2015-03-27 02:00:01 +01:00
|
|
|
<?php defined('BLUDIT') or die('Bludit CMS.');
|
2015-03-08 18:02:59 +01:00
|
|
|
|
|
|
|
class Login {
|
|
|
|
|
2015-03-27 02:00:01 +01:00
|
|
|
private $dbUsers;
|
2015-03-08 18:02:59 +01:00
|
|
|
|
2015-03-27 02:00:01 +01:00
|
|
|
function __construct($dbUsers)
|
2015-03-08 18:02:59 +01:00
|
|
|
{
|
2015-03-27 02:00:01 +01:00
|
|
|
$this->dbUsers = $dbUsers;
|
2015-03-08 18:02:59 +01:00
|
|
|
}
|
|
|
|
|
2015-05-05 03:00:01 +02:00
|
|
|
public function username()
|
|
|
|
{
|
|
|
|
return Session::get('username');
|
|
|
|
}
|
|
|
|
|
|
|
|
public function role()
|
|
|
|
{
|
|
|
|
return Session::get('role');
|
|
|
|
}
|
|
|
|
|
|
|
|
public function setLogin($username, $role)
|
2015-03-08 18:02:59 +01:00
|
|
|
{
|
2015-03-27 02:00:01 +01:00
|
|
|
Session::set('username', $username);
|
2015-05-05 03:00:01 +02:00
|
|
|
Session::set('role', $role);
|
2015-03-27 02:00:01 +01:00
|
|
|
Session::set('fingerPrint', $this->fingerPrint());
|
|
|
|
Session::set('sessionTime', time());
|
2015-03-08 18:02:59 +01:00
|
|
|
}
|
|
|
|
|
2015-03-27 02:00:01 +01:00
|
|
|
public function isLogged()
|
2015-03-08 18:02:59 +01:00
|
|
|
{
|
2015-03-27 02:00:01 +01:00
|
|
|
if(Session::get('fingerPrint')===$this->fingerPrint())
|
2015-03-08 18:02:59 +01:00
|
|
|
{
|
2015-05-05 03:00:01 +02:00
|
|
|
$username = Session::get('username');
|
2015-05-06 03:00:02 +02:00
|
|
|
|
2015-05-07 03:00:01 +02:00
|
|
|
if(!empty($username)) {
|
2015-03-27 02:00:01 +01:00
|
|
|
return true;
|
2015-03-08 18:02:59 +01:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
2015-03-27 02:00:01 +01:00
|
|
|
public function verifyUser($username, $password)
|
2015-03-08 18:02:59 +01:00
|
|
|
{
|
2015-05-05 03:00:01 +02:00
|
|
|
$username = trim($username);
|
|
|
|
$password = trim($password);
|
|
|
|
|
2015-05-06 03:00:02 +02:00
|
|
|
if(empty($username) || empty($password)) {
|
2015-03-08 18:02:59 +01:00
|
|
|
return false;
|
2015-05-06 03:00:02 +02:00
|
|
|
}
|
2015-03-08 18:02:59 +01:00
|
|
|
|
2015-03-27 02:00:01 +01:00
|
|
|
$user = $this->dbUsers->get($username);
|
2015-05-06 03:00:02 +02:00
|
|
|
if($user==false) {
|
2015-03-08 18:02:59 +01:00
|
|
|
return false;
|
2015-05-06 03:00:02 +02:00
|
|
|
}
|
2015-03-08 18:02:59 +01:00
|
|
|
|
2015-03-27 02:00:01 +01:00
|
|
|
$passwordHash = sha1($password.$user['salt']);
|
2015-05-05 03:00:01 +02:00
|
|
|
|
2015-03-27 02:00:01 +01:00
|
|
|
if($passwordHash === $user['password'])
|
2015-03-08 18:02:59 +01:00
|
|
|
{
|
2015-05-05 03:00:01 +02:00
|
|
|
$this->setLogin($username, $user['role']);
|
2015-03-08 18:02:59 +01:00
|
|
|
|
2015-03-27 02:00:01 +01:00
|
|
|
return true;
|
2015-03-08 18:02:59 +01:00
|
|
|
}
|
|
|
|
|
2015-03-27 02:00:01 +01:00
|
|
|
return false;
|
2015-03-08 18:02:59 +01:00
|
|
|
}
|
|
|
|
|
2015-05-05 03:00:01 +02:00
|
|
|
public function fingerPrint($random=false)
|
2015-03-08 18:02:59 +01:00
|
|
|
{
|
|
|
|
// User agent
|
|
|
|
$agent = getenv('HTTP_USER_AGENT');
|
2015-05-06 03:00:02 +02:00
|
|
|
if(empty($agent)) {
|
2015-03-27 02:00:01 +01:00
|
|
|
$agent = 'Bludit/1.0 (Mr Nibbler Protocol)';
|
2015-05-06 03:00:02 +02:00
|
|
|
}
|
2015-03-08 18:02:59 +01:00
|
|
|
|
|
|
|
// User IP
|
|
|
|
if(getenv('HTTP_X_FORWARDED_FOR'))
|
|
|
|
$ip = getenv('HTTP_X_FORWARDED_FOR');
|
|
|
|
elseif(getenv('HTTP_CLIENT_IP'))
|
|
|
|
$ip = getenv('HTTP_CLIENT_IP');
|
|
|
|
else
|
|
|
|
$ip = getenv('REMOTE_ADDR');
|
|
|
|
|
2015-05-06 03:00:02 +02:00
|
|
|
if($random) {
|
2015-03-27 02:00:01 +01:00
|
|
|
return sha1(mt_rand().$agent.$ip);
|
2015-05-06 03:00:02 +02:00
|
|
|
}
|
2015-03-27 02:00:01 +01:00
|
|
|
|
2015-05-05 03:00:01 +02:00
|
|
|
// DEBUG: Ver CLIENT IP, hay veces que retorna la ip ::1 y otras 127.0.0.1
|
|
|
|
return sha1($agent);
|
2015-03-08 18:02:59 +01:00
|
|
|
}
|
|
|
|
|
2015-05-15 00:07:45 +02:00
|
|
|
public function logout()
|
|
|
|
{
|
|
|
|
return Session::destroy();
|
|
|
|
}
|
|
|
|
|
2015-03-27 02:00:01 +01:00
|
|
|
}
|