Database stuff
This commit is contained in:
@@ -12,10 +12,21 @@ class Session extends ApiObject {
|
||||
private $ipAddress;
|
||||
private $os;
|
||||
private $browser;
|
||||
private $stayLoggedIn;
|
||||
|
||||
public function __construct($user, $sessionId = NULL) {
|
||||
public function __construct($user, $sessionId) {
|
||||
$this->user = $user;
|
||||
$this->sessionId = $sessionId;
|
||||
$this->stayLoggedIn = true;
|
||||
}
|
||||
|
||||
public static function create($user, $stayLoggedIn) {
|
||||
$session = new Session($user, null);
|
||||
if($session->insert($stayLoggedIn)) {
|
||||
return $session;
|
||||
}
|
||||
|
||||
return null;
|
||||
}
|
||||
|
||||
private function updateMetaData() {
|
||||
@@ -31,6 +42,16 @@ class Session extends ApiObject {
|
||||
}
|
||||
}
|
||||
|
||||
public function setData($data) {
|
||||
foreach($data as $key => $value) {
|
||||
$_SESSION[$key] = $value;
|
||||
}
|
||||
}
|
||||
|
||||
public function stayLoggedIn($val) {
|
||||
$this->stayLoggedIn = $val;
|
||||
}
|
||||
|
||||
public function sendCookie() {
|
||||
$this->updateMetaData();
|
||||
$jwt = $this->user->getConfiguration()->getJwt();
|
||||
@@ -38,22 +59,22 @@ class Session extends ApiObject {
|
||||
$token = array('userId' => $this->user->getId(), 'sessionId' => $this->sessionId);
|
||||
$sessionCookie = \External\JWT::encode($token, $jwt->getKey());
|
||||
$secure = strcmp(getProtocol(), "https") === 0;
|
||||
setcookie('session', $sessionCookie, $this->expires, "/", "", $secure);
|
||||
setcookie('session', $sessionCookie, $this->getExpiresTime(), "/", "", $secure);
|
||||
}
|
||||
}
|
||||
|
||||
public function getExpiresTime() {
|
||||
return $this->expires;
|
||||
return ($this->stayLoggedIn == 0 ? 0 : $this->expires);
|
||||
}
|
||||
|
||||
public function getExpiresSeconds() {
|
||||
return ($this->expires - time());
|
||||
return ($this->stayLoggedIn == 0 ? -1 : $this->expires - time());
|
||||
}
|
||||
|
||||
public function jsonSerialize() {
|
||||
return array(
|
||||
'uid' => $this->sessionId,
|
||||
'uidUser' => $this->user->getId(),
|
||||
'user_id' => $this->user->getId(),
|
||||
'expires' => $this->expires,
|
||||
'ipAddress' => $this->ipAddress,
|
||||
'os' => $this->os,
|
||||
@@ -61,10 +82,10 @@ class Session extends ApiObject {
|
||||
);
|
||||
}
|
||||
|
||||
public function insert() {
|
||||
public function insert($stayLoggedIn) {
|
||||
$this->updateMetaData();
|
||||
$query = 'INSERT INTO Session (expires, uidUser, ipAddress, os, browser)
|
||||
VALUES (DATE_ADD(NOW(), INTERVAL ? MINUTE),?,?,?,?)';
|
||||
$query = "INSERT INTO Session (expires, user_id, ipAddress, os, browser, data, stay_logged_in)
|
||||
VALUES (DATE_ADD(NOW(), INTERVAL ? MINUTE),?,?,?,?,?,?)";
|
||||
$request = new \Api\ExecuteStatement($this->user);
|
||||
|
||||
$success = $request->execute(array(
|
||||
@@ -74,6 +95,8 @@ class Session extends ApiObject {
|
||||
$this->ipAddress,
|
||||
$this->os,
|
||||
$this->browser,
|
||||
json_encode($_SESSION),
|
||||
$stayLoggedIn
|
||||
));
|
||||
|
||||
if($success) {
|
||||
@@ -85,7 +108,7 @@ class Session extends ApiObject {
|
||||
}
|
||||
|
||||
public function destroy() {
|
||||
$query = 'DELETE FROM Session WHERE Session.uid=? OR Session.expires<=NOW()';
|
||||
$query = 'DELETE FROM Session WHERE Session.uid=? OR (Session.stay_logged_in = 0 AND Session.expires<=NOW())';
|
||||
$request = new \Api\ExecuteStatement($this->user);
|
||||
$success = $request->execute(array('query' => $query, $this->sessionId));
|
||||
return $success;
|
||||
@@ -93,10 +116,12 @@ class Session extends ApiObject {
|
||||
|
||||
public function update() {
|
||||
$this->updateMetaData();
|
||||
|
||||
$query = 'UPDATE Session
|
||||
SET Session.expires=DATE_ADD(NOW(), INTERVAL ? MINUTE), Session.ipAddress=?,
|
||||
Session.os=?, Session.browser=?
|
||||
WHERE Session.uid=?';
|
||||
SET Session.expires=DATE_ADD(NOW(), INTERVAL ? MINUTE),
|
||||
Session.ipAddress=?, Session.os=?, Session.browser=?, Session.data=?
|
||||
WHERE Session.uid=?';
|
||||
|
||||
$request = new \Api\ExecuteStatement($this->user);
|
||||
$success = $request->execute(array(
|
||||
'query' => $query,
|
||||
@@ -104,9 +129,9 @@ class Session extends ApiObject {
|
||||
$this->ipAddress,
|
||||
$this->os,
|
||||
$this->browser,
|
||||
json_encode($_SESSION),
|
||||
$this->sessionId,
|
||||
));
|
||||
|
||||
return $success;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -13,6 +13,7 @@ class User extends ApiObject {
|
||||
private $language;
|
||||
|
||||
public function __construct($configuration) {
|
||||
session_start();
|
||||
$this->configuration = $configuration;
|
||||
$this->setLangauge(Language::DEFAULT_LANGUAGE());
|
||||
$this->reset();
|
||||
@@ -95,14 +96,20 @@ class User extends ApiObject {
|
||||
}
|
||||
|
||||
public function readData($userId, $sessionId, $sessionUpdate = true) {
|
||||
$query = 'SELECT User.name as userName, Language.uid as langId, Language.code as langCode, Language.name as langName
|
||||
$query = 'SELECT User.name as userName, Language.uid as langId, Language.code as langCode,
|
||||
Language.name as langName, Session.data as sessionData, Session.stay_logged_in as stayLoggedIn
|
||||
FROM User
|
||||
INNER JOIN Session ON User.uid=Session.uidUser
|
||||
LEFT JOIN Language ON User.uidLanguage=Language.uid
|
||||
WHERE User.uid=? AND Session.uid=? AND Session.expires>now()';
|
||||
INNER JOIN Session ON User.uid=Session.user_id
|
||||
LEFT JOIN Language ON User.language_id=Language.uid
|
||||
WHERE User.uid=? AND Session.uid=?
|
||||
AND (Session.stay_logged_in OR Session.expires>now())';
|
||||
$request = new \Api\ExecuteSelect($this);
|
||||
$success = $request->execute(array('query' => $query, $userId, $sessionId));
|
||||
|
||||
// var_dump($userId);
|
||||
// var_dump($sessionId);
|
||||
// var_dump($request->getResult());
|
||||
|
||||
if($success) {
|
||||
if(count($request->getResult()['rows']) === 0) {
|
||||
$success = false;
|
||||
@@ -111,6 +118,8 @@ class User extends ApiObject {
|
||||
$this->username = $row['userName'];
|
||||
$this->uid = $userId;
|
||||
$this->session = new Session($this, $sessionId);
|
||||
$this->session->setData(json_decode($row["sessionData"]));
|
||||
$this->session->stayLoggedIn($row["stayLoggedIn"]);
|
||||
if($sessionUpdate) $this->session->update();
|
||||
$this->loggedIn = true;
|
||||
|
||||
@@ -145,26 +154,30 @@ class User extends ApiObject {
|
||||
|
||||
if(isset($_GET['lang']) && is_string($_GET["lang"]) && !empty($_GET["lang"])) {
|
||||
$this->updateLanguage($_GET['lang']);
|
||||
}/* else if(isset($_COOKIE['lang']) && is_string($_COOKIE["lang"]) && !empty($_COOKIE["lang"])) {
|
||||
} else if(isset($_COOKIE['lang']) && is_string($_COOKIE["lang"]) && !empty($_COOKIE["lang"])) {
|
||||
$this->updateLanguage($_COOKIE['lang']);
|
||||
}*/
|
||||
}
|
||||
}
|
||||
|
||||
public function createSession($userId) {
|
||||
public function createSession($userId, $stayLoggedIn) {
|
||||
$this->uid = $userId;
|
||||
$this->session = new Session($this);
|
||||
$this->loggedIn = $this->session->insert();
|
||||
return $this->loggedIn;
|
||||
$this->session = Session::create($this, $stayLoggedIn);
|
||||
if($this->session) {
|
||||
$this->loggedIn = true;
|
||||
return true;
|
||||
}
|
||||
|
||||
return false;
|
||||
}
|
||||
|
||||
public function authorize($apiKey) {
|
||||
if($this->loggedIn)
|
||||
return true;
|
||||
|
||||
$query = 'SELECT ApiKey.uidUser as uid, User.name as username, Language.uid as langId, Language.code as langCode
|
||||
$query = 'SELECT ApiKey.user_id as uid, User.name as username, Language.uid as langId, Language.code as langCode
|
||||
FROM ApiKey, User
|
||||
LEFT JOIN Language ON User.uidLanguage=Language.uid
|
||||
WHERE api_key=? AND valid_until > now() AND User.uid = ApiKey.uidUser';
|
||||
LEFT JOIN Language ON User.language_id=Language.uid
|
||||
WHERE api_key=? AND valid_until > now() AND User.uid = ApiKey.user_id';
|
||||
|
||||
$request = new \Api\ExecuteSelect($this);
|
||||
$success = $request->execute(array('query' => $query, $apiKey));
|
||||
|
||||
Reference in New Issue
Block a user