User.class.php 6.5 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232
  1. <?php
  2. /*
  3. @nom: User
  4. @auteur: Idleman (http://blog.idleman.fr)
  5. @description: Classe de gestion des utilisateurs
  6. */
  7. class User extends MysqlEntity{
  8. const OTP_INTERVAL = 30;
  9. const OTP_DIGITS = 8;
  10. const OTP_DIGEST = 'sha1';
  11. protected $id,$login,$password,$otpSecret;
  12. protected $TABLE_NAME = 'user';
  13. protected $object_fields =
  14. array(
  15. 'id'=>'key',
  16. 'login'=>'string',
  17. 'password'=>'string',
  18. 'otpSecret'=>'string',
  19. );
  20. protected $object_fields_uniques =
  21. array(
  22. 'login'
  23. );
  24. function __construct(){
  25. parent::__construct();
  26. }
  27. function setId($id){
  28. $this->id = $id;
  29. }
  30. function isOtpSecretValid($otpSecret) {
  31. // Teste si la longueur est d'au moins 8 caractères
  32. // et en Base32: [A-Z] + [2-7]
  33. return is_string($otpSecret) && preg_match('/^[a-zA-Z2-7]{8,}$/', $otpSecret);
  34. }
  35. protected function getOtpControler() {
  36. return new \OTPHP\TOTP($this->otpSecret, array('interval'=>self::OTP_INTERVAL, 'digits'=>self::OTP_DIGITS, 'digest'=>self::OTP_DIGEST));
  37. }
  38. function getOtpKey() {
  39. $otp = $this->getOtpControler();
  40. return str_pad($otp->now(), $otp->digits, '0', STR_PAD_LEFT);
  41. }
  42. function exist($login,$password,$salt='',$otpEntered=Null){
  43. $userManager = new User();
  44. $user = $userManager->load(array('login'=>$login,'password'=>User::encrypt($password,$salt)));
  45. if (false!=$user) {
  46. $otpSecret = $user->otpSecret;
  47. global $configurationManager;
  48. switch (True) {
  49. case !$configurationManager->get('otpEnabled'):
  50. case empty($otpSecret) && empty($otpEntered):
  51. // Pas d'OTP s'il est désactivé dans la configuration où s'il n'est pas demandé et fourni.
  52. return $user;
  53. }
  54. $otp = $user->getOtpControler();
  55. if ($otp->verify($otpEntered) || $otp->verify($otpEntered, time()-10)) {
  56. return $user;
  57. }
  58. }
  59. return false;
  60. }
  61. static function get($login){
  62. $userManager = new User();
  63. return $userManager->load(array('login'=>$login,));
  64. }
  65. function getToken() {
  66. assert('!empty($this->password)');
  67. assert('!empty($this->login)');
  68. return sha1($this->password.$this->login);
  69. }
  70. public function add($login = false, $password = false, $salt = false, $logger = false) {
  71. if(!$logger) {
  72. require_once('Logger.class.php');
  73. $logger = new Logger('settings');
  74. }
  75. if(empty($login)) {
  76. $logger->appendLogs(_t("USER_ADD_MISSING_LOGIN"));
  77. }
  78. $existingUser = $this->load(array('login' => $login));
  79. if($existingUser instanceof User) {
  80. $logger->appendLogs(_t("USER_ADD_DUPLICATE"));
  81. $logger->save();
  82. return false;
  83. }
  84. if(empty($password)) {
  85. $logger->appendLogs(_t("USER_ADD_MISSING_PASSWORD"));
  86. }
  87. if($logger->hasLogs()) {
  88. $logger->save();
  89. return false;
  90. }
  91. $this->setLogin($login);
  92. $this->setPassword($password, $salt);
  93. $this->save();
  94. $this->createSideTables($login);
  95. $logger->appendLogs(_t("USER_ADD_OK"). ' '.$login);
  96. $logger->save();
  97. return true;
  98. }
  99. public function remove($userId) {
  100. require_once('Logger.class.php');
  101. $logger = new Logger('settings');
  102. if(empty($userId)) {
  103. $logger->appendLogs(_t("USER_DEL_MISSING_ID"));
  104. $logger->save();
  105. return false;
  106. }
  107. $user = $this->load(array('id' => $userId));
  108. if(!$user) {
  109. $logger->appendLogs(_t("USER_DEL_UNKNOWN_ID").' '.$userId);
  110. $logger->save();
  111. return false;
  112. }
  113. $this->setLogin($user->getLogin());
  114. $this->deleteSideTables();
  115. $this->delete(array('id' => $userId));
  116. $logger->appendLogs(_t("USER_DEL_OK").$user->getLogin());
  117. $logger->save();
  118. return true;
  119. }
  120. protected function createSideTables() {
  121. $this->manageSideTables();
  122. }
  123. protected function deleteSideTables() {
  124. $this->manageSideTables('remove');
  125. }
  126. protected function manageSideTables($action = 'add') {
  127. $actionMethod = $action === 'add' ? 'create' : 'destroy';
  128. $feedManager = new Feed();
  129. $feedManager->$actionMethod();
  130. $eventManager = new Event();
  131. $eventManager->$actionMethod();
  132. $folderManager = new Folder();
  133. $folderManager->$actionMethod();
  134. if($action === 'add' && $folderManager->rowCount() === '0') {
  135. $folderManager->setName(_t('GENERAL_FOLDER'));
  136. $folderManager->setParent(-1);
  137. $folderManager->setIsopen(1);
  138. $folderManager->save();
  139. }
  140. }
  141. static function existAuthToken($auth=null){
  142. $result = false;
  143. $userManager = new User();
  144. $users = $userManager->populate('id');
  145. $phpAuth = strtolower(@$_SERVER['PHP_AUTH_USER']);
  146. if (empty($auth)) $auth = @$_COOKIE['leedStaySignedIn'];
  147. foreach($users as $user){
  148. if ($user->getToken()==$auth || strtolower($user->login)===$phpAuth){
  149. $result = $user;
  150. break;
  151. }
  152. }
  153. return $result;
  154. }
  155. static function generateSalt() {
  156. return ''.mt_rand().mt_rand();
  157. }
  158. function setStayConnected() {
  159. ///@TODO: set the current web directory, here and on del
  160. setcookie('leedStaySignedIn', $this->getToken(), time()+31536000);
  161. }
  162. static function delStayConnected() {
  163. setcookie('leedStaySignedIn', '', -1);
  164. }
  165. function getId(){
  166. return $this->id;
  167. }
  168. function getLogin(){
  169. return $this->login;
  170. }
  171. function setLogin($login){
  172. $this->login = $login;
  173. }
  174. function getPassword(){
  175. return $this->password;
  176. }
  177. function setPassword($password,$salt=''){
  178. $this->password = User::encrypt($password,$salt);
  179. }
  180. function getOtpSecret(){
  181. return $this->otpSecret;
  182. }
  183. function setOtpSecret($otpSecret){
  184. $this->otpSecret = $otpSecret;
  185. }
  186. function resetPassword($resetPassword, $salt=''){
  187. $this->setPassword($resetPassword, $salt);
  188. $this->otpSecret = '';
  189. $this->save();
  190. }
  191. static function encrypt($password, $salt=''){
  192. return sha1($password.$salt);
  193. }
  194. }
  195. ?>