Permalink
Cannot retrieve contributors at this time
Name already in use
A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
cse4707-secure-messaging/app/model/User.php
Go to fileThis commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
120 lines (107 sloc)
3.63 KB
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| use \Firebase\JWT\JWT; | |
| require_once(APP_DIR . '../vendor/autoload.php'); | |
| include_once(APP_DIR . 'database/Database.php'); | |
| include_once(APP_DIR . 'include/http.php'); | |
| class User { | |
| protected static $table = 'users'; | |
| /* Properties of a user */ | |
| public $id; | |
| public $username; | |
| public $password; | |
| public $access; | |
| public $login_attempts = 0; | |
| /** | |
| * Stores this information pertaining to this User in the DB | |
| */ | |
| public function save() { | |
| $dbh = Database::connect(); | |
| if (User::exists($this->username)) { | |
| $stmt = $dbh->prepare("UPDATE users SET password=:password, access=:access, login_attempts=:attempts WHERE username=:username"); | |
| } else { | |
| $stmt = $dbh->prepare("INSERT INTO users (username, password, access, login_attempts) VALUES (:username, :password, :access, :attempts)"); | |
| } | |
| $stmt->bindParam(':username', $this->username); | |
| $stmt->bindParam(':password', $this->password); | |
| $stmt->bindParam(':access', $this->access); | |
| $stmt->bindParam(':attempts', $this->login_attempts); | |
| $stmt->execute(); | |
| $this->id = $dbh->lastInsertId(); | |
| } | |
| public function delete() { | |
| $dbh = Database::connect(); | |
| $stmt = $dbh->prepare("DELETE FROM users WHERE id=:id"); | |
| $stmt->bindParam(':id', $this->id); | |
| $stmt->execute(); | |
| } | |
| public static function exists($username) { | |
| $dbh = Database::connect(); | |
| $stmt = $dbh->prepare("SELECT count(*) FROM users WHERE username = :username"); | |
| $stmt->bindParam(':username', $username); | |
| $stmt->execute(); | |
| return $stmt->fetchColumn() > 0; | |
| } | |
| public static function get($username) { | |
| $users = User::all(); | |
| foreach ($users as $user) { | |
| if ($user->username == $username) { | |
| return $user; | |
| } | |
| } | |
| return null; | |
| } | |
| public static function getByID($user_id) { | |
| $users = User::all(); | |
| foreach ($users as $user) { | |
| if ($user->id == $user_id) { | |
| return $user; | |
| } | |
| } | |
| return null; | |
| } | |
| public static function all() { | |
| $dbh = Database::connect(); | |
| $stmt = $dbh->prepare("SELECT * from users"); | |
| $stmt->execute(); | |
| return array_map(function ($row) { | |
| $user = new User; | |
| $user->id = $row['id']; | |
| $user->username = $row['username']; | |
| $user->password = $row['password']; | |
| $user->access = $row['access']; | |
| $user->login_attempts = $row['login_attempts']; | |
| return $user; | |
| }, $stmt->fetchAll()); | |
| } | |
| public static function authenticated() { | |
| try { | |
| $jwt = Http::cookie(Config::cookie_name); | |
| if (!$jwt) return null; | |
| $token = JWT::decode($jwt, base64_encode(Config::secret_key), ['HS512']); | |
| return $token->data; | |
| } catch (Exception $e) { | |
| Http::remove_cookie(Config::cookie_name); | |
| return null; | |
| } | |
| } | |
| public function token() { | |
| $data = [ | |
| 'iat' => time(), | |
| 'jti' => base64_encode(random_bytes(32)), | |
| 'iss' => Config::server_name, | |
| 'nbf' => time(), | |
| 'exp' => time() + (7 * 24 * 60 * 60), | |
| 'data' => [ | |
| 'userid' => $this->id, | |
| 'username' => $this->username, | |
| 'access' => $this->access, | |
| ], | |
| ]; | |
| $key = base64_encode(Config::secret_key); | |
| return JWT::encode($data, $key, 'HS512'); | |
| } | |
| public function messages() { | |
| return SecureMessage::all_for($this->id); | |
| } | |
| } | |
| ?> |