1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
|
<?php namespace HashOver;
// Copyright (C) 2015-2018 Jacob Barkdull
// This file is part of HashOver.
//
// HashOver is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as
// published by the Free Software Foundation, either version 3 of the
// License, or (at your option) any later version.
//
// HashOver is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with HashOver. If not, see <http://www.gnu.org/licenses/>.
class DefaultLogin
{
public $setup;
public $encryption;
public $cookies;
public $locale;
public $enabled = true;
public $name;
public $password;
public $loginHash;
public $email;
public $website;
public function __construct (Setup $setup, Cookies $cookies, Locale $locale)
{
$this->setup = $setup;
$this->encryption = $setup->encryption;
$this->cookies = $cookies;
$this->locale = $locale;
// Disable login if cookies are disabled
if ($setup->setsCookies === false) {
$this->enabled = false;
$setup->allowsLogin = false;
$setup->syncSettings ();
}
}
// Set login credentials
public function setCredentials ()
{
// Set login cookies
$this->cookies->set ('name', $this->name);
$this->cookies->set ('password', $this->password);
$this->cookies->set ('website', $this->website);
// Check if an email was given
if (!empty ($this->email)) {
// If so, generate encrypted string / decryption keys from e-mail
$email = $this->encryption->encrypt ($this->email);
// And set e-mail and encryption cookies
$this->cookies->set ('email', $email['encrypted']);
$this->cookies->set ('encryption', $email['keys']);
} else {
// If not, expire e-mail and encryption cookies
$this->cookies->expireCookie ('email');
$this->cookies->expireCookie ('encryption');
}
}
// Get login credentials
public function getCredentials ()
{
// Get user name via cookie
$this->name = $this->cookies->getValue ('name', true);
// Get user password via cookie
$this->password = $this->cookies->getValue ('password', true);
// Decrypt email cookie
$encrypted_email = $this->cookies->getValue ('email', true);
$encryption = $this->cookies->getValue ('encryption', true);
$email = $this->encryption->decrypt ($encrypted_email, $encryption);
// Validate e-mail address
if (filter_var ($email, FILTER_VALIDATE_EMAIL)) {
$this->email = trim ($email, " \r\n\t");
}
// Get user website via cookie
$this->website = $this->cookies->getValue ('website', true);
// Get login hash via cookie
$this->loginHash = $this->cookies->getValue ('login', true);
}
// Main login method
public function setLogin ()
{
// Set login cookie
$this->cookies->set ('login', $this->loginHash);
}
// Main logout method
public function clearLogin ()
{
// Expire login cookie
$this->cookies->expireCookie ('login');
}
}
|
