Refactored/ streamlined UserSession code
Makes it easier to tell when a user is signed in
This commit is contained in:
parent
09e9e616ec
commit
be9e69c71c
@ -235,7 +235,6 @@ Class Database{
|
|||||||
$query->execute();
|
$query->execute();
|
||||||
//Check hoeveelheid teruggestuurde rijen
|
//Check hoeveelheid teruggestuurde rijen
|
||||||
if($query->rowCount() == 1){
|
if($query->rowCount() == 1){
|
||||||
echo('session valid in db<br>');
|
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
else{
|
else{
|
||||||
@ -243,7 +242,6 @@ Class Database{
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
static function invalidateSession($token){
|
static function invalidateSession($token){
|
||||||
echo("hek");
|
|
||||||
//Init db connection
|
//Init db connection
|
||||||
$con = Database::connectToDB();
|
$con = Database::connectToDB();
|
||||||
//Bereid query voor
|
//Bereid query voor
|
||||||
|
|||||||
@ -1,15 +1,12 @@
|
|||||||
<?php
|
<?php
|
||||||
Class UserSession{
|
Class UserSession{
|
||||||
public $username = "undefined";
|
|
||||||
public $uid = -1;
|
public $uid = -1;
|
||||||
public $token = "undefined";
|
public $token = "undefined";
|
||||||
public $expires;
|
public $expires;
|
||||||
public function UserSession($username, $uid, $token = "undefined"){
|
public function UserSession($uid, $token = "undefined"){
|
||||||
$this->username = $username;
|
|
||||||
$this->uid = $uid;
|
$this->uid = $uid;
|
||||||
$this->token = $token;
|
$this->token = $token;
|
||||||
$this->setExpiry();
|
$this->setExpiry();
|
||||||
//echo($username."<br>");
|
|
||||||
//echo($loginSessionToken);
|
//echo($loginSessionToken);
|
||||||
$_SESSION['usersession'] = $this;
|
$_SESSION['usersession'] = $this;
|
||||||
setcookie('usersession', $this->token);
|
setcookie('usersession', $this->token);
|
||||||
@ -39,7 +36,6 @@ Class UserSession{
|
|||||||
public static function isSessionValid(){
|
public static function isSessionValid(){
|
||||||
if(isset($_SESSION['usersession'])){
|
if(isset($_SESSION['usersession'])){
|
||||||
if(!Database::isSessionValid($_SESSION['usersession']->token, $_SESSION['usersession']->uid)){
|
if(!Database::isSessionValid($_SESSION['usersession']->token, $_SESSION['usersession']->uid)){
|
||||||
echo('session invalid in db');
|
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
if(!UserSession::isSessionExpired($_SESSION['usersession'])){
|
if(!UserSession::isSessionExpired($_SESSION['usersession'])){
|
||||||
@ -52,8 +48,7 @@ Class UserSession{
|
|||||||
$token = $_COOKIE['usersession'];
|
$token = $_COOKIE['usersession'];
|
||||||
$uid = $_COOKIE['uid'];
|
$uid = $_COOKIE['uid'];
|
||||||
if(Database::isSessionValid($token,$uid)){
|
if(Database::isSessionValid($token,$uid)){
|
||||||
$username = Database::getUsername($uid);
|
$session = new UserSession($uid, $token);
|
||||||
$session = new UserSession($username, $uid, $token);
|
|
||||||
$session->expires = new DateTime(Database::getSessionExpiryDate($token));
|
$session->expires = new DateTime(Database::getSessionExpiryDate($token));
|
||||||
}
|
}
|
||||||
else{
|
else{
|
||||||
@ -81,6 +76,7 @@ Class UserSession{
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
public static function isUserSignedIn(){
|
public static function isUserSignedIn(){
|
||||||
|
/*
|
||||||
if(UserSession::isSessionValid()){
|
if(UserSession::isSessionValid()){
|
||||||
if(!UserSession::isSessionExpired(UserSession::getSession())){
|
if(!UserSession::isSessionExpired(UserSession::getSession())){
|
||||||
if(Database::isSessionValid(UserSession::getSession()->token, UserSession::getSession()->uid)){
|
if(Database::isSessionValid(UserSession::getSession()->token, UserSession::getSession()->uid)){
|
||||||
@ -95,11 +91,31 @@ Class UserSession{
|
|||||||
else{
|
else{
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
}
|
*/
|
||||||
public static function updateSigninState(){
|
|
||||||
if(!UserSession::isUserSignedIn()){
|
|
||||||
|
|
||||||
|
//session exists, no need to do anything
|
||||||
|
if(isset($_SESSION['usersession'])){
|
||||||
|
return true;
|
||||||
}
|
}
|
||||||
|
else{
|
||||||
|
if(isset($_COOKIE['usersession'])){
|
||||||
|
//check if the session exists in the database
|
||||||
|
if(Database::isSessionTokenInUse($_COOKIE['usersession'])){
|
||||||
|
//check if database expiration datetime is still valid
|
||||||
|
$expirationDateTime = Database::getSessionExpiryDate($_COOKIE['usersession']);
|
||||||
|
if(new DateTime($expirationDateTime) >= new DateTime()){
|
||||||
|
//user is signed in. Restore session
|
||||||
|
$userSession = new UserSession($_COOKIE['uid'], $_COOKIE['usersession']);
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
else{
|
||||||
|
Database::invalidateSession($_COOKIE['usersession']);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
//session either doesn't exist, doesn't exist in cookie, doesn't exist in database, or is expired in the database.
|
||||||
|
return false;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
?>
|
?>
|
||||||
@ -19,7 +19,7 @@ include_once("./controller/ActionHandler.php");
|
|||||||
session_start();
|
session_start();
|
||||||
//Execute Actie zo nodig.
|
//Execute Actie zo nodig.
|
||||||
ActionHandler::doAction();
|
ActionHandler::doAction();
|
||||||
UserSession::UpdateSigninState();
|
|
||||||
|
|
||||||
|
|
||||||
//Store de geselecteerde pagina in variabele $page
|
//Store de geselecteerde pagina in variabele $page
|
||||||
|
|||||||
@ -1,3 +1,4 @@
|
|||||||
<?php
|
<?php
|
||||||
session_destroy();
|
session_destroy();
|
||||||
|
session_start();
|
||||||
?>
|
?>
|
||||||
@ -1,7 +1,4 @@
|
|||||||
<?php
|
<?php
|
||||||
include_once("./controller/UserSession.php");
|
Database::invalidateSession($_COOKIE['usersession']);
|
||||||
if(UserSession::isSessionValid()){
|
|
||||||
Database::invalidateSession(UserSession::getSession()->token);
|
|
||||||
}
|
|
||||||
session_destroy();
|
session_destroy();
|
||||||
?>
|
?>
|
||||||
@ -1,7 +0,0 @@
|
|||||||
<?php
|
|
||||||
include_once("./controller/UserSession.php");
|
|
||||||
if(UserSession::isSessionValid()){
|
|
||||||
Database::invalidateSession(UserSession::getSession()->token);
|
|
||||||
session_destroy();
|
|
||||||
}
|
|
||||||
?>
|
|
||||||
@ -3,7 +3,7 @@ $debuginfo = false;
|
|||||||
include_once("./controller/UserSession.php");
|
include_once("./controller/UserSession.php");
|
||||||
include_once("./controller/Database.php");
|
include_once("./controller/Database.php");
|
||||||
include_once("./controller/HUtils.php");
|
include_once("./controller/HUtils.php");
|
||||||
if(!UserSession::isSessionValid()){
|
if(!UserSession::isUserSignedIn()){
|
||||||
if(HUtils::issetPost(['email','password'])){
|
if(HUtils::issetPost(['email','password'])){
|
||||||
if(Database::isLoginValid($_POST['email'], $_POST['password'])){
|
if(Database::isLoginValid($_POST['email'], $_POST['password'])){
|
||||||
//obtain UID
|
//obtain UID
|
||||||
@ -17,7 +17,7 @@ if(!UserSession::isSessionValid()){
|
|||||||
while(Database::isSessionTokenInUse($token)){
|
while(Database::isSessionTokenInUse($token)){
|
||||||
$token = UserSession::generateToken();
|
$token = UserSession::generateToken();
|
||||||
}
|
}
|
||||||
$a = new UserSession($username, $uid, $token);
|
$a = new UserSession($uid, $token);
|
||||||
if($debuginfo){
|
if($debuginfo){
|
||||||
echo $a->getSessionToken();
|
echo $a->getSessionToken();
|
||||||
echo "<br>";
|
echo "<br>";
|
||||||
|
|||||||
@ -4,7 +4,4 @@ if(UserSession::isUserSignedIn()){
|
|||||||
}else{
|
}else{
|
||||||
include("./view/pagecontent/header/content_header_signedout.php");
|
include("./view/pagecontent/header/content_header_signedout.php");
|
||||||
}
|
}
|
||||||
if(!UserSession::isSessionValid()){
|
|
||||||
include_once("./model/actions/model_signout.php");
|
|
||||||
}
|
|
||||||
?>
|
?>
|
||||||
@ -3,5 +3,5 @@ include_once("./controller/AssetHandler.php");
|
|||||||
AssetHandler::printAsset("logo.png", true, 128);
|
AssetHandler::printAsset("logo.png", true, 128);
|
||||||
?>
|
?>
|
||||||
<nav>
|
<nav>
|
||||||
<a href="?a=signout">log out</a> <a href="?p=">home</a> <a href="?p=create_topic">create thread</a> <a href="?p=destroy">simulate $_SESSION expiry</a>
|
<a href="?action=signout">log out</a> <a href="?p=">home</a> <a href="?p=create_topic">create thread</a> <a href="?action=destroy">simulate $_SESSION expiry</a>
|
||||||
</nav>
|
</nav>
|
||||||
Loading…
x
Reference in New Issue
Block a user