public function doSignup($passwordForm, $userName, $userEmail) { $response = new \stdClass(); $randomSalt = mcrypt_create_iv(22, MCRYPT_DEV_URANDOM); $passwordHashOptions = array('cost' => 15, 'salt' => $randomSalt); $securePassword = password_hash($passwordForm, PASSWORD_BCRYPT, $passwordHashOptions); $myDb = new DbConnection(); if ($myDb->checkUserForSignup($userName, $userEmail) == 1) { $response->code_operation = "signup"; $response->status = "false"; $response->description = $myDb->statusMessage; return $response; } elseif ($status = $myDb->addNewUser($userName, $userEmail, $securePassword) == 1) { $response->code_operation = "signup"; $response->status = "false"; $response->description = $myDb->statusMessage; return $response; } elseif ($status == 0) { $response->code_operation = "signup"; $response->status = "true"; $response->description = $myDb->statusMessage; return $response; } else { $response->code_operation = "signup"; $response->status = "false"; $response->description = $myDb->statusMessage; return $response; } }
public function doLogin($userEmail, $userPassword) { $response = new \stdClass(); $response->code_operation = "login"; $response->description = null; $response->user_id = null; $response->user_name = null; $response->user_email = null; $dbConnection = new DbConnection(); $statusCode = $dbConnection->checkUserForLogin($userEmail); if ($statusCode === 1) { $response->status = "false"; $response->description = $dbConnection->statusMessage; return $response; } elseif ($statusCode === 0) { $statusCode = $dbConnection->checkBruteForce($dbConnection->userId); if ($statusCode === 1) { $response->status = "false"; $response->description = $dbConnection->statusMessage; return $response; } elseif ($statusCode === 0) { if (password_verify($userPassword, $dbConnection->dbPassword)) { $response->status = "true"; $response->description = $dbConnection->statusMessage; $userId = preg_replace("/[^0-9]+/", "", $dbConnection->userId); $userName = $username = preg_replace("/[^a-zA-Z0-9_\\-]+/", "", $dbConnection->userName); $sessionHash = hash('sha512', $dbConnection->dbPassword . $userId . $userName . $userEmail); $_SESSION['sessionData'] = $sessionHash; $_SESSION['user_id'] = $userId; $_SESSION['user_email'] = $userEmail; $_SESSION['user_name'] = $userName; $response->user_id = $userId; $response->user_email = $userEmail; $response->user_name = $userName; setcookie("sessionData", $sessionHash); return $response; } else { $dbConnection->insertBadLoginAttempt($dbConnection->userId); $response->status = "false"; $response->description = $dbConnection->statusMessage; return $response; } } else { $response->status = "false"; return $response; } } else { $response->status = "false"; return $response; } }
public function restoreNewPassword($email, $password, $token) { $dataBaseServices = new DbConnection(); $checkEmailStatus = $dataBaseServices->checkUserEmail($email); if ($checkEmailStatus === 0) { $chekTokenStatus = $dataBaseServices->checkValidToken($email, $token); if ($chekTokenStatus === 0) { $signedPassword = $this->signNewPassword($password); $changePasswordStatus = $dataBaseServices->changeUserPassword($email, $signedPassword); if ($changePasswordStatus === 0) { return 0; } else { return 1; } } else { return 1; } } else { return 1; } }