The clean & modern RSS server that doesn't give you any crap. https://thearsse.com/
Nevar pievienot vairāk kā 25 tēmas Tēmai ir jāsākas ar burtu vai ciparu, tā var saturēt domu zīmes ('-') un var būt līdz 35 simboliem gara.

User.php 4.1KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116
  1. <?php
  2. /** @license MIT
  3. * Copyright 2017 J. King, Dustin Wilson et al.
  4. * See LICENSE and AUTHORS files for details */
  5. declare(strict_types=1);
  6. namespace JKingWeb\Arsse;
  7. use PasswordGenerator\Generator as PassGen;
  8. class User {
  9. public $id = null;
  10. /**
  11. * @var User\Driver
  12. */
  13. protected $u;
  14. public static function driverList(): array {
  15. $sep = \DIRECTORY_SEPARATOR;
  16. $path = __DIR__.$sep."User".$sep;
  17. $classes = [];
  18. foreach (glob($path."*".$sep."Driver.php") as $file) {
  19. $name = basename(dirname($file));
  20. $class = NS_BASE."User\\$name\\Driver";
  21. $classes[$class] = $class::driverName();
  22. }
  23. return $classes;
  24. }
  25. public function __construct(\JKingWeb\Arsse\User\Driver $driver = null) {
  26. $this->u = $driver ?? new Arsse::$conf->userDriver;
  27. }
  28. public function __toString() {
  29. return (string) $this->id;
  30. }
  31. public function authorize(string $affectedUser, string $action): bool {
  32. // at one time there was a complicated authorization system; it exists vestigially to support a later revival if desired
  33. return $this->u->authorize($affectedUser, $action);
  34. }
  35. public function auth(string $user, string $password): bool {
  36. $prevUser = $this->id;
  37. $this->id = $user;
  38. if (Arsse::$conf->userPreAuth) {
  39. $out = true;
  40. } else {
  41. $out = $this->u->auth($user, $password);
  42. }
  43. // if authentication was successful and we don't have the user in the internal database, add it
  44. // users must be in the internal database to preserve referential integrity
  45. if ($out && !Arsse::$db->userExists($user)) {
  46. Arsse::$db->userAdd($user, $password);
  47. }
  48. $this->id = $prevUser;
  49. return $out;
  50. }
  51. public function list(): array {
  52. $func = "userList";
  53. if (!$this->authorize("", $func)) {
  54. throw new User\ExceptionAuthz("notAuthorized", ["action" => $func, "user" => ""]);
  55. }
  56. return $this->u->userList();
  57. }
  58. public function exists(string $user): bool {
  59. $func = "userExists";
  60. if (!$this->authorize($user, $func)) {
  61. throw new User\ExceptionAuthz("notAuthorized", ["action" => $func, "user" => $user]);
  62. }
  63. return $this->u->userExists($user);
  64. }
  65. public function add($user, $password = null): string {
  66. $func = "userAdd";
  67. if (!$this->authorize($user, $func)) {
  68. throw new User\ExceptionAuthz("notAuthorized", ["action" => $func, "user" => $user]);
  69. }
  70. return $this->u->userAdd($user, $password) ?? $this->u->userAdd($user, $this->generatePassword());
  71. }
  72. public function remove(string $user): bool {
  73. $func = "userRemove";
  74. if (!$this->authorize($user, $func)) {
  75. throw new User\ExceptionAuthz("notAuthorized", ["action" => $func, "user" => $user]);
  76. }
  77. try {
  78. return $this->u->userRemove($user);
  79. } finally { // @codeCoverageIgnore
  80. if (Arsse::$db->userExists($user)) {
  81. // if the user was removed and we (still) have it in the internal database, remove it there
  82. Arsse::$db->userRemove($user);
  83. }
  84. }
  85. }
  86. public function passwordSet(string $user, string $newPassword = null, $oldPassword = null): string {
  87. $func = "userPasswordSet";
  88. if (!$this->authorize($user, $func)) {
  89. throw new User\ExceptionAuthz("notAuthorized", ["action" => $func, "user" => $user]);
  90. }
  91. $out = $this->u->userPasswordSet($user, $newPassword, $oldPassword) ?? $this->u->userPasswordSet($user, $this->generatePassword(), $oldPassword);
  92. if (Arsse::$db->userExists($user)) {
  93. // if the password change was successful and the user exists, set the internal password to the same value
  94. Arsse::$db->userPasswordSet($user, $out);
  95. }
  96. return $out;
  97. }
  98. protected function generatePassword(): string {
  99. return (new PassGen)->length(Arsse::$conf->userTempPasswordLength)->get();
  100. }
  101. }