Главная Обзор Помощь
Вход
LBP
/
Organizr
зеркало из https://github.com/causefx/Organizr.git
4
0
Ответвить 0
Файлы Задачи 0 Вики
Дерево: 02e125912e
Ветки Метки
Organizr
/
api
/
functions
/
token-functions.php

token-functions.php 4.9 KB
История Исходник

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147 
  1. <?php
    2. 

  2. function jwtParse($token)
    3. 

  3. {
    4. 

  4. 	try {
    5. 

  5. 		$result = array();
    6. 

  6. 		$result['valid'] = false;
    7. 

  7. 		// Check Token with JWT
    8. 

  8. 		// Set key
    9. 

  9. 		if (!isset($GLOBALS['organizrHash'])) {
    10. 

  10. 			return null;
    11. 

  11. 		}
    12. 

  12. 		$key = $GLOBALS['organizrHash'];
    13. 

  13. 		// SHA256 Encryption
    14. 

  14. 		$signer = new Lcobucci\JWT\Signer\Hmac\Sha256();
    15. 

  15. 		$jwttoken = (new Lcobucci\JWT\Parser())->parse((string)$token); // Parses from a string
    16. 

  16. 		$jwttoken->getHeaders(); // Retrieves the token header
    17. 

  17. 		$jwttoken->getClaims(); // Retrieves the token claims
    18. 

  18. 		// Start Validation
    19. 

  19. 		if ($jwttoken->verify($signer, $key)) {
    20. 

  20. 			$data = new Lcobucci\JWT\ValidationData(); // It will use the current time to validate (iat, nbf and exp)
    21. 

  21. 			$data->setIssuer('Organizr');
    22. 

  22. 			$data->setAudience('Organizr');
    23. 

  23. 			if ($jwttoken->validate($data)) {
    24. 

  24. 				$result['valid'] = true;
    25. 

  25. 				$result['username'] = $jwttoken->getClaim('username');
    26. 

  26. 				$result['group'] = $jwttoken->getClaim('group');
    27. 

  27. 				$result['groupID'] = $jwttoken->getClaim('groupID');
    28. 

  28. 				$result['userID'] = $jwttoken->getClaim('userID');
    29. 

  29. 				$result['email'] = $jwttoken->getClaim('email');
    30. 

  30. 				$result['image'] = $jwttoken->getClaim('image');
    31. 

  31. 				$result['tokenExpire'] = $jwttoken->getClaim('exp');
    32. 

  32. 				$result['tokenDate'] = $jwttoken->getClaim('iat');
    33. 

  33. 				$result['token'] = $jwttoken->getClaim('exp');
    34. 

  34. 			}
    35. 

  35. 		}
    36. 

  36. 		if ($result['valid'] == true) {
    37. 

  37. 			return $result;
    38. 

  38. 		} else {
    39. 

  39. 			return false;
    40. 

  40. 		}
    41. 

  41. 	} catch (\RunException $e) {
    42. 

  42. 		return false;
    43. 

  43. 	} catch (\OutOfBoundsException $e) {
    44. 

  44. 		return false;
    45. 

  45. 	} catch (\RunTimeException $e) {
    46. 

  46. 		return false;
    47. 

  47. 	} catch (\InvalidArgumentException $e) {
    48. 

  48. 		return false;
    49. 

  49. 	}
    50. 

  50. }
    51. 

  51. 

  52. function createToken($username, $email, $image, $group, $groupID, $key, $days = 1)
    53. 

  53. {
    54. 

  54. 	if (!isset($GLOBALS['dbLocation']) || !isset($GLOBALS['dbName'])) {
    55. 

  55. 		return false;
    56. 

  56. 	}
    57. 

  57. 	//Quick get user ID
    58. 

  58. 	try {
    59. 

  59. 		$database = new Dibi\Connection([
    60. 

  60. 			'driver' => 'sqlite3',
    61. 

  61. 			'database' => $GLOBALS['dbLocation'] . $GLOBALS['dbName'],
    62. 

  62. 		]);
    63. 

  63. 		$result = $database->fetch('SELECT * FROM users WHERE username = ? COLLATE NOCASE OR email = ? COLLATE NOCASE', $username, $email);
    64. 

  64. 		// Create JWT
    65. 

  65. 		// Set key
    66. 

  66. 		// SHA256 Encryption
    67. 

  67. 		$signer = new Lcobucci\JWT\Signer\Hmac\Sha256();
    68. 

  68. 		// Start Builder
    69. 

  69. 		$jwttoken = (new Lcobucci\JWT\Builder())->setIssuer('Organizr')// Configures the issuer (iss claim)
    70. 

  70. 		->setAudience('Organizr')// Configures the audience (aud claim)
    71. 

  71. 		->setId('4f1g23a12aa', true)// Configures the id (jti claim), replicating as a header item
    72. 

  72. 		->setIssuedAt(time())// Configures the time that the token was issue (iat claim)
    73. 

  73. 		->setExpiration(time() + (86400 * $days))// Configures the expiration time of the token (exp claim)
    74. 

  74. 		->set('username', $result['username'])// Configures a new claim, called "username"
    75. 

  75. 		->set('group', $result['group'])// Configures a new claim, called "group"
    76. 

  76. 		->set('groupID', $result['group_id'])// Configures a new claim, called "groupID"
    77. 

  77. 		->set('email', $result['email'])// Configures a new claim, called "email"
    78. 

  78. 		->set('image', $result['image'])// Configures a new claim, called "image"
    79. 

  79. 		->set('userID', $result['id'])// Configures a new claim, called "image"
    80. 

  80. 		->sign($signer, $key)// creates a signature using "testing" as key
    81. 

  81. 		->getToken(); // Retrieves the generated token
    82. 

  82. 		$jwttoken->getHeaders(); // Retrieves the token headers
    83. 

  83. 		$jwttoken->getClaims(); // Retrieves the token claims
    84. 

  84. 		coookie('set', 'organizrToken', $jwttoken, $days);
    85. 

  85. 		return $jwttoken;
    86. 

  86. 	} catch (Dibi\Exception $e) {
    87. 

  87. 		return false;
    88. 

  88. 	}
    89. 

  89. }
    90. 

  90. 

  91. function validateToken($token, $global = false)
    92. 

  92. {
    93. 

  93. 	// Validate script
    94. 

  94. 	$userInfo = jwtParse($token);
    95. 

  95. 	$validated = $userInfo ? true : false;
    96. 

  96. 	if ($validated == true) {
    97. 

  97. 		if ($global == true) {
    98. 

  98. 			try {
    99. 

  99. 				$database = new Dibi\Connection([
    100. 

  100. 					'driver' => 'sqlite3',
    101. 

  101. 					'database' => $GLOBALS['dbLocation'] . $GLOBALS['dbName'],
    102. 

  102. 				]);
    103. 

  103. 				$result = $database->fetch('SELECT * FROM users WHERE id = ?', $userInfo['userID']);
    104. 

  104. 				$GLOBALS['organizrUser'] = array(
    105. 

  105. 					"token" => $token,
    106. 

  106. 					"tokenDate" => $userInfo['tokenDate'],
    107. 

  107. 					"tokenExpire" => $userInfo['tokenExpire'],
    108. 

  108. 					"username" => $result['username'],
    109. 

  109. 					"group" => $result['group'],
    110. 

  110. 					"groupID" => $result['group_id'],
    111. 

  111. 					"email" => $result['email'],
    112. 

  112. 					"image" => $result['image'],
    113. 

  113. 					"userID" => $result['id'],
    114. 

  114. 					"loggedin" => true,
    115. 

  115. 				);
    116. 

  116. 			} catch (Dibi\Exception $e) {
    117. 

  117. 				$GLOBALS['organizrUser'] = false;
    118. 

  118. 			}
    119. 

  119. 		}
    120. 

  120. 	} else {
    121. 

  121. 		// Delete cookie & reload page
    122. 

  122. 		coookie('delete', 'organizrToken');
    123. 

  123. 		$GLOBALS['organizrUser'] = false;
    124. 

  124. 	}
    125. 

  125. }
    126. 

  126. 

  127. function getOrganizrUserToken()
    128. 

  128. {
    129. 

  129. 	if (isset($_COOKIE['organizrToken'])) {
    130. 

  130. 		// Get token form cookie and validate
    131. 

  131. 		validateToken($_COOKIE['organizrToken'], true);
    132. 

  132. 	} else {
    133. 

  133. 		$GLOBALS['organizrUser'] = array(
    134. 

  134. 			"token" => null,
    135. 

  135. 			"tokenDate" => null,
    136. 

  136. 			"tokenExpire" => null,
    137. 

  137. 			"username" => "Guest",
    138. 

  138. 			"group" => getGuest()['group'],
    139. 

  139. 			"groupID" => getGuest()['group_id'],
    140. 

  140. 			"email" => null,
    141. 

  141. 			//"groupImage"=>getGuest()['image'],
    142. 

  142. 			"image" => getGuest()['image'],
    143. 

  143. 			"userID" => null,
    144. 

  144. 			"loggedin" => false
    145. 

  145. 		);
    146. 

  146. 	}
    147. 

  147. }
    148.