Merge pull request #6 from ThomasRubini/user_entity

2023-01-16 23:00:31 +01:00 · 2023-01-16 23:00:31 +01:00 · fe30a6e7f3
commit fe30a6e7f3
parent 8ebfd5c45e 18d6298330
6 changed files with 125 additions and 0 deletions
--- a/Controllers/UserController.php
+++ b/Controllers/UserController.php
@ -0,0 +1,65 @@
+<?php
+
+final class UserController
+{
+
+    public function loginAction(Array $A_urlParams = null, Array $A_postParams = null)
+    {
+        View::show("user/login");
+    }
+
+    public function registerAction(Array $A_urlParams = null, Array $A_postParams = null)
+    {
+        View::show("user/register");
+    }
+
+    private function get_or_die($DICT, $key)
+    {
+        if (isset($DICT[$key])) return $DICT[$key];
+        else die("Key $key not present");
+    }
+
+    public function signInAction(Array $A_urlParams = null, Array $A_postParams = null)
+    {
+        $S_username = self::get_or_die($A_postParams, "username");
+        $S_password = self::get_or_die($A_postParams, "password");
+
+        $O_userModel = new UserModel();
+        if ($O_userModel->isPasswordValid($S_username, $S_password)) {
+            View::show("user/signin", array("success" => True));
+        } else {
+            View::show("user/signin", array("success" => False));
+        }
+    }
+
+    public function signUpAction(Array $A_urlParams = null, Array $A_postParams = null)
+    {
+        $S_username = self::get_or_die($A_postParams, "username");
+        $S_password = self::get_or_die($A_postParams, "password");
+
+        if ( strlen($S_username) < 4 || strlen($S_username) > 16 ) {
+            $S_errmsg = "username must be between 4 and 16 characters";
+        } else if(!ctype_alnum($S_username)) {
+            $S_errmsg = "username must be alphanumeric";
+        } else if( strlen($S_password) < 8 || strlen($S_username) > 150 ) {
+            $S_errmsg = "password must be between 8 and 150 characters";
+        }
+
+        $O_userModel = new UserModel();
+
+        if($O_userModel->isUserInDatabase($S_username)){
+            $S_errmsg = "An user with this name is already registered";
+        }
+
+        if(isset($S_errmsg)){
+            return View::show("user/signup", array("success" => False, "msg" => $S_errmsg));
+        }
+
+        $S_password_hash = password_hash($S_password, PASSWORD_DEFAULT);
+
+        $O_userModel->createUser($S_username, $S_password_hash);
+        return View::show("user/signup", array("success" => True));
+        
+        
+    }
+}
--- a/Models/UserModel.php
+++ b/Models/UserModel.php
@ -3,6 +3,38 @@
 final class UserModel
 {

+    public function createUser($S_name, $S_password_hash){
+        $O_model = Model::get();
+        $stmt = $O_model->prepare("INSERT INTO USER (NAME, PASS_HASH) VALUES(:name, :password_hash)");
+        $stmt->bindParam("name", $S_name);
+        $stmt->bindParam("password_hash", $S_password_hash);
+        $stmt->execute();
+    }
+
+    public function isUserInDatabase($S_name){
+
+        $O_model = Model::get();
+        $stmt = $O_model->prepare("SELECT count(*) FROM USER WHERE NAME=:name");
+        $stmt->bindParam("name", $S_name);
+        $stmt->execute();
+
+        return $stmt->fetch()[0] !== 0;
+    }
+
+
+    public function isPasswordValid($S_name, $S_password){
+        $O_model = Model::get();
+        $stmt = $O_model->prepare("SELECT PASS_HASH FROM USER WHERE NAME=:name");
+        $stmt->bindParam("name", $S_name);
+        $stmt->execute();
+        
+        if($stmt->rowCount()==1){
+            $row = $stmt->fetch();
+            return password_verify($S_password, $row["PASS_HASH"]);
+        }
+        return False;
+    }
+
    public function getNameByID($I_id)
    {
        $O_model = Model::get();
--- a/Views/user/login.php
+++ b/Views/user/login.php
@ -0,0 +1,5 @@
+<form action="/user/signin" method="POST">
+    <input type="text" name="username" placeholder="username"> 
+    <input type="password" name="password" placeholder="password">
+    <input type="submit" value="Se connecter">
+</form>
--- a/Views/user/register.php
+++ b/Views/user/register.php
@ -0,0 +1,5 @@
+<form action="/user/signup" method="POST">
+    <input type="text" name="username" placeholder="username"> 
+    <input type="password" name="password" placeholder="password">
+    <input type="submit" value="Créer un compte">
+</form>
--- a/Views/user/signin.php
+++ b/Views/user/signin.php
@ -0,0 +1,9 @@
+<p>
+    <?php
+    if ($A_view["success"]) {
+        echo "Authentifié avec succès !";
+    } else {
+        echo "Authentification échouée";
+    }
+    ?>
+</p>
--- a/Views/user/signup.php
+++ b/Views/user/signup.php
@ -0,0 +1,9 @@
+<p>
+    <?php
+    if ($A_view["success"]) {
+        echo "Compte créé avec succès";
+    } else {
+        echo "La création de compte à échoué. Raison : ".$A_view["msg"];
+    }
+    ?>
+</p>