123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232 |
- <?php
- /*
- @nom: User
- @auteur: Idleman (http://blog.idleman.fr)
- @description: Classe de gestion des utilisateurs
- */
- class User extends MysqlEntity{
- const OTP_INTERVAL = 30;
- const OTP_DIGITS = 8;
- const OTP_DIGEST = 'sha1';
- protected $id,$login,$password,$otpSecret;
- protected $TABLE_NAME = 'user';
- protected $object_fields =
- array(
- 'id'=>'key',
- 'login'=>'string',
- 'password'=>'string',
- 'otpSecret'=>'string',
- );
- protected $object_fields_uniques =
- array(
- 'login'
- );
- function __construct(){
- parent::__construct();
- }
- function setId($id){
- $this->id = $id;
- }
- function isOtpSecretValid($otpSecret) {
- // Teste si la longueur est d'au moins 8 caractères
- // et en Base32: [A-Z] + [2-7]
- return is_string($otpSecret) && preg_match('/^[a-zA-Z2-7]{8,}$/', $otpSecret);
- }
- protected function getOtpControler() {
- return new \OTPHP\TOTP($this->otpSecret, array('interval'=>self::OTP_INTERVAL, 'digits'=>self::OTP_DIGITS, 'digest'=>self::OTP_DIGEST));
- }
- function getOtpKey() {
- $otp = $this->getOtpControler();
- return str_pad($otp->now(), $otp->digits, '0', STR_PAD_LEFT);
- }
- function exist($login,$password,$salt='',$otpEntered=Null){
- $userManager = new User();
- $user = $userManager->load(array('login'=>$login,'password'=>User::encrypt($password,$salt)));
- if (false!=$user) {
- $otpSecret = $user->otpSecret;
- global $configurationManager;
- switch (True) {
- case !$configurationManager->get('otpEnabled'):
- case empty($otpSecret) && empty($otpEntered):
- // Pas d'OTP s'il est désactivé dans la configuration où s'il n'est pas demandé et fourni.
- return $user;
- }
- $otp = $user->getOtpControler();
- if ($otp->verify($otpEntered) || $otp->verify($otpEntered, time()-10)) {
- return $user;
- }
- }
- return false;
- }
- static function get($login){
- $userManager = new User();
- return $userManager->load(array('login'=>$login,));
- }
- function getToken() {
- assert('!empty($this->password)');
- assert('!empty($this->login)');
- return sha1($this->password.$this->login);
- }
- public function add($login = false, $password = false, $salt = false, $logger = false) {
- if(!$logger) {
- require_once('Logger.class.php');
- $logger = new Logger('settings');
- }
- if(empty($login)) {
- $logger->appendLogs(_t("USER_ADD_MISSING_LOGIN"));
- }
- $existingUser = $this->load(array('login' => $login));
- if($existingUser instanceof User) {
- $logger->appendLogs(_t("USER_ADD_DUPLICATE"));
- $logger->save();
- return false;
- }
- if(empty($password)) {
- $logger->appendLogs(_t("USER_ADD_MISSING_PASSWORD"));
- }
- if($logger->hasLogs()) {
- $logger->save();
- return false;
- }
- $this->setLogin($login);
- $this->setPassword($password, $salt);
- $this->save();
- $this->createSideTables($login);
- $logger->appendLogs(_t("USER_ADD_OK"). ' '.$login);
- $logger->save();
- return true;
- }
- public function remove($userId) {
- require_once('Logger.class.php');
- $logger = new Logger('settings');
- if(empty($userId)) {
- $logger->appendLogs(_t("USER_DEL_MISSING_ID"));
- $logger->save();
- return false;
- }
- $user = $this->load(array('id' => $userId));
- if(!$user) {
- $logger->appendLogs(_t("USER_DEL_UNKNOWN_ID").' '.$userId);
- $logger->save();
- return false;
- }
- $this->setLogin($user->getLogin());
- $this->deleteSideTables();
- $this->delete(array('id' => $userId));
- $logger->appendLogs(_t("USER_DEL_OK").$user->getLogin());
- $logger->save();
- return true;
- }
- protected function createSideTables() {
- $this->manageSideTables();
- }
- protected function deleteSideTables() {
- $this->manageSideTables('remove');
- }
- protected function manageSideTables($action = 'add') {
- $actionMethod = $action === 'add' ? 'create' : 'destroy';
- $feedManager = new Feed();
- $feedManager->$actionMethod();
- $eventManager = new Event();
- $eventManager->$actionMethod();
- $folderManager = new Folder();
- $folderManager->$actionMethod();
- if($action === 'add' && $folderManager->rowCount() === '0') {
- $folderManager->setName(_t('GENERAL_FOLDER'));
- $folderManager->setParent(-1);
- $folderManager->setIsopen(1);
- $folderManager->save();
- }
- }
- static function existAuthToken($auth=null){
- $result = false;
- $userManager = new User();
- $users = $userManager->populate('id');
- $phpAuth = strtolower(@$_SERVER['PHP_AUTH_USER']);
- if (empty($auth)) $auth = @$_COOKIE['leedStaySignedIn'];
- foreach($users as $user){
- if ($user->getToken()==$auth || strtolower($user->login)===$phpAuth){
- $result = $user;
- break;
- }
- }
- return $result;
- }
- static function generateSalt() {
- return ''.mt_rand().mt_rand();
- }
- function setStayConnected() {
- ///@TODO: set the current web directory, here and on del
- setcookie('leedStaySignedIn', $this->getToken(), time()+31536000);
- }
- static function delStayConnected() {
- setcookie('leedStaySignedIn', '', -1);
- }
- function getId(){
- return $this->id;
- }
- function getLogin(){
- return $this->login;
- }
- function setLogin($login){
- $this->login = $login;
- }
- function getPassword(){
- return $this->password;
- }
- function setPassword($password,$salt=''){
- $this->password = User::encrypt($password,$salt);
- }
- function getOtpSecret(){
- return $this->otpSecret;
- }
- function setOtpSecret($otpSecret){
- $this->otpSecret = $otpSecret;
- }
- function resetPassword($resetPassword, $salt=''){
- $this->setPassword($resetPassword, $salt);
- $this->otpSecret = '';
- $this->save();
- }
- static function encrypt($password, $salt=''){
- return sha1($password.$salt);
- }
- }
- ?>
|