Structure

.gitignore

@@ -0,0 +1,3 @@
+._*
+.DS_Store
+.sass-cache

Auth/Middleware/LoggedIn.php

@@ -0,0 +1,121 @@
+<?php
+
+namespace MaplePHP\Foundation\Auth\Middleware;
+
+use MaplePHP\Handler\Interfaces\MiddlewareInterface;
+use MaplePHP\Http\Interfaces\ResponseInterface;
+use MaplePHP\Http\Interfaces\RequestInterface;
+use MaplePHP\Http\Interfaces\UrlInterface;
+use MaplePHP\Container\Interfaces\ContainerInterface;
+use MaplePHP\Foundation\Security\Token;
+//use MaplePHP\Foundation\Http\Provider;
+use MaplePHP\Foundation\Auth\Users;
+
+class LoggedIn implements MiddlewareInterface
+{
+    public const USER_COLUMNS = "id,firstname,lastname,email";
+    public const LOGIN_PATH = "/profile";
+    public const LOGOUT_PATH = "/login";
+
+    private $url;
+    private $container;
+    private $users;
+
+    public function __construct(
+        ContainerInterface $container,
+        UrlInterface $url,
+        Users $users
+    ) {
+        $this->container = $container;
+        $this->url = $url;
+        $this->users = $users;
+    }
+
+    /**
+     * Before controllers
+     * @param  ResponseInterface $response
+     * @param  RequestInterface  $request
+     * @return void
+     */
+    public function before(ResponseInterface $response, RequestInterface $request)
+    {
+
+        $session = $this->container->get("session");
+        $cookies = $this->container->get("cookies");
+        $database = $this->container->get("DB");
+        $date = $this->container->get("date");
+
+        $token = new Token(Token::REMEMBER, $cookies->inst(), $database, $date);
+        if (!$session->loggedIn() && ($userID = $token->validate()) && is_int($userID)) {
+            // Refresh token every time session is destroyed
+            $token->generate($userID);
+            $session->setLogin($userID);
+        }
+    }
+
+    /**
+     * Show if logged out, if middleware method is specified in router
+     * @param  ResponseInterface $response
+     * @param  RequestInterface  $request
+     * @return ResponseInterface
+     */
+    public function publicZone(ResponseInterface $response, RequestInterface $request): ResponseInterface
+    {
+        if ($this->container->get("session")->loggedIn()) {
+            // Will kill script and then redirect
+            $response->location($this->url->getRoot(static::LOGIN_PATH));
+        }
+
+        return $response;
+    }
+
+    /**
+     * Show if logged in, if middleware method is specified in router
+     * @param  ResponseInterface $response
+     * @param  RequestInterface  $request
+     * @return ResponseInterface
+     */
+    public function privateZone(ResponseInterface $response, RequestInterface $request): ResponseInterface
+    {
+        if (!$this->container->get("session")->loggedIn()) {
+            // Will kill script and then redirect
+            $response->location($this->url->getRoot(static::LOGOUT_PATH));
+        }
+
+        if ($obj = $this->users->getUserById($this->container->get("session")->getByKey())) {
+            $this->container->set("user", $obj);
+        } else {
+            return $this->logout($response, $request);
+        }
+
+        return $response;
+    }
+
+    /**
+     * Logout (This method could be duplicated to controller)
+     * @param  ResponseInterface $response
+     * @param  RequestInterface  $request
+     * @return ResponseInterface
+     */
+
+    public function logout(ResponseInterface $response, RequestInterface $request): ResponseInterface
+    {
+        if ($this->container->get("session")->loggedIn()) {
+            unset($_SESSION);
+            session_destroy();
+        }
+        $response->location($this->url->getRoot(static::LOGOUT_PATH));
+        return $response;
+    }
+
+
+    /**
+     * After controllers
+     * @param  ResponseInterface $response
+     * @param  RequestInterface  $request
+     * @return void
+     */
+    public function after(ResponseInterface $response, RequestInterface $request): void
+    {
+    }
+}

Auth/Middleware/SessionStart.php

@@ -0,0 +1,52 @@
+<?php
+
+namespace MaplePHP\Foundation\Auth\Middleware;
+
+use MaplePHP\Handler\Interfaces\MiddlewareInterface;
+use MaplePHP\Http\Interfaces\ResponseInterface;
+use MaplePHP\Http\Interfaces\RequestInterface;
+use MaplePHP\Container\Interfaces\ContainerInterface;
+use MaplePHP\Foundation\Security\Session;
+
+class SessionStart implements MiddlewareInterface
+{
+    //private $url;
+    private $container;
+    //private $json;
+
+    public function __construct(RequestInterface $request, ContainerInterface $container)
+    {
+        $this->container = $container;
+        // Config and prepare session
+    }
+
+    /**
+     * Start prepared session Before controllers method view but after controllers construct
+     * @param  ResponseInterface $response
+     * @param  RequestInterface  $request
+     * @return void
+     */
+    public function before(ResponseInterface $response, RequestInterface $request)
+    {
+        $session = new Session(
+            "maple",
+            (int)getenv("SESSION_TIME"),
+            "/",
+            $request->getUri()->getHost(),
+            ((int)getenv("SESSION_SSL") === 1),
+            true
+        );
+        $this->container->set("session", $session);
+        $this->container->get("session")->start();
+    }
+
+    /**
+     * After controllers
+     * @param  ResponseInterface $response
+     * @param  RequestInterface  $request
+     * @return void
+     */
+    public function after(ResponseInterface $response, RequestInterface $request)
+    {
+    }
+}

Auth/Users.php

@@ -0,0 +1,198 @@
+<?php
+
+namespace MaplePHP\Foundation\Auth;
+
+use MaplePHP\Foundation\Security\Hash;
+use MaplePHP\Validate\Inp;
+use MaplePHP\Foundation\Migrate\Tables\Users as UserDBStructure;
+use MaplePHP\Foundation\Migrate\Tables\Login as LoginDBStructure;
+use MaplePHP\Foundation\Migrate\Tables\Organizations as OrgDBStructure;
+use MaplePHP\Foundation\Http\Provider;
+
+class Users
+{
+    private $database;
+
+    public function __construct(Provider $provider)
+    {
+        $this->database = $provider->DB();
+    }
+
+    /**
+     * Makes select/insert/update of email consistent
+     * @param  string $email
+     * @return string
+     */
+    public static function formatEmail(string $email): string
+    {
+        return strtolower(trim($email));
+    }
+
+    /**
+     * Get user by email
+     * @param  string $email
+     * @param  string $col
+     * @return bool|object
+     */
+    public function getUserByEmail(string $email, string $col = "id,firstname,lastname,email"): bool|object
+    {
+        $select = $this->selectUser($col);
+        $select->where("email", static::formatEmail($email));
+        return $select->get();
+    }
+
+    /**
+     * Get user by ID
+     * @param  int    $identifier
+     * @param  string $col
+     * @return bool|object
+     */
+    public function getUserById(int $identifier, string $col = "id,firstname,lastname,email,oid,org_name"): bool|object
+    {
+        $select = $this->selectUser($col);
+        $select->joinLeft(new OrgDBStructure());
+        $select->whereId($identifier);
+        return $select->get();
+    }
+
+    /**
+     * Validate user login
+     * @param  string $email
+     * @param  string $password
+     * @return bool|int (false or user id)
+     */
+    public function validateUserLogin(string $email, string $password): bool|int
+    {
+        $hash = new Hash($password);
+        $obj = $this->getUserByEmail($email, "id,email,hashed_password");
+        if (is_object($obj) && $hash->verify($obj->hashed_password)) {
+            return (int)$obj->id;
+        }
+        return false;
+    }
+
+    /**
+     * Get all users in org
+     * @param  int    $oid [description]
+     * @param  string $col [description]
+     * @return array
+     */
+    public function getAllUsersInOrg(int $oid, string $col = "id,firstname,lastname,email,oid,org_name"): array
+    {
+        $select = $this->selectUser($col);
+        $select->join(new OrgDBStructure());
+        $select->whereOrg_id($oid);
+        return $select->fetch();
+    }
+
+    /**
+     * Get org
+     * @param  int    $oid
+     * @param  string $col
+     * @return bool|object
+     */
+    public function getOrgById(int $oid, string $col = "org_id,org_name"): bool|object
+    {
+        $select = $this->database::select($col, new OrgDBStructure());
+        $select->whereOrg_id($oid);
+        return $select->get();
+    }
+
+    /**
+    * Get all orgs
+    * @param  string $col
+    * @return array
+    */
+    public function getAllOrgs(string $col = "org_id,org_name", ?callable $callback = null): array
+    {
+        $select = $this->database::select($col, new OrgDBStructure());
+        return $select->fetch($callback);
+    }
+
+
+    /**
+     * Change password (will auto hash!) (can be called like a static method (shortcut))
+     * @param  string $password Password (not hashed!)
+     * @return string
+     */
+    protected function hashPassword(string $password): string
+    {
+        $hash = new Hash($password);
+        return $hash->passwordHash();
+    }
+
+    /**
+     * Insert user (can be called like a static method (shortcut))
+     * @param  array  $set
+     * @return mixed
+     */
+    public function insertUser(array $userSet): mixed
+    {
+        $insert = $this->database::insert(new UserDBStructure())->set($userSet);
+        $insert->execute();
+        return $insert;
+    }
+
+    /**
+     * Insert login (can be called like a static method (shortcut))
+     * @param  int      $userID
+     * @param  string   $email
+     * @param  string   $password
+     * @param  int      $status
+     * @return mixed
+     */
+    public function insertLogin(int $userID, string $email, string $password, int $status = 1): mixed
+    {
+        $email = static::formatEmail($email);
+        if (!Inp::value($email)->email()) {
+            throw new \Exception("The email is not a valid email address.", 1);
+        }
+
+        $insert = $this->database::insert(new LoginDBStructure())
+        ->set([
+            "user_id" => $userID, "email" => $email,
+            "status" => $status, "hashed_password" => $this->hashPassword($password)
+        ]);
+
+        $insert->execute();
+        return $insert;
+    }
+
+    /**
+     * Insert user (can be called like a static method (shortcut))
+     * @param  array  $set
+     * @return mixed
+     */
+    public function insertOrg(array $set): mixed
+    {
+        $insert = $this->database::insert(new OrgDBStructure())->set($set);
+        $insert->execute();
+        return $insert;
+    }
+
+    /**
+     * Change password (will auto hash!)  can be called like a static method (shortcut))
+     * @param  string $password Password  Input a unhashed password, the method will hash it
+     * @return mixed
+     */
+    public function updatePassword(int $userID, string $password): mixed
+    {
+        $update = $this->database::update(new LoginDBStructure());
+        $update->set("hashed_password", $this->hashPassword($password));
+        $update->where("user_id", $userID);
+        $update->limit(1);
+        return $update->execute();
+    }
+
+    /**
+     * Select user with login join
+     * @param  string $col
+     * @return mixed
+     */
+    protected function selectUser(string $col): mixed
+    {
+        $select = $this->database::select($col, new UserDBStructure());
+        $select->join(new LoginDBStructure());
+        return $select;
+    }
+}