//Build the interface
$params = new SimpleObject\OdaPrepareInterface();
$params->arrayInput = array("login", "mdp");
$ODA_INTERFACE = new OdaLibInterface($params);
//--------------------------------------------------------------------------
// vendor/happykiller/oda/resources/api/getAuth.php?milis=123450&login=VIS&mdp=VIS
//--------------------------------------------------------------------------
$params = new SimpleObject\OdaPrepareReqSql();
$params->sql = "select a.`id_rang`, a.`code_user`, a.`password`, a.`mail`\n from `api_tab_utilisateurs` a\n where 1=1\n and a.`code_user` = :code_user\n;";
$params->bindsValue = ["code_user" => $ODA_INTERFACE->inputs["login"]];
$params->typeSQL = OdaLibBd::SQL_GET_ONE;
$retour = $ODA_INTERFACE->BD_ENGINE->reqODASQL($params);
if (!$retour->data) {
$ODA_INTERFACE->dieInError('Auth impossible.(user unknown)', $ODA_INTERFACE::STATE_ERROR_AUTH);
} else {
if (OdaLib::startsWith($ODA_INTERFACE->inputs["mdp"], "authByGoogle-")) {
$mail = str_replace("authByGoogle-", "", $ODA_INTERFACE->inputs["mdp"]);
if ($mail !== $retour->data->mail) {
$ODA_INTERFACE->dieInError('Auth impossible.(mail incorrect)', $ODA_INTERFACE::STATE_ERROR_AUTH);
}
}
}
$key = $ODA_INTERFACE->buildSession(array('code_user' => $ODA_INTERFACE->inputs["login"], 'password' => $ODA_INTERFACE->inputs["mdp"], 'dbPassword' => $retour->data->password));
$data = new stdClass();
$data->id_rang = $retour->data->id_rang;
$data->code_user = $retour->data->code_user;
$data->keyAuthODA = $key;
$retour->data = $data;
//--------------------------------------------------------------------------
$params = new \stdClass();
$params->label = "resultat";
/**
* buildSession
* @param array $p_params
* @param array $p_params[code_user]
* @param array $p_params[password]
* @param array $p_params[dbPassword]
* @return string
*/
public function buildSession($p_params)
{
try {
$v_code_user = $p_params["code_user"];
$v_key = "";
//Detruit les veilles clés
$params = new SimpleObject\OdaPrepareReqSql();
$params->sql = "DELETE FROM `api_tab_session`\n WHERE 1=1\n AND `datas` like '%\"code_user\":\"" . $v_code_user . "\"%'\n AND (`dateCreation` + INTERVAL `periodeValideMinute` MINUTE) < NOW()\n AND `periodeValideMinute` != 0\n ;";
$params->typeSQL = OdaLibBd::SQL_SCRIPT;
$retour = $this->BD_AUTH->reqODASQL($params);
//Vérifie la présence d'une clé
$params = new SimpleObject\OdaPrepareReqSql();
$params->sql = "SELECT *\n FROM `api_tab_session` a\n WHERE 1=1\n AND a.`datas` like '%\"code_user\":\"" . $v_code_user . "\"%'\n AND (a.`dateCreation` + INTERVAL a.`periodeValideMinute` MINUTE) > NOW()\n ;";
$params->typeSQL = OdaLibBd::SQL_GET_ONE;
$retour = $this->BD_AUTH->reqODASQL($params);
if ($retour->data) {
$v_key = $retour->data->key;
} else {
//Check log pass
$checkPass = true;
if (!OdaLib::startsWith($p_params['password'], "authByGoogle-")) {
$checkPass = password_verify($p_params['password'], $p_params['dbPassword']);
}
if ($checkPass) {
//Construit une nouvelle clé
$v_strDate = \date('YmdHis');
$v_key = \md5($v_code_user . "_" . $v_strDate);
$json = new stdClass();
$json->code_user = $v_code_user;
$json->date = $v_strDate;
$params = new SimpleObject\OdaPrepareReqSql();
$params->sql = "INSERT INTO `api_tab_session`(\n `id` ,\n `key` ,\n `datas` ,\n `dateCreation` ,\n `periodeValideMinute`\n )\n VALUES (\n NULL , '" . $v_key . "', '" . \json_encode($json) . "', NOW(), 720\n )\n ;";
$params->typeSQL = OdaLibBd::SQL_INSERT_ONE;
$retour = $this->BD_ENGINE->reqODASQL($params);
} else {
$this->dieInError('Auth impossible.(Password wrong)', self::STATE_ERROR_AUTH);
}
}
return $v_key;
} catch (Exception $ex) {
$this->object_retour->strErreur = $ex . '';
$this->object_retour->statut = self::STATE_ERROR;
die;
}
}
