Ferreteria/v2/usage/login: Difference between revisions

From Woozle Writes Code
< Ferreteria‎ | v2‎ | usage
Jump to navigation Jump to search
(PassMatches)
No edit summary
Line 2: Line 2:
This uses essentially the same tables as [[VbzCart/tables#Users]] -- documentation to be moved here eventually.
This uses essentially the same tables as [[VbzCart/tables#Users]] -- documentation to be moved here eventually.
==Code==
==Code==
clsPageLogin (see {{l/same|pages}}):
===log in with existing user/password===
'''clsPageLogin''' (see {{l/same|pages}}):
<php>
<php>
     protected function DoLoginCheck() {
     protected function DoLoginCheck() {
Line 8: Line 9:
     }
     }
</php>
</php>
clsUserSession:
'''clsUserSession''':
<php>
<php>
     /*----
     /*----
Line 20: Line 21:
     }
     }
</php>
</php>
clsUserAccts:
'''clsUserAccts''':
<php>
<php>
     /*----
     /*----
Line 30: Line 31:
    // username not found
    // username not found
    $oUser = NULL;
    $oUser = NULL;
} elseif ($rc->AuthValid($iPass)) {
} elseif ($rc->PassMatches($iPass)) {
    $oUser = $rc;
    $oUser = $rc;
} else {
} else {
Line 39: Line 40:
     }
     }
</php>
</php>
clsUserAcct:
'''clsUserAcct''':
<php>
<php>
     public function PassMatches($iPass) {
     public function PassMatches($iPass) {
Line 45: Line 46:
$sSalt = $this->Value('PassSalt');
$sSalt = $this->Value('PassSalt');


// hash salt+pass
// hash [stored salt]+[given pass]
$sHashed = $this->Table()->HashPass($sSalt,$iPass);
$sThisHashed = $this->Table()->HashPass($sSalt,$iPass);
// see if it matches
// get stored hash
return ($sHashed == $this->Value('PassHash'));
$sSavedHash = $this->Value('PassHash');
// see if they match
$ok = ($sThisHashed == $sSavedHash);
return $ok;
    }
</php>
===detect whether user is logged in===
'''clsPageLogin''':
<php>
    protected function IsLoggedIn() {
return $this->App()->Session()->HasUser();
    }
</php>
'''clsUserSession''':
<php>
    public function HasUser() {
return !is_null($this->UserID());
    }
</php>
===reset password for existing user===
'''clsPageLogin''' -- '''RenderUserAccess()''' calls '''UserAccess_ResetRequest()'''; application must call '''RenderUserAccess()''' after calling '''ParseInput_Login()''':
<php>
    protected function RenderUserAccess() {
$oSkin = $this->Skin();
$ht = $this->SectionHeader($this->TitleString());
$oEmAuth = $this->Data()->EmailAuth();
$this->doShowLogin = TRUE; // By default, we'll still show the login form if not logged in
$isEmailAuth = FALSE; // Assume this page is not an email authorization link...
 
$ht = NULL;
$ok = FALSE; // set false initially so we do one iteration
while (!$ok) {
    $ok = TRUE; // assume success
 
    // check auth link and display form if it checks out
    if ($this->IsAuthLink()) {
 
// this is an AUTH link, so ignore any other stuff
 
$ar = $this->CheckAuth(); // check token
$ht = $this->UserAccess_ProcessAuth($ar);
 
if ($this->IsCreateRequest()) {
    $ht .= $this->UserAccess_CreateRequest($ar);
} elseif ($this->IsResetRequest()) { // password change request submitted
    $ht .= $this->UserAccess_ResetRequest();
}
 
    } elseif($this->doEmail) {
 
// REQUEST AUTH LINK form has been submitted
 
$ht .= $this->SendPassReset_forAddr(
  $this->EmailAddress(),
  $this->LoginName()
  );
    // END do email
    } elseif($this->isLogin) {
if ($this->IsLoggedIn()) {
    die('LOGGED IN');
} else {
    die('LOGIN FAILED');
}
   
// LOGIN FAILED: login was tried, but we're still here (not logged in), so it must have failed:
 
$ht .= $oSkin->ErrorMessage('Sorry, the given username/password combination was not valid.');
$ht .= $oSkin->HLine();
    // END is login
    } else {
// TODO : log as possible illicit hacking attempt
    }
 
    if ($this->doShowLogin) {
$ht .= "\n<b>If you already have a user account on this site</b>, you can log in now:<br>"
  .$this->RenderLogin($this->LoginName())
  .$oSkin->HLine();
    }
    if ($this->IsAuthLink()) {
$htMsgPre = 'You can request another authorization email here';
$htMsgPost = NULL;
    } else {
$htMsgPre = '<b>If you have forgotten your password or have not set up an account</b>';
$htMsgPost = '<br>This will email you a link to set or reset your password.';
    }
 
    $ht .= "\n$htMsgPre:<br>"
  .$oSkin->RenderForm_Email_RequestReset($this->EmailAddress())
  ."\n$htMsgPost";
}
return $ht;
    }
 
    /*----
      PURPOSE: process User Access forms when a password-reset request has been received
    */
    protected function UserAccess_ResetRequest() {
$ht = NULL;
// check token, but don't display messages
$this->CheckAuth();
if ($this->Success()) {
    // auth token checks out
    // check for duplicate username
    $tblUsers = $this->App()->Users();
    $sUser = $this->LoginName();
    $ht .= $this->ChangePassword($this->EmailAddress(),$this->sPass,$this->sPassX);
    if (!$this->Success()) { // if that didn't work...
$ok = FALSE;
$this->IsAuthLink(TRUE); // display form again
    }
 
} // END authorized
return $ht;
     }
     }
</php>
</php>

Revision as of 02:07, 8 June 2015

Data

This uses essentially the same tables as VbzCart/tables#Users -- documentation to be moved here eventually.

Code

log in with existing user/password

clsPageLogin (see pages): <php> 

   protected function DoLoginCheck() {

$this->App()->Session()->UserLogin($this->LoginName(),$this->sPass); 

   }

</php> clsUserSession: <php> 

   /*----
     ACTION: Attempts to log the user in with the given credentials.
     RETURNS: user object if successful, NULL otherwise.
   */
   public function UserLogin($iUser,$iPass) {

$tUsers = $this->UserTable(); $oUser = $tUsers->Login($iUser,$iPass); $this->SetUserRecord($oUser); // set user for this session 

   }

</php> clsUserAccts: <php> 

   /*----
     RETURNS: user object if login successful, NULL otherwise
   */
   public function Login($iUser,$iPass) {

$rc = $this->FindUser($iUser); if (is_null($rc)) { // username not found $oUser = NULL; } elseif ($rc->PassMatches($iPass)) { $oUser = $rc; } else { // username found, password wrong $oUser = NULL; } return $oUser; 

   }

</php> clsUserAcct: <php> 

   public function PassMatches($iPass) {

// get salt for this user $sSalt = $this->Value('PassSalt');

// hash [stored salt]+[given pass] $sThisHashed = $this->Table()->HashPass($sSalt,$iPass); // get stored hash $sSavedHash = $this->Value('PassHash');

// see if they match $ok = ($sThisHashed == $sSavedHash); return $ok; 

   }

</php>

detect whether user is logged in

clsPageLogin: <php> 

   protected function IsLoggedIn() {

return $this->App()->Session()->HasUser(); 

   }

</php> clsUserSession: <php> 

   public function HasUser() {

return !is_null($this->UserID()); 

   }

</php>

reset password for existing user

clsPageLogin -- RenderUserAccess() calls UserAccess_ResetRequest(); application must call RenderUserAccess() after calling ParseInput_Login(): <php> 

   protected function RenderUserAccess() {

$oSkin = $this->Skin(); $ht = $this->SectionHeader($this->TitleString()); $oEmAuth = $this->Data()->EmailAuth(); $this->doShowLogin = TRUE; // By default, we'll still show the login form if not logged in $isEmailAuth = FALSE; // Assume this page is not an email authorization link...

$ht = NULL; $ok = FALSE; // set false initially so we do one iteration while (!$ok) { $ok = TRUE; // assume success

// check auth link and display form if it checks out if ($this->IsAuthLink()) {

// this is an AUTH link, so ignore any other stuff

$ar = $this->CheckAuth(); // check token $ht = $this->UserAccess_ProcessAuth($ar);

if ($this->IsCreateRequest()) { $ht .= $this->UserAccess_CreateRequest($ar); } elseif ($this->IsResetRequest()) { // password change request submitted $ht .= $this->UserAccess_ResetRequest(); }

} elseif($this->doEmail) {

// REQUEST AUTH LINK form has been submitted

$ht .= $this->SendPassReset_forAddr( $this->EmailAddress(), $this->LoginName() ); // END do email } elseif($this->isLogin) { if ($this->IsLoggedIn()) { die('LOGGED IN'); } else { die('LOGIN FAILED'); }

// LOGIN FAILED: login was tried, but we're still here (not logged in), so it must have failed:

$ht .= $oSkin->ErrorMessage('Sorry, the given username/password combination was not valid.'); $ht .= $oSkin->HLine(); // END is login } else { // TODO : log as possible illicit hacking attempt }

if ($this->doShowLogin) { $ht .= "\nIf you already have a user account on this site, you can log in now:
" .$this->RenderLogin($this->LoginName()) .$oSkin->HLine(); } if ($this->IsAuthLink()) { $htMsgPre = 'You can request another authorization email here'; $htMsgPost = NULL; } else { $htMsgPre = 'If you have forgotten your password or have not set up an account'; $htMsgPost = '
This will email you a link to set or reset your password.'; }

$ht .= "\n$htMsgPre:
" .$oSkin->RenderForm_Email_RequestReset($this->EmailAddress()) ."\n$htMsgPost"; } return $ht; 

   }

   /*----
     PURPOSE: process User Access forms when a password-reset request has been received
   */
   protected function UserAccess_ResetRequest() {

$ht = NULL; // check token, but don't display messages $this->CheckAuth(); if ($this->Success()) { // auth token checks out // check for duplicate username $tblUsers = $this->App()->Users(); $sUser = $this->LoginName(); $ht .= $this->ChangePassword($this->EmailAddress(),$this->sPass,$this->sPassX); if (!$this->Success()) { // if that didn't work... $ok = FALSE; $this->IsAuthLink(TRUE); // display form again }

} // END authorized return $ht; 

   }

</php>

Retrieved from "https://wooz.dev/mw/index.php?title=Ferreteria/v2/usage/login&oldid=2788"