diff --git a/src/Authentication/JsonWebToken.php b/src/Authentication/JsonWebToken.php index aacdbe7..454cb8e 100644 --- a/src/Authentication/JsonWebToken.php +++ b/src/Authentication/JsonWebToken.php @@ -191,8 +191,9 @@ public function decode($token, $key = null) return false; } + // Check if this token has expired. - if (isset($payload->exp) && ($timestamp - $this->leeway) >= $payload->exp) { + if (isset($payload->exp) && ($timestamp - $this->leeway) >= strtotime($payload->exp)) { $this->errors[] = 'Expired token'; return false; diff --git a/src/Authentication/User.php b/src/Authentication/User.php index 6abaeed..34f698a 100644 --- a/src/Authentication/User.php +++ b/src/Authentication/User.php @@ -16,6 +16,7 @@ // ------------------------------------------------------------------------ use O2System\Cache\Item; +use O2System\Spl\DataStructures\SplArrayObject; use O2System\Spl\Traits\Collectors\ConfigCollectorTrait; use Psr\Cache\CacheItemPoolInterface; @@ -35,13 +36,13 @@ class User public function __construct() { $this->setConfig([ - 'password' => [ + 'password' => [ 'algorithm' => PASSWORD_DEFAULT, - 'options' => [], + 'options' => [], ], 'msisdnRegex' => '/^\+[1-9]{1}[0-9]{3,14}$/', 'maxAttempts' => 5, - 'sso' => [ + 'sso' => [ 'enable' => false, 'server' => base_url(), ], @@ -95,8 +96,8 @@ public function passwordRehash($password) { if (password_needs_rehash( $password, - $this->config[ 'password' ][ 'algorithm' ], - $this->config[ 'password' ][ 'options' ] + $this->config['password']['algorithm'], + $this->config['password']['options'] )) { return $this->passwordHash($password); } @@ -117,8 +118,8 @@ public function passwordHash($password) { return password_hash( $password, - $this->config[ 'password' ][ 'algorithm' ], - $this->config[ 'password' ][ 'options' ] + $this->config['password']['algorithm'], + $this->config['password']['options'] ); } @@ -144,7 +145,7 @@ public function passwordVerify($password, $hash) */ public function attempt() { - $_SESSION[ 'userAttempts' ] = $this->getAttempts() + 1; + $_SESSION['userAttempts'] = $this->getAttempts() + 1; } // ------------------------------------------------------------------------ @@ -157,8 +158,8 @@ public function attempt() public function getAttempts() { $currentAttempts = 0; - if (isset($_SESSION[ 'userAttempts' ])) { - $currentAttempts = (int)$_SESSION[ 'userAttempts' ]; + if (isset($_SESSION['userAttempts'])) { + $currentAttempts = (int)$_SESSION['userAttempts']; } return (int)$currentAttempts; @@ -166,55 +167,6 @@ public function getAttempts() // ------------------------------------------------------------------------ - /** - * User::login - * - * @param array $account - */ - public function login(array $account) - { - $_SESSION[ 'account' ] = $account; - unset($_SESSION[ 'userAttempts' ]); - } - - // ------------------------------------------------------------------------ - - /** - * User::signOn - * - * @param array $account - * - * @throws \Exception - */ - public function signOn(array $account) - { - $cacheItemPool = $this->getCacheItemPool(); - $virtualUserId = md5(json_encode($account) . mt_srand() . time()); - $cacheItemPool->save(new Item('sso-' . $virtualUserId, $account, false)); - - set_cookie('ssid', $virtualUserId); - } - - // ------------------------------------------------------------------------ - - /** - * User::getCacheItemPool - * - * @return CacheItemPoolInterface - */ - protected function getCacheItemPool() - { - $cacheItemPool = cache()->getObject('default'); - - if (cache()->exists('sso')) { - $cacheItemPool = cache()->getObject('sso'); - } - - return $cacheItemPool; - } - - // ------------------------------------------------------------------------ - /** * User::loggedIn * @@ -223,11 +175,7 @@ protected function getCacheItemPool() */ public function loggedIn() { - if (isset($_SESSION[ 'account' ])) { - return true; - } elseif($this->tokenOn()) { - return true; - } elseif ($this->signedOn()) { + if (isset($_SESSION['account'])) { return true; } @@ -237,46 +185,13 @@ public function loggedIn() // ------------------------------------------------------------------------ /** - * User::tokenOn - */ - public function tokenOn() - { - if(false !== ($token = input()->bearerToken())) { - $_SESSION['account'] = (new JsonWebToken())->decode($token); - - globals()->store('account', $_SESSION['account']); - - return true; - } - - return false; - } - - // ------------------------------------------------------------------------ - - /** - * User::signedOn + * AccessControl::login * - * @return bool - * @throws \Psr\Cache\InvalidArgumentException + * @param array $account */ - public function signedOn() + public function login(array $account) { - if ($virtualUserId = input()->cookie('ssid')) { - $cacheItemPool = $this->getCacheItemPool(); - - if($cacheItemPool->hasItem('sso-' . $virtualUserId)) { - - $item = $cacheItemPool->getItem('sso-' . input()->cookie('ssid')); - $_SESSION['account'] = $item->get(); - - globals()->store('account', $_SESSION['account']); - - return true; - } - } - - return false; + $_SESSION['account'] = $account; } // ------------------------------------------------------------------------ @@ -286,26 +201,8 @@ public function signedOn() */ public function logout() { - $this->signOff(); - - if (isset($_SESSION[ 'account' ])) { - unset($_SESSION[ 'account' ]); - } - } - - // ------------------------------------------------------------------------ - - /** - * User::signOff - * - * @throws \Psr\Cache\InvalidArgumentException - */ - public function signOff() - { - if ($virtualUserId = input()->cookie('ssid')) { - $cacheItemPool = $this->getCacheItemPool(); - $cacheItemPool->deleteItem('sso-' . $virtualUserId); - delete_cookie('ssid'); + if (isset($_SESSION['account'])) { + unset($_SESSION['account']); } } } \ No newline at end of file diff --git a/src/Encryptions/Binary.php b/src/Encryptions/Binary.php index 294bb01..d032985 100644 --- a/src/Encryptions/Binary.php +++ b/src/Encryptions/Binary.php @@ -28,6 +28,7 @@ class Binary * @var array */ private static $charactersMap = []; + /** * Binary::$crypt * diff --git a/src/Encryptions/Hexadecimal.php b/src/Encryptions/Hexadecimal.php new file mode 100644 index 0000000..35d71ef --- /dev/null +++ b/src/Encryptions/Hexadecimal.php @@ -0,0 +1,106 @@ +crypt = new Crypt(); + } + + // ------------------------------------------------------------------------ + + /** + * Hexadecimal::encrypt + * + * Encrypt string into numbers. + * + * @param string $string String to be encrypted. + * + * @return string + */ + public function encrypt($string) + { + $dec = []; + $hex = str_split($this->crypt->encrypt($string), 4); + + foreach ($hex as $char) { + $dec[] = str_pad(hexdec($char), 5, '0', STR_PAD_LEFT); + } + + return implode('', $dec); + } + + // ------------------------------------------------------------------------ + + /** + * Hexadecimal::decrypt + * + * Decrypt numbers. + * + * @param string $string String to be decrypted. + * + * @return string + */ + public function decrypt($string) + { + $hex = []; + $dec = str_split($string, 5); + + foreach ($dec as $char) { + $hex[] = str_pad(dechex($char), 4, '0', STR_PAD_LEFT); + } + + return implode('', $hex); + } + + // ------------------------------------------------------------------------ + + /** + * Hexadecimal::setKey + * + * Sets numeric encryption protection key. + * + * @param string $key Custom encryption key. + * + * @return static + */ + public function setKey($key) + { + $this->crypt->setKey($key); + + return $this; + } +} \ No newline at end of file diff --git a/src/Form/Validator.php b/src/Form/Validator.php index fee4a75..17fb5d8 100644 --- a/src/Form/Validator.php +++ b/src/Form/Validator.php @@ -360,12 +360,14 @@ protected function processRules(string $field, string $label = null, $value, $ru if ( ! $callable && preg_match('/(.*?)\[(.*)\]/', $rule, $match)) { $rule = $match[ 1 ]; - $params = $match[ 2 ]; + if (is_array($match[ 2 ])) { + $params = array_merge([$value], $match[ 2 ]); + } else { + $params = [$value, $match[ 2 ]]; + } } - if ($params) { - $params = array_merge([$value], $params); - } else { + if (empty($params)) { $params = [$value]; } @@ -384,8 +386,7 @@ protected function processRules(string $field, string $label = null, $value, $ru $error = $this->customErrors[ $field ][ $rule ]; } - $this->errors[ $field ] = is_null($error) ? $this->getErrorMessage($rule, $field, $label, - $params) : $error; + $this->errors[ $field ] = is_null($error) ? $this->getErrorMessage($rule, $field, $label, $value) : $error; return false; } @@ -443,11 +444,11 @@ public function getError(string $field = null): string * @param string $rule * @param string $field * @param string|null $label - * @param string $param + * @param string $value * * @return string */ - protected function getErrorMessage(string $rule, string $field, string $label = null, string $param = null): string + protected function getErrorMessage(string $rule, string $field, string $label = null, string $value = null): string { // Check if custom message has been defined by user if (isset($this->customErrors[ $field ][ $rule ])) { @@ -460,7 +461,7 @@ protected function getErrorMessage(string $rule, string $field, string $label = } $message = str_replace('{field}', $label ?? $field, $message); - $message = str_replace('{param}', $this->rules[ $param ][ 'label' ] ?? $param, $message); + $message = str_replace('{value}', $value ?? null, $message); return $message; }