From a42f728ccfe52f120cca458f5a7658288f862e67 Mon Sep 17 00:00:00 2001 From: Mal <=> Date: Fri, 21 Aug 2020 23:16:24 +0200 Subject: [PATCH] Fixes and improvements for session handling --- ...outPutController.php => UserSessionDeleteController.php} | 6 +++--- ...LoginPutController.php => UserSessionPostController.php} | 5 +++-- backend/classes/core/Session.php | 4 ++-- backend/classes/database/User.php | 4 ++-- 4 files changed, 10 insertions(+), 9 deletions(-) rename backend/classes/controller/{UserLogoutPutController.php => UserSessionDeleteController.php} (72%) rename backend/classes/controller/{UserLoginPutController.php => UserSessionPostController.php} (84%) diff --git a/backend/classes/controller/UserLogoutPutController.php b/backend/classes/controller/UserSessionDeleteController.php similarity index 72% rename from backend/classes/controller/UserLogoutPutController.php rename to backend/classes/controller/UserSessionDeleteController.php index b7636c3..3299681 100644 --- a/backend/classes/controller/UserLogoutPutController.php +++ b/backend/classes/controller/UserSessionDeleteController.php @@ -2,9 +2,9 @@ declare(strict_types=1); -final class UserLogoutPutController extends AbstractController +final class UserSessionDeleteController extends AbstractController { - protected string $route = '/api/v1/user/logout'; + protected string $route = '/api/v1/user/session'; public function handle(): void { @@ -15,7 +15,7 @@ final class UserLogoutPutController extends AbstractController if (!$session->IsLoggedIn()) { $this->response = new ApiJsonResponse(ServerStatus::BAD_REQUEST); $this->response->setParameter('success', false); - $this->response->setMessage('You were not logged in!'); + $this->response->setMessage('No session to delete!'); return; } diff --git a/backend/classes/controller/UserLoginPutController.php b/backend/classes/controller/UserSessionPostController.php similarity index 84% rename from backend/classes/controller/UserLoginPutController.php rename to backend/classes/controller/UserSessionPostController.php index ae30bb5..87f1125 100644 --- a/backend/classes/controller/UserLoginPutController.php +++ b/backend/classes/controller/UserSessionPostController.php @@ -2,9 +2,9 @@ declare(strict_types=1); -final class UserLoginPutController extends AbstractController +final class UserSessionPostController extends AbstractController { - protected string $route = '/api/v1/user/login'; + protected string $route = '/api/v1/user/session'; protected array $mandatoryAttributes = [ 'username', 'password', @@ -39,5 +39,6 @@ final class UserLoginPutController extends AbstractController } $this->response = new ApiJsonResponse(); + $this->response->setParameter('userId', $session->getUserId()); } } \ No newline at end of file diff --git a/backend/classes/core/Session.php b/backend/classes/core/Session.php index a09c28a..ec9a5c8 100644 --- a/backend/classes/core/Session.php +++ b/backend/classes/core/Session.php @@ -42,7 +42,7 @@ final class Session } $this->SetBool(self::IS_LOGGED_IN, true); - $this->SetInt(self::USER_ID, $user->getPrimaryKey()); + $this->SetInt(self::USER_ID, $user->getUserId()); $this->SetString(self::USERNAME, $user->getUsername()); $this->SetString(self::EMAIL, $user->getEmail()); $this->SetString(self::JABBER_ADDRESS, $user->getJabberAddress()); @@ -90,7 +90,7 @@ final class Session return $this->HasValue($key) ? (bool)$_SESSION[$key] : null; } - public function GetAccountId(): ?int + public function getUserId(): ?int { return $this->GetInt(self::USER_ID); } diff --git a/backend/classes/database/User.php b/backend/classes/database/User.php index f3e4f61..4ff6e8e 100644 --- a/backend/classes/database/User.php +++ b/backend/classes/database/User.php @@ -73,11 +73,11 @@ final class User extends MySqlTable implements JsonSerializable $databaseGiven = false; } - if ($database->Count(self::class) === 0) { + if ($database->Count(self::class, [self::FIELD_USERNAME => $username]) === 0) { throw new UserException(sprintf('No user with name %s found!', $username)); } - $id = $database->Select(self::class, [self::FIELD_ID], [self::FIELD_USERNAME => $username]); + $id = $database->Select(self::class, [self::FIELD_ID], [self::FIELD_USERNAME => $username])[0][self::FIELD_ID]; $user = $databaseGiven ? new User((int)$id, $database) : new User((int)$id);