public function doLogin($userEmail, $userPassword)
{
$response = new \stdClass();
$response->code_operation = "login";
$response->description = null;
$response->user_id = null;
$response->user_name = null;
$response->user_email = null;
$dbConnection = new DbConnection();
$statusCode = $dbConnection->checkUserForLogin($userEmail);
if ($statusCode === 1) {
$response->status = "false";
$response->description = $dbConnection->statusMessage;
return $response;
} elseif ($statusCode === 0) {
$statusCode = $dbConnection->checkBruteForce($dbConnection->userId);
if ($statusCode === 1) {
$response->status = "false";
$response->description = $dbConnection->statusMessage;
return $response;
} elseif ($statusCode === 0) {
if (password_verify($userPassword, $dbConnection->dbPassword)) {
$response->status = "true";
$response->description = $dbConnection->statusMessage;
$userId = preg_replace("/[^0-9]+/", "", $dbConnection->userId);
$userName = $username = preg_replace("/[^a-zA-Z0-9_\\-]+/", "", $dbConnection->userName);
$sessionHash = hash('sha512', $dbConnection->dbPassword . $userId . $userName . $userEmail);
$_SESSION['sessionData'] = $sessionHash;
$_SESSION['user_id'] = $userId;
$_SESSION['user_email'] = $userEmail;
$_SESSION['user_name'] = $userName;
$response->user_id = $userId;
$response->user_email = $userEmail;
$response->user_name = $userName;
setcookie("sessionData", $sessionHash);
return $response;
} else {
$dbConnection->insertBadLoginAttempt($dbConnection->userId);
$response->status = "false";
$response->description = $dbConnection->statusMessage;
return $response;
}
} else {
$response->status = "false";
return $response;
}
} else {
$response->status = "false";
return $response;
}
}
