. */ if (!defined('ROOT_DIR')) { define('ROOT_DIR', dirname(__DIR__)); } require_once(ROOT_DIR . "/helpers/user.php"); require_once(ROOT_DIR . "/helpers/utils.php"); if (!defined('BASE_URL')) { define('BASE_URL', uUtils::getBaseUrl()); } /** * Authentication */ class uAuth { /** @var bool Is user authenticated */ private $isAuthenticated = false; /** @var null|uUser */ public $user = null; public function __construct() { $this->sessionStart(); $user = (new uUser())->getFromSession(); if ($user->isValid) { $this->setAuthenticated($user); } } /** * Is user authenticated * * @return boolean True if authenticated, false otherwise */ public function isAuthenticated() { return $this->isAuthenticated; } /** * Is authenticated user admin * * @return boolean True if admin, false otherwise */ public function isAdmin() { return ($this->isAuthenticated && $this->user->isAdmin); } /** * Start php session * * @return void */ private function sessionStart() { session_name("ulogger"); session_start(); } /** * Terminate php session * * @return void */ private function sessionEnd() { $_SESSION = []; if (ini_get("session.use_cookies") && isset($_COOKIE[session_name()])) { $params = session_get_cookie_params(); setcookie(session_name(), '', time() - 42000, $params["path"], $params["domain"], $params["secure"], $params["httponly"] ); } session_destroy(); } /** * Clean session variables * * @return void */ private function sessionCleanup() { $_SESSION = []; } /** * Mark as authenticated, set user * * @param uUser $user * @return void */ private function setAuthenticated($user) { $this->isAuthenticated = true; $this->user = $user; } /** * Check valid pass for given login * * @param $login * @param $pass * @return boolean True if valid */ public function checkLogin($login, $pass) { if (!is_null($login) && !is_null($pass)) { if (!empty($login) && !empty($pass)) { $user = new uUser($login); if ($user->isValid && $user->validPassword($pass)) { $this->setAuthenticated($user); $this->sessionCleanup(); $user->storeInSession(); return true; } } } return false; } /** * Log out with redirect * * @param string $path URL path (without leading slash) * @return void */ public function logOutWithRedirect($path = "") { $this->sessionEnd(); $this->exitWithRedirect($path); } /** * Send 401 headers * * @return void */ public function sendUnauthorizedHeader() { header('WWW-Authenticate: OAuth realm="users@ulogger"'); header('HTTP/1.1 401 Unauthorized', true, 401); } /** * Send 401 headers and exit * * @return void */ public function exitWithUnauthorized() { $this->sendUnauthorizedHeader(); exit(); } /** * Redirect browser and exit * * @param string $path Redirect URL path (without leading slash) * @return void */ public function exitWithRedirect($path = "") { $location = BASE_URL . $path; header("Location: $location"); exit(); } }