Business
/
NickelBox
2
0
Fork 0
Code Issues 7 Pull Requests 0 Releases 0 Wiki Activity
An easy point of sale system with automatic inventory tracking. https://netsyms.biz/apps/nickelbox/
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
181 Commits
1 Branch
2.8 MiB
Tree: d8613f0baa
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'd8613f0baa'
${ noResults }
NickelBox/lib/User.lib.php

User.lib.php 9.5 KiB
Raw Normal View History

Rewrite to use classes, aligning with AccountHub 2.0
1 year ago
 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352 
  1. <?php

  2. 

  3. /*

  4.  * This Source Code Form is subject to the terms of the Mozilla Public

  5.  * License, v. 2.0. If a copy of the MPL was not distributed with this

  6.  * file, You can obtain one at http://mozilla.org/MPL/2.0/.

  7.  */

  8. 

  9. class User {

  10. 

  11.     private $uid = null;

  12.     private $username;

  13.     private $email;

  14.     private $realname;

  15.     private $has2fa = false;

  16.     private $exists = false;

  17. 

  18.     public function __construct(int $uid, string $username = "") {

  19.         // Check if user exists

  20.         $client = new GuzzleHttp\Client();

  21. 

  22.         $response = $client

  23.                 ->request('POST', PORTAL_API, [

  24.             'form_params' => [

  25.                 'key' => PORTAL_KEY,

  26.                 'action' => "userexists",

  27.                 'uid' => $uid

  28.             ]

  29.         ]);

  30. 

  31.         if ($response->getStatusCode() > 299) {

  32.             sendError("Login server error: " . $response->getBody());

  33.         }

  34. 

  35.         $resp = json_decode($response->getBody(), TRUE);

  36.         if ($resp['status'] == "OK" && $resp['exists'] === true) {

  37.             $this->exists = true;

  38.         } else {

  39.             $this->uid = $uid;

  40.             $this->username = $username;

  41.             $this->exists = false;

  42.         }

  43. 

  44.         if ($this->exists) {

  45.             // Get user info

  46.             $client = new GuzzleHttp\Client();

  47. 

  48.             $response = $client

  49.                     ->request('POST', PORTAL_API, [

  50.                 'form_params' => [

  51.                     'key' => PORTAL_KEY,

  52.                     'action' => "userinfo",

  53.                     'uid' => $uid

  54.                 ]

  55.             ]);

  56. 

  57.             if ($response->getStatusCode() > 299) {

  58.                 sendError("Login server error: " . $response->getBody());

  59.             }

  60. 

  61.             $resp = json_decode($response->getBody(), TRUE);

  62.             if ($resp['status'] == "OK") {

  63.                 $this->uid = $resp['data']['uid'] * 1;

  64.                 $this->username = $resp['data']['username'];

  65.                 $this->email = $resp['data']['email'];

  66.                 $this->realname = $resp['data']['name'];

  67.             } else {

  68.                 sendError("Login server error: " . $resp['msg']);

  69.             }

  70.         }

  71.     }

  72. 

  73.     public static function byUsername(string $username): User {

  74.         $client = new GuzzleHttp\Client();

  75. 

  76.         $response = $client

  77.                 ->request('POST', PORTAL_API, [

  78.             'form_params' => [

  79.                 'key' => PORTAL_KEY,

  80.                 'username' => $username,

  81.                 'action' => "userinfo"

  82.             ]

  83.         ]);

  84. 

  85.         if ($response->getStatusCode() > 299) {

  86.             sendError("Login server error: " . $response->getBody());

  87.         }

  88. 

  89.         $resp = json_decode($response->getBody(), TRUE);

  90.         if (!isset($resp['status'])) {

  91.             sendError("Login server error: " . $resp);

  92.         }

  93.         if ($resp['status'] == "OK") {

  94.             return new self($resp['data']['uid'] * 1);

  95.         } else {

  96.             return new self(-1, $username);

  97.         }

  98.     }

  99. 

  100.     public function exists(): bool {

  101.         return $this->exists;

  102.     }

  103. 

  104.     public function has2fa(): bool {

  105.         if (!$this->exists) {

  106.             return false;

  107.         }

  108.         $client = new GuzzleHttp\Client();

  109. 

  110.         $response = $client

  111.                 ->request('POST', PORTAL_API, [

  112.             'form_params' => [

  113.                 'key' => PORTAL_KEY,

  114.                 'action' => "hastotp",

  115.                 'username' => $this->username

  116.             ]

  117.         ]);

  118. 

  119.         if ($response->getStatusCode() > 299) {

  120.             sendError("Login server error: " . $response->getBody());

  121.         }

  122. 

  123.         $resp = json_decode($response->getBody(), TRUE);

  124.         if ($resp['status'] == "OK") {

  125.             return $resp['otp'] == true;

  126.         } else {

  127.             return false;

  128.         }

  129.     }

  130. 

  131.     function getUsername() {

  132.         return $this->username;

  133.     }

  134. 

  135.     function getUID() {

  136.         return $this->uid;

  137.     }

  138. 

  139.     function getEmail() {

  140.         return $this->email;

  141.     }

  142. 

  143.     function getName() {

  144.         return $this->realname;

  145.     }

  146. 

  147.     /**

  148.      * Check the given plaintext password against the stored hash.

  149.      * @param string $password

  150.      * @return bool

  151.      */

  152.     function checkPassword(string $password): bool {

  153.         $client = new GuzzleHttp\Client();

  154. 

  155.         $response = $client

  156.                 ->request('POST', PORTAL_API, [

  157.             'form_params' => [

  158.                 'key' => PORTAL_KEY,

  159.                 'action' => "auth",

  160.                 'username' => $this->username,

  161.                 'password' => $password

  162.             ]

  163.         ]);

  164. 

  165.         if ($response->getStatusCode() > 299) {

  166.             sendError("Login server error: " . $response->getBody());

  167.         }

  168. 

  169.         $resp = json_decode($response->getBody(), TRUE);

  170.         if ($resp['status'] == "OK") {

  171.             return true;

  172.         } else {

  173.             return false;

  174.         }

  175.     }

  176. 

  177.     function check2fa(string $code): bool {

  178.         if (!$this->has2fa) {

  179.             return true;

  180.         }

  181.         $client = new GuzzleHttp\Client();

  182. 

  183.         $response = $client

  184.                 ->request('POST', PORTAL_API, [

  185.             'form_params' => [

  186.                 'key' => PORTAL_KEY,

  187.                 'action' => "verifytotp",

  188.                 'username' => $this->username,

  189.                 'code' => $code

  190.             ]

  191.         ]);

  192. 

  193.         if ($response->getStatusCode() > 299) {

  194.             sendError("Login server error: " . $response->getBody());

  195.         }

  196. 

  197.         $resp = json_decode($response->getBody(), TRUE);

  198.         if ($resp['status'] == "OK") {

  199.             return $resp['valid'];

  200.         } else {

  201.             return false;

  202.         }

  203.     }

  204. 

  205.     /**

  206.      * Check if the given username has the given permission (or admin access)

  207.      * @global $database $database

  208.      * @param string $code

  209.      * @return boolean TRUE if the user has the permission (or admin access), else FALSE

  210.      */

  211.     function hasPermission(string $code): bool {

  212.         $client = new GuzzleHttp\Client();

  213. 

  214.         $response = $client

  215.                 ->request('POST', PORTAL_API, [

  216.             'form_params' => [

  217.                 'key' => PORTAL_KEY,

  218.                 'action' => "permission",

  219.                 'username' => $this->username,

  220.                 'code' => $code

  221.             ]

  222.         ]);

  223. 

  224.         if ($response->getStatusCode() > 299) {

  225.             sendError("Login server error: " . $response->getBody());

  226.         }

  227. 

  228.         $resp = json_decode($response->getBody(), TRUE);

  229.         if ($resp['status'] == "OK") {

  230.             return $resp['has_permission'];

  231.         } else {

  232.             return false;

  233.         }

  234.     }

  235. 

  236.     /**

  237.      * Get the account status.

  238.      * @return \AccountStatus

  239.      */

  240.     function getStatus(): AccountStatus {

  241. 

  242.         $client = new GuzzleHttp\Client();

  243. 

  244.         $response = $client

  245.                 ->request('POST', PORTAL_API, [

  246.             'form_params' => [

  247.                 'key' => PORTAL_KEY,

  248.                 'action' => "acctstatus",

  249.                 'username' => $this->username

  250.             ]

  251.         ]);

  252. 

  253.         if ($response->getStatusCode() > 299) {

  254.             sendError("Login server error: " . $response->getBody());

  255.         }

  256. 

  257.         $resp = json_decode($response->getBody(), TRUE);

  258.         if ($resp['status'] == "OK") {

  259.             return AccountStatus::fromString($resp['account']);

  260.         } else {

  261.             return null;

  262.         }

  263.     }

  264. 

  265.     function sendAlertEmail(string $appname = SITE_TITLE) {

  266.         $client = new GuzzleHttp\Client();

  267. 

  268.         $response = $client

  269.                 ->request('POST', PORTAL_API, [

  270.             'form_params' => [

  271.                 'key' => PORTAL_KEY,

  272.                 'action' => "alertemail",

  273.                 'username' => $this->username,

  274.                 'appname' => SITE_TITLE

  275.             ]

  276.         ]);

  277. 

  278.         if ($response->getStatusCode() > 299) {

  279.             return "An unknown error occurred.";

  280.         }

  281. 

  282.         $resp = json_decode($response->getBody(), TRUE);

  283.         if ($resp['status'] == "OK") {

  284.             return true;

  285.         } else {

  286.             return $resp['msg'];

  287.         }

  288.     }

  289. 

  290. }

  291. 

  292. class AccountStatus {

  293. 

  294.     const NORMAL = 1;

  295.     const LOCKED_OR_DISABLED = 2;

  296.     const CHANGE_PASSWORD = 3;

  297.     const TERMINATED = 4;

  298.     const ALERT_ON_ACCESS = 5;

  299. 

  300.     private $status;

  301. 

  302.     public function __construct(int $status) {

  303.         $this->status = $status;

  304.     }

  305. 

  306.     public static function fromString(string $status): AccountStatus {

  307.         switch ($status) {

  308.             case "NORMAL":

  309.                 return new self(self::NORMAL);

  310.             case "LOCKED_OR_DISABLED":

  311.                 return new self(self::LOCKED_OR_DISABLED);

  312.             case "CHANGE_PASSWORD":

  313.                 return new self(self::CHANGE_PASSWORD);

  314.             case "TERMINATED":

  315.                 return new self(self::TERMINATED);

  316.             case "ALERT_ON_ACCESS":

  317.                 return new self(self::ALERT_ON_ACCESS);

  318.             default:

  319.                 return new self(0);

  320.         }

  321.     }

  322. 

  323.     /**

  324.      * Get the account status/state as an integer.

  325.      * @return int

  326.      */

  327.     public function get(): int {

  328.         return $this->status;

  329.     }

  330. 

  331.     /**

  332.      * Get the account status/state as a string representation.

  333.      * @return string

  334.      */

  335.     public function getString(): string {

  336.         switch ($this->status) {

  337.             case self::NORMAL:

  338.                 return "NORMAL";

  339.             case self::LOCKED_OR_DISABLED:

  340.                 return "LOCKED_OR_DISABLED";

  341.             case self::CHANGE_PASSWORD:

  342.                 return "CHANGE_PASSWORD";

  343.             case self::TERMINATED:

  344.                 return "TERMINATED";

  345.             case self::ALERT_ON_ACCESS:

  346.                 return "ALERT_ON_ACCESS";

  347.             default:

  348.                 return "OTHER_" . $this->status;

  349.         }

  350.     }

  351. 

  352. }