/** * Class constructor * * @param string $readOnly If readOnly is true, don't refresh the user's expire time. */ public function __construct($readOnly = false) { session_start(); $config = new Config(); $this->_config = $config; // Users are always authorized if the configuration tells us to skip authentication. if ($config->getSkipAuth()) { return; } self::$_userId = $config->getUserId(); self::$_password = $config->getUserPassword(); if ($this->isAuthorized($readOnly)) { if (isset($_POST['auth_username']) && isset($_POST['auth_password']) && !$readOnly) { // User is logging in. $authTicket = bin2hex(openssl_random_pseudo_bytes(32)); $atc = new AuthTicketController(); $atm = new AuthTicketModel(); $atm->setAuthTicket($authTicket); $atc->add($atm); $userId = self::$_userId; $now = date("Y-m-d H:i:s"); $out = "{$now}: Login detected for {$userId} with {$authTicket}." . PHP_EOL; file_put_contents("login.log", $out, FILE_APPEND); self::$_authTicket = $authTicket; $_SESSION['auth_ticket'] = self::$_authTicket; } } }
/** * Verifier constructor. * * @param ConfigInterface $config */ public function __construct(ConfigInterface $config = null) { if (is_null($config)) { $config = new Config(); } $this->lifespan = $config->getLifespan(); $this->algorithm = $config->getAlgorithm(); $this->salt = $config->getSalt(); $this->sessionToken = $config->getSessionToken(); $this->userId = $config->getUserId(); }
public function testSettingUserId() { $this->assertNotEquals(1, self::$config->getUserId()); Config::setUserId(1); $this->assertEquals(1, self::$config->getUserId()); }