Skip to content

Commit

Permalink
2022-12-22 16:17 - v2.0.6
Browse files Browse the repository at this point in the history
  • Loading branch information
LouisOuellet committed Dec 22, 2022
1 parent 663a9e7 commit 047d7ad
Show file tree
Hide file tree
Showing 3 changed files with 58 additions and 5 deletions.
2 changes: 1 addition & 1 deletion VERSION
Original file line number Diff line number Diff line change
@@ -1 +1 @@
2.0.5
2.0.6
2 changes: 1 addition & 1 deletion index.php
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,7 @@
<p><a href="/">Home</a></p>
<p><a href="install.php">Install</a></p>
<?php if($phpAUTH->isConnected()){ ?>
<p><a href="?logout">Logout</a></p>
<p><a href="?logout&csrf=<?= $phpAUTH->CSRF->token() ?>">Logout</a></p>
<p>User: <?= json_encode($phpAUTH->getUser(), JSON_PRETTY_PRINT) ?></p>
<p>BASE64 [pass1]: <?= json_encode(base64_encode("pass1"), JSON_PRETTY_PRINT) ?></p>
<p>Session ID: <?= json_encode(session_id(), JSON_PRETTY_PRINT) ?></p>
Expand Down
59 changes: 56 additions & 3 deletions src/phpAUTH.php
Original file line number Diff line number Diff line change
Expand Up @@ -30,6 +30,7 @@ class phpAUTH {
protected $Return = "HEADER";
protected $Returns = ["BOOLEAN","HEADER"];
protected $User = null;
protected $Status = null;
protected $URI = null;
public $CSRF = null;

Expand Down Expand Up @@ -146,10 +147,10 @@ protected function parseURI(){
return $this->URI;
}

protected function logout(){
if(isset($this->URI['logout']) || isset($this->URI['signout'])){
protected function logout($force = false){
if(isset($this->URI['logout']) || isset($this->URI['signout']) || $force){
// CSRF Protection
if($this->CSRF->validate()){
if($this->CSRF->validate() || $force){

// clear session variables
if(isset($_SESSION) && !empty($_SESSION)){
Expand Down Expand Up @@ -234,6 +235,58 @@ public function getDiag(){
];
}

public function getStatus(){
if($this->Authentication->isSet()){
if($this->Database == null){ $this->connect(); }
if($this->Database->isConnected()){
if($this->Status == null){
switch($this->FrontEndDBType){
case"BASIC":
$user = $this->Database->select("SELECT * FROM users WHERE username = ?", [$this->Authentication->getAuth('username')]);
if(count($user) > 0){
$user = $user[0];
if(isset($user['type']) && in_array(strtoupper($user['type']),$this->BackEndDBTypes)){ $backtype = strtoupper($user['type']); }
else { $backtype = $this->BackEndDBType; }
switch($backtype){
case"SQL":
if(password_verify($this->Authentication->getAuth('password'), $user['password'])){
$this->Status = $user['status'];
}
break;
}
}
break;
case"BEARER":
$user = $this->Database->select("SELECT * FROM users WHERE token = ?", [$this->Authentication->getAuth('token')]);
if(count($user) > 0){ $this->Status = $user[0]['status']; }
break;
case"SESSION":
if(!is_array($this->Authentication->getAuth('username'))){
$user = $this->Database->select("SELECT * FROM users WHERE username = ?", [$this->Authentication->getAuth('username')]);
if(count($user) > 0){
$user = $user[0];
if(isset($user['type']) && in_array(strtoupper($user['type']),$this->BackEndDBTypes)){ $backtype = strtoupper($user['type']); }
else { $backtype = $this->BackEndDBType; }
switch($backtype){
case"SQL":
if(password_verify($this->Authentication->getAuth('password'), $user['password'])){
$this->Status = $user['status'];
}
break;
}
}
} elseif(!is_array($this->Authentication->getAuth('sessionID'))){
$user = $this->Database->select("SELECT * FROM users WHERE sessionID = ?", [$this->Authentication->getAuth('sessionID')]);
if(count($user) > 0){ $this->Status = $user[0]['status']; }
}
break;
}
}
}
}
return $this->Status;
}

public function getUser($field = null){
if($this->Authentication->isSet()){
if($this->Database == null){ $this->connect(); }
Expand Down

0 comments on commit 047d7ad

Please sign in to comment.