138 lines
3.8 KiB
PHP
138 lines
3.8 KiB
PHP
<?php
|
|
namespace api;
|
|
use Firebase\JWT\JWT;
|
|
use PDO;
|
|
|
|
require_once "./config.php";
|
|
|
|
/**
|
|
* User Class
|
|
* Define all functions which either check, update or delete user data
|
|
*/
|
|
class user
|
|
{
|
|
/**
|
|
* Check if user exists and can be logged in
|
|
* @param $username string - Username
|
|
* @param $password string - Password
|
|
* @return bool - True if logged in, false if not
|
|
*/
|
|
function checkUser(string $username, string $password): bool
|
|
{
|
|
$conn = dbConn();
|
|
$stmt = $conn->prepare("SELECT * FROM users WHERE username = :username");
|
|
$stmt->bindParam(":username", $username);
|
|
$stmt->execute();
|
|
|
|
// set the resulting array to associative
|
|
$result = $stmt->fetchAll(PDO::FETCH_ASSOC);
|
|
|
|
if ($result)
|
|
{
|
|
if (password_verify($password, $result[0]["password"]))
|
|
{
|
|
return true;
|
|
}
|
|
return false;
|
|
}
|
|
return false;
|
|
}
|
|
|
|
/**
|
|
* Create a JWT token
|
|
* @param $username string - Username
|
|
* @return string - JWT token
|
|
*/
|
|
function createToken(string $username): string
|
|
{
|
|
$now = time();
|
|
$future = strtotime('+6 hour',$now);
|
|
$secretKey = getSecretKey();
|
|
$payload = [
|
|
"jti"=>$username,
|
|
"iat"=>$now,
|
|
"exp"=>$future
|
|
];
|
|
|
|
return JWT::encode($payload,$secretKey,"HS256");
|
|
}
|
|
|
|
/**
|
|
* Check if email is already in use
|
|
* @param string $email - Email to check
|
|
* @return bool - True if email exists, false if not
|
|
*/
|
|
function checkEmail(string $email): bool
|
|
{
|
|
$conn = dbConn();
|
|
$stmt = $conn->prepare("SELECT * FROM users WHERE email = :email");
|
|
$stmt->bindParam(":email", $email);
|
|
$stmt->execute();
|
|
|
|
// set the resulting array to associative
|
|
$result = $stmt->fetchAll(PDO::FETCH_ASSOC);
|
|
|
|
if ($result)
|
|
{
|
|
return true;
|
|
}
|
|
return false;
|
|
}
|
|
|
|
/**
|
|
* Send a verification email to the user
|
|
* @param $email - email address of the user
|
|
* @return string - verification code
|
|
*/
|
|
function sendResetEmail($email): string
|
|
{
|
|
//generate a random token and email the address
|
|
$token = uniqid("rpe-");
|
|
$headers1 = "From: noreply@rohitpai.co.uk\r\n";
|
|
$headers1 .= "MIME-Version: 1.0\r\n";
|
|
$headers1 .= "Content-Type: text/html; charset=UTF-8\r\n";
|
|
|
|
$message = "
|
|
<!doctype html>
|
|
<html lang='en'>
|
|
<head>
|
|
<meta charset='UTF-8'>
|
|
<meta name='viewport' content='width=device-width, user-scalable=no, initial-scale=1.0, maximum-scale=1.0, minimum-scale=1.0'>
|
|
<meta http-equiv='X-UA-Compatible' content='ie=edge'>
|
|
<title>Document</title>
|
|
</head>
|
|
<body>
|
|
<h1>Reset Password Verification Code</h1>
|
|
<br>
|
|
<p>Please enter the following code to reset your password: $token</p>
|
|
</body>
|
|
</html>
|
|
";
|
|
|
|
mail($email, "Reset Password Verification Code", $message, $headers1);
|
|
return $token;
|
|
}
|
|
|
|
/**
|
|
* Change password for an email with new password
|
|
* @param $email string Email
|
|
* @param $password string Password
|
|
* @return bool - true if the password was changed, false if not
|
|
*/
|
|
function changePassword(string $email, string $password): bool
|
|
{
|
|
$conn = dbConn();
|
|
$stmt = $conn->prepare("UPDATE users SET password = :password WHERE email = :email");
|
|
$newPwd = password_hash($password, PASSWORD_BCRYPT);
|
|
$stmt->bindParam(":password", $newPwd);
|
|
$stmt->bindParam(":email", $email);
|
|
|
|
if ($stmt->execute())
|
|
{
|
|
return true;
|
|
}
|
|
return false;
|
|
}
|
|
|
|
|
|
} |