From 48fe22c536436912ceb5150c9258e1c477d216cd Mon Sep 17 00:00:00 2001 From: AntonyAntonio Date: Thu, 14 Jul 2016 03:34:13 -0300 Subject: [PATCH] (Guillermo) Add-email-sender-class --- server/controllers/user/login.php | 33 +++++++++++++++++-------------- server/libs/Hashing.php | 3 +++ server/models/Session.php | 2 +- server/models/SessionCookie.php | 4 +--- 4 files changed, 23 insertions(+), 19 deletions(-) diff --git a/server/controllers/user/login.php b/server/controllers/user/login.php index 90bf90a1..30ae03f6 100644 --- a/server/controllers/user/login.php +++ b/server/controllers/user/login.php @@ -5,7 +5,7 @@ class LoginController extends Controller { private $userInstance; private $session; - private $remembertoken; + private $rememberToken; public function validations() { return [ @@ -38,6 +38,15 @@ class LoginController extends Controller { return ($this->getUserByInputCredentials() !== null); } + private function isTokenValid() { + $sessionCookie = SessionCookie::getDataStore(Controller::request('rememberToken'),'token'); + $userid = Controller::request('userId'); + if ($sessionCookie !== null && $userid === $sessionCookie->user->id) { + $this->userInstance = $sessionCookie->user; + return true; + } + } + private function createUserSession() { $this->getSession()->createSession($this->userInstance->id); } @@ -49,7 +58,7 @@ class LoginController extends Controller { 'userId' => $userInstance->id, 'userEmail' => $userInstance->email, 'token' => $this->getSession()->getToken(), - 'rememberToken' => $this->remembertoken + 'rememberToken' => $this->rememberToken ); } @@ -71,25 +80,19 @@ class LoginController extends Controller { return $this->session; } - private function isTokenValid(){ - $sessioncookie = SessionCookie::getDataStore(Controller::request('rememberToken'),'token'); - if($sessioncookie !== null){ - $this->userInstance = $sessioncookie->user; - return true; - } - } private function createSessionCookie(){ $remember = Controller::request('remember'); if($remember){ - $this->remembertoken = md5(uniqid(rand())); + $this->rememberToken = Hashing::generateRandomToken(); + $sessionCookie = new SessionCookie(); - $sessioncookie = new SessionCookie(); - - $sessioncookie->setProperties(array( + $sessionCookie->setProperties(array( 'user' => $this->userInstance->getBeanInstance(), - 'token' => $this->remembertoken + 'token' => $this->rememberToken, + 'ip' => $_SERVER[‘REMOTE_ADDR’], + 'creationDate' => date("d-m-Y (H:i:s)" )); - $sessioncookie->store(); + $sessionCookie->store(); } } } diff --git a/server/libs/Hashing.php b/server/libs/Hashing.php index 01ef7ff4..7b296357 100644 --- a/server/libs/Hashing.php +++ b/server/libs/Hashing.php @@ -7,4 +7,7 @@ class Hashing { public static function verifyPassword($password, $hash) { return password_verify($password, $hash); } + public static function generateRandomToken() { + return md5(uniqid(rand())); + } } \ No newline at end of file diff --git a/server/models/Session.php b/server/models/Session.php index 3c9d4f5e..3d543607 100644 --- a/server/models/Session.php +++ b/server/models/Session.php @@ -65,6 +65,6 @@ class Session { } private function generateToken() { - return md5(uniqid(rand())); + return Hashing::generateRandomToken();; } } \ No newline at end of file diff --git a/server/models/SessionCookie.php b/server/models/SessionCookie.php index 5817f659..496027bf 100644 --- a/server/models/SessionCookie.php +++ b/server/models/SessionCookie.php @@ -1,6 +1,6 @@