libs/phplibrary
3
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Избавляемся от статических классов и синглтонов

Browse source
This commit is contained in:
CORP\phedor 2018-03-27 12:23:58 +03:00
parent 77fa3dbd5e
commit 805fb6654d
11 changed files with 177 additions and 309 deletions
Download patch file Download diff file Expand all files Collapse all files

46
src/Filter/Login.php
View file

@ -14,11 +14,11 @@ class Filter_Login extends Filter_Filter
const SESSION_BROWSER_SIGN_KEYNAME = 'session.app.browser.sign';
public $mode = 'ajax';
//AJAX-Реквесты для которых не требуется авторизация, потребовалось для сбора статистики
public $whiteRequestList = [['module' => "requiredcontent", "action" => "getcount"],
['module' => "requiredcontent", "action" => "teststructure"],
['module' => "requiredcontent", "action" => "specialdump"]
];
function __construct($processor, $role, $whitelist = []) {
parent::__construct($processor);
$this->role = $role;
$this->whitelist = $whitelist;
}
/**
* Проверка авторизации
* @return Boolean Авторизовани пользователь или нет
@ -27,29 +27,18 @@ class Filter_Login extends Filter_Filter
{
// Авторизация
session_start();
$db = $this->getConnection();
Filter_UserAccess::setUp($db); // Соединение
switch ($request->getAction()) {
// Авторизация по постоянному паролю
case 'login':
$login = $request->get('login');
$password = $request->get('password');
$result = Filter_UserAccess::getUserByLogin($login); // Поиск по логину
$result = $this->role->getUserByLogin($login); // Поиск по логину
if ($result) {
$userPassword = $result->getString('password');
if (Filter_UserAccess::$access == 'site_root' && defined('PARENT_PATH')) {
$s = new Settings(PARENT_PATH . '/settings.json');
$s->read();
$dsn = $s->readKey(array('system', 'dsn'));
$db = Database::getConnection($dsn);
$user = $db->fetchOneArray("SELECT * FROM users WHERE login = :login", ['login' => $login]);
$userPassword = $user['password'];
}
$userPassword = $this->role->getUserPassword($result);
// Извлечнеие пользователя из родительской CMS, для проверки пароля
if (md5($password) == $userPassword) { // password
$this->enter($db, $result);
$this->enter($result);
return true;
}
}
@ -62,7 +51,7 @@ class Filter_Login extends Filter_Filter
case 'enter':
$login = $request->get('login');
$password = $request->get('sid');
$result = Filter_UserAccess::getUserByLogin($login); // Поиск по логину
$result = $this->role->getUserByLogin($login); // Поиск по логину
if ($result) {
$temp = md5($result->getString('password') . $result->getString('login') . $result->getString('sid'));
if ($password == $temp) {
@ -76,7 +65,7 @@ class Filter_Login extends Filter_Filter
// Если $hash не совпадает $_SESSION['hash'] то удаляем сессию
if (isset($_SESSION ['access']) && isset($_SESSION[self::SESSION_BROWSER_SIGN_KEYNAME])) {
if ($hash == $_SESSION[self::SESSION_BROWSER_SIGN_KEYNAME]) {
$this->user = $user = Filter_UserAccess::getUserById($_SESSION['access']); // Поиск по идентификатору
$this->user = $user = $role->getUserById($_SESSION['access']); // Поиск по идентификатору
if ($user && isset($_SESSION['random']) && ($user->get('sid') == $_SESSION['random'])) {
return true;
}
@ -89,8 +78,7 @@ class Filter_Login extends Filter_Filter
return false;
}
private function getBrowserSign()
{
private function getBrowserSign() {
$rawSign = self::SESSION_BROWSER_SIGN_SECRET;
//$signParts = array('HTTP_USER_AGENT', 'HTTP_ACCEPT_ENCODING');
$signParts = array();
@ -101,15 +89,15 @@ class Filter_Login extends Filter_Filter
return md5($rawSign);
}
private function enter($db, $result)
private function enter($result)
{
$this->user = $result;
$random = rand(0, 1024 * 1024);
$db->executeQuery("UPDATE users SET sid = '$random' WHERE id_user = " . $result->getInt('id_user'));
$this->role->setSID($random, $result);
$_SESSION["group"] = $result->getInt('access');
$_SESSION["access"] = $result->getInt('id_user'); // id_user
$_SESSION["random"] = $random; // id_user
// $_SESSION["group"] = $result->getInt('access');
$_SESSION["access"] = $result->getInt('id_user');
$_SESSION["random"] = $random;
$_SESSION[self::SESSION_BROWSER_SIGN_KEYNAME] = $this->getBrowserSign();
$_SESSION["time"] = time();
}
@ -122,7 +110,6 @@ class Filter_Login extends Filter_Filter
$result = array();
$result['fullname'] = $this->user->getString('patronymic') . " " . $this->user->getString('firstname');
$result['email'] = $this->user->getString('email');
$result['site'] = 187;
$result['hash'] = sha1(self::SESSION_BROWSER_SIGN_SECRET . $this->user->getString('email'));
return json_encode($result);
} else {
@ -164,7 +151,6 @@ class Filter_Login extends Filter_Filter
/* ---------------------
* Проверка на попадание реквеста в белый список
*/
public function requestIsWhite(Collection $request, $whiteRequestList){
$module = $request->get('module');
$action = $request->get('action');