangeLog file 2016-12-26 15:44:53 +01:00			`$user = User\get_user_by_id($record['user_id']);`
			`SessionStorage::getInstance()->setUser($user);`
Add RememberMe authentication 2014-05-27 02:47:40 +02:00			`return true;`
			`}`
			`}`

			`return false;`
			`}`

			`function destroy()`
			`{`
			`$credentials = read_cookie();`

			`if ($credentials !== false) {`
Update dependencies 2015-08-15 03:33:39 +02:00			`Database::getInstance('db')`
Add RememberMe authentication 2014-05-27 02:47:40 +02:00			`->table(TABLE)`
			`->eq('token', $credentials['token'])`
			`->remove();`
			`}`
Minor cleanups 2015-01-18 00:53:40 +01:00
			`delete_cookie();`
Add RememberMe authentication 2014-05-27 02:47:40 +02:00			`}`

Change the database structure to have a single database This is a major change for the next release of Miniflux. - There is now only one database that can supports multiple users - There is no automated schema migration for this release - A migration procedure is available in the ChangeLog file 2016-12-26 15:44:53 +01:00			`function create($user_id, $ip, $user_agent)`
Add RememberMe authentication 2014-05-27 02:47:40 +02:00			`{`
Change the database structure to have a single database This is a major change for the next release of Miniflux. - There is now only one database that can supports multiple users - There is no automated schema migration for this release - A migration procedure is available in the ChangeLog file 2016-12-26 15:44:53 +01:00			`$token = hash('sha256', $user_id.$user_agent.$ip.Helper\generate_token());`
Move generate_token() to Helper namespace 2016-08-18 03:41:14 +02:00			`$sequence = Helper\generate_token();`
Add RememberMe authentication 2014-05-27 02:47:40 +02:00			`$expiration = time() + EXPIRATION;`

			`cleanup();`

Update dependencies 2015-08-15 03:33:39 +02:00			`Database::getInstance('db')`
Add RememberMe authentication 2014-05-27 02:47:40 +02:00			`->table(TABLE)`
			`->insert(array(`
Change the database structure to have a single database This is a major change for the next release of Miniflux. - There is now only one database that can supports multiple users - There is no automated schema migration for this release - A migration procedure is available in the ChangeLog file 2016-12-26 15:44:53 +01:00			`'user_id' => $user_id,`
Add RememberMe authentication 2014-05-27 02:47:40 +02:00			`'ip' => $ip,`
			`'user_agent' => $user_agent,`
			`'token' => $token,`
			`'sequence' => $sequence,`
			`'expiration' => $expiration,`
			`'date_creation' => time(),`
			`));`

			`return array(`
			`'token' => $token,`
			`'sequence' => $sequence,`
			`'expiration' => $expiration,`
			`);`
			`}`

			`function cleanup()`
			`{`
Update dependencies 2015-08-15 03:33:39 +02:00			`return Database::getInstance('db')`
Change the database structure to have a single database This is a major change for the next release of Miniflux. - There is now only one database that can supports multiple users - There is no automated schema migration for this release - A migration procedure is available in the ChangeLog file 2016-12-26 15:44:53 +01:00			`->table(TABLE)`
			`->lt('expiration', time())`
			`->remove();`
Add RememberMe authentication 2014-05-27 02:47:40 +02:00			`}`

Flush all user remember me sessions when changing password 2017-01-04 03:22:12 +01:00			`function remove_user_sessions($user_id)`
			`{`
			`return Database::getInstance('db')`
			`->table(TABLE)`
			`->eq('user_id', $user_id)`
			`->remove();`
			`}`

Improve remember me + update vendor 2015-03-31 02:13:07 +02:00			`function update($token)`
Add RememberMe authentication 2014-05-27 02:47:40 +02:00			`{`
Move generate_token() to Helper namespace 2016-08-18 03:41:14 +02:00			`$new_sequence = Helper\generate_token();`
Add RememberMe authentication 2014-05-27 02:47:40 +02:00
Update dependencies 2015-08-15 03:33:39 +02:00			`Database::getInstance('db')`
Add RememberMe authentication 2014-05-27 02:47:40 +02:00			`->table(TABLE)`
			`->eq('token', $token)`
			`->update(array('sequence' => $new_sequence));`

			`return $new_sequence;`
			`}`

			`function encode_cookie($token, $sequence)`
			`{`
Change the database structure to have a single database This is a major change for the next release of Miniflux. - There is now only one database that can supports multiple users - There is no automated schema migration for this release - A migration procedure is available in the ChangeLog file 2016-12-26 15:44:53 +01:00			`return implode('\|', array($token, $sequence));`
Add RememberMe authentication 2014-05-27 02:47:40 +02:00			`}`

			`function decode_cookie($value)`
			`{`
Change the database structure to have a single database This is a major change for the next release of Miniflux. - There is now only one database that can supports multiple users - There is no automated schema migration for this release - A migration procedure is available in the ChangeLog file 2016-12-26 15:44:53 +01:00			`@list($token, $sequence) = explode('\|', $value);`
Add RememberMe authentication 2014-05-27 02:47:40 +02:00
			`return array(`
			`'token' => $token,`
			`'sequence' => $sequence,`
			`);`
			`}`

			`function has_cookie()`
			`{`
			`return ! empty($_COOKIE[COOKIE_NAME]);`
			`}`

			`function write_cookie($token, $sequence, $expiration)`
			`{`
			`setcookie(`
			`COOKIE_NAME,`
			`encode_cookie($token, $sequence),`
			`$expiration,`
			`BASE_URL_DIRECTORY,`
			`null,`
Add Miniflux namespace everywhere 2016-08-25 03:17:58 +02:00			`Helper\is_secure_connection(),`
Add RememberMe authentication 2014-05-27 02:47:40 +02:00			`true`
			`);`
			`}`

			`function read_cookie()`
			`{`
			`if (empty($_COOKIE[COOKIE_NAME])) {`
			`return false;`
			`}`

			`return decode_cookie($_COOKIE[COOKIE_NAME]);`
			`}`

			`function delete_cookie()`
			`{`
			`setcookie(`
			`COOKIE_NAME,`
			`'',`
			`time() - 3600,`
			`BASE_URL_DIRECTORY,`
			`null,`
Add Miniflux namespace everywhere 2016-08-25 03:17:58 +02:00			`Helper\is_secure_connection(),`
Add RememberMe authentication 2014-05-27 02:47:40 +02:00			`true`
			`);`
			`}`