/** * Creates a new user * * Important: The passwort set in User object will be transformed into a hash value. After that the password of the * User object gets replaced with this hash. * * @param User $user * User object to create user for * @param boolean $state * Set to true if user should be autoactivated * * @throws UserException * * @return integer */ public function createUser(User $user) : int { $username = $user->getUsername(); if ($username == 'guest') { throw new UserException('Cannot create user without username.'); } if (empty($user->getPassword())) { throw new UserException('Cannot create user without a password'); } // Check for already existing username $exists = $this->db->count($this->table, 'username=:username', [':username' => $username]); if ($exists > 0) { throw new UserException(sprintf('The username "%s" is already in use.', $username)); } try { $this->db->beginTransaction(); $this->db->qb(['table' => $this->table, 'data' => ['username' => $username, 'display_name' => $user->getDisplayname(), 'state' => $user->getState()]], true); // Get our new user id $id = $this->db->lastInsertId(); if (!empty($id)) { // Set new id to users object $user->setId($id); // Create password hash $this->changePassword($user); $this->db->endTransaction(); } } catch (\Throwable $t) { throw new UserException($t->getMessage(), $t->getCode()); } return $id; }
/** * Inits security system * * Creates Security service instance. * Checks current user if there is an active ban present. * Runs autologin procedure and loads user data on success. * Creates random session token which must be sent with each form or all posted data will be dropped. * * @TODO Create BanHandler!!! */ private function initSecurity() { // Map user services, factories and values $this->di->mapFactory('core.security.user', '\\Core\\Security\\User\\User'); $this->di->mapValue('core.security.user.current', $this->di->get('core.security.user')); $this->di->mapService('core.security.user.handler', '\\Core\\Security\\User\\UserHandler', ['db.default']); // Create a security related logger service /* @var $logger \Core\Logger\Logger */ $logger = $this->di->get('core.logger'); $logger->registerStream(new \Core\Logger\Streams\FileStream(LOGDIR . '/security.log')); $this->di->mapValue('core.logger.security', $logger); // Bancheck $this->di->mapService('core.security.ban.check', '\\Core\\Security\\Ban\\BanCheck', 'db.default'); $this->bancheck = $this->di->get('core.security.ban.check'); $this->bancheck->setIp($_SERVER['REMOTE_ADDR']); $this->bancheck->setTries($this->config->get('Core', 'security.ban.tries')); $this->bancheck->setTtlBanLogEntry($this->config->get('Core', 'security.ban.ttl.log')); $this->bancheck->setTtlBan($this->config->get('Core', 'security.ban.ttl.ban')); $this->bancheck->setLogger($logger); if ($this->bancheck->checkBan()) { // @TODO Create BanHandler!!! die('You\'ve been banned'); } // Create the current user object $this->user = $this->di->get('core.security.user.current'); // Get salt from config $salt = $this->config->get('Core', 'security.encrypt.salt'); // Handle login $this->di->mapService('core.security.login', '\\Core\\Security\\Login\\Login', 'db.default'); /* @var $login \Core\Security\Login\Login */ $login = $this->di->get('core.security.login'); $login->setBan((bool) $this->config->get('Core', 'security.ban.active')); $login->setCookieName($this->config->get('Core', 'cookie.name')); $login->setRemember($this->config->get('Core', 'security.login.autologin.active')); $login->setLogger($logger); if (!empty($salt)) { $login->setSalt($salt); } // Not logged in and active autologin? if ($login->loggedIn()) { $id = $login->getId(); } elseif ($login->getRemember()) { $this->di->mapService('core.security.login.autologin', '\\Core\\Security\\Login\\Autologin', 'db.default'); /* @var $autologin \Core\Security\Login\Autologin */ $autologin = $this->di->get('core.security.login.autologin'); $autologin->setExpiresAfter($this->config->get('Core', 'security.login.autologin.expires_after')); $autologin->setCookieName($this->config->get('Core', 'cookie.name')); $autologin->setLogger($logger); $id = $autologin->doAutoLogin(); } /* @var $userhandler \Core\Security\User\UserHandler */ $userhandler = $this->di->get('core.security.user.handler'); $userhandler->setLogger($logger); if (!empty($salt)) { $userhandler->setSalt($salt); } // Userdata to load? if (!empty($id)) { $this->user->setId($id); $userhandler->loadUser($this->user); } // Generate a session token that can be used for sending data in session context. $token = new SessionToken(); if (!$token->exists()) { $token->generate(); } $this->di->mapValue('core.security.form.token', $token->getToken()); $this->di->mapValue('core.security.form.token.name', $this->config->get('Core', 'security.form.token')); }