/** * @NotLogged * @param RegisterBindingModel $model * @throws \Exception */ public function register(RegisterBindingModel $model) { if ($model->getPassword() !== $model->getConfirm()) { throw new \Exception("Password don't match Confirm Password!", 400); } if (!preg_match('/^[\\w]{3,15}$/', $model->getUsername())) { throw new \Exception("Invalid username format!", 400); } // Check for already registered with the same name $this->db->prepare("SELECT id\n FROM users\n WHERE username = ?", array($model->getUsername())); $response = $this->db->execute()->fetchRowAssoc(); $id = $response['id']; if ($id !== null) { $username = $model->getUsername(); throw new \Exception("Username '{$username}' already taken!", 400); } // Check for already registered with the same email $this->db->prepare("SELECT id\n FROM users\n WHERE email = ?", array($model->getEmail())); $response = $this->db->execute()->fetchRowAssoc(); $id = $response['id']; if ($id !== null) { $email = $model->getEmail(); throw new \Exception("Email '{$email}' already taken!", 400); } $this->db->prepare("INSERT\n INTO users\n (username, password, email)\n VALUES (?, ?, ?)", array($model->getUsername(), $model->getPassword(), $model->getEmail()))->execute(); $loginBindingModel = new LoginBindingModel(array('username' => $model->getUsername(), 'password' => $model->getPassword())); // Work around to avoid double crypting passwords. $loginBindingModel->afterRegisterPasswordPass($model->getPassword()); $this->login($loginBindingModel); }
/** * @param LoginBindingModel $model * @return string */ function login(LoginBindingModel $model) : string { $db = SimpleDB::getInstance('conference_scheduler'); $result = $db->prepare("SELECT\r\n id, username, password\r\n FROM users\r\n WHERE username = ?"); $result->execute([$model->getPassword()]); if ($result->affectedRows() > 0) { $userRow = $result->fetch(); if (password_verify($model->getPassword(), $userRow['password'])) { return $userRow['id']; } } throw new \Exception("Wrong username or password."); }
/** * @BindingModels LoginBindingModel */ public function loginpost(LoginBindingModel $bindingModel) { if ($bindingModel) { $user = new User(); $user->setUsername($bindingModel->getUsername()); $user->setPassword($bindingModel->getPassword()); $this->initLogin($user->getUsername(), $user->getPassword()); } }