/** * Authenticates a user * @return boolean */ private function authenticate(Anonymous $toBeLoggedIn) { $user = $this->UserCollection->getUser($toBeLoggedIn->getUsername()); if ($user) { $login = password_verify($toBeLoggedIn->getPassword(), $user->getPassword()); if ($login) { return true; } else { $username = $toBeLoggedIn->getUsername(); $stmt = $this->UserCollection->db->db->prepare("SELECT temp_password FROM users WHERE username = :username"); $stmt->bindParam(':username', $username); $stmt->execute(); $temporaryPassword = $stmt->fetch(); $temporaryPassword = $temporaryPassword[0]; if ($temporaryPassword == $toBeLoggedIn->getPassword()) { return true; } } } else { return false; } }
/** * Adds new user to collection * @return boolean */ private function add(Anonymous $userToAdd) { $username = $userToAdd->getUsername(); $password = $userToAdd->getPassword(); assert(isset($username) && isset($password)); if (strlen($username) >= 3 && strlen($password) >= 6) { $userExists = false; foreach ($this->users as $key => $user) { if ($username == $user->getUsername()) { $userExists = true; } } $newUser = new User($username, $password); $username = $newUser->getUsername(); $password = $newUser->getPassword(); if (!$userExists) { $stmt = $this->db->db->prepare("INSERT INTO users (username, password) VALUES (:username, :password)"); $stmt->bindParam(':username', $username); $stmt->bindParam(':password', $password); try { $stmt->execute(); } catch (\Exception $e) { throw new \exceptions\FailedRegistrationException('User already exists'); } $this->users[] = $userToAdd; return true; } else { if ($userExists) { throw new \exceptions\FailedRegistrationException('User already exists'); } } } else { throw new \exceptions\FailedRegistrationException('Too short password or username'); } }