more auth shit

This commit is contained in:
flash 2015-04-08 19:27:51 +00:00
parent 9fc133aeb0
commit b7377f1446
4 changed files with 86 additions and 13 deletions

View file

@ -52,6 +52,53 @@ class Users {
}
// Log a user in
public static function login($username, $password) {
// Check if the user that's trying to log in actually exists
if(!$uid = self::userExists($username, false))
return [0, 'USER_NOT_EXIST'];
// Get account data
$userData = self::getUser($uid);
// Validate password
if($userData['password_algo'] == 'legacy') { // Shitty legacy method of sha512(strrev(sha512()))
if(Main::legacyPasswordHash($password) != $userData['password_hash'])
return [0, 'INCORRECT_PASSWORD'];
} else { // Dank ass PBKDF2 hashing
if(!Hashing::validate_password($password, [
$userData['password_algo'],
$userData['password_iter'],
$userData['password_salt'],
$userData['password_hash']
]))
return [0, 'INCORRECT_PASSWORD'];
}
// Successful login! (also has a thing for the legacy password system)
return [1, ($userData['password_algo'] == 'legacy' ? 'LEGACY_SUCCESS' : 'LOGIN_SUCESS')];
}
// Check if a user exists
public static function userExists($user, $id = true) {
// Clean string
$user = Main::cleanString($user, true);
// Do database request
$user = Database::fetch('users', true, [($id ? 'id' : 'username_clean') => [$user, '=']]);
// Return count (which would return 0, aka false, if nothing was found)
return count($user) ? $user[0]['id'] : false;
}
// Get user data by id
public static function getUser($id) {

View file

@ -5,10 +5,10 @@
<meta charset="{{ sakura.charset }}" />
<title>{{ page.title }}</title>
<meta name="description" content="Any community that gets its laughs by pretending to be idiots will eventually be flooded by actual idiots who mistakenly believe that they're in good company. Welcome to Flashii." />
<meta name="keywords" content="Flashii, Media, Flashwave, Murasaki, Misaka, Circle, Zeniea, MalwareUp, Cybernetics, Saibateku, Community" />
<meta name="keywords" content="Flashii, Media, Flashwave,Circle, Zeniea, MalwareUp, Cybernetics, Saibateku, Community" />
<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no" />
{% if page.redirect %}
<meta http-equiv="refresh" content="5; URL={{ page.redirect }}" />
<meta http-equiv="refresh" content="3; URL={{ page.redirect }}" />
{% endif %}
<!-- CSS -->
<link rel="stylesheet" type="text/css" href="//{{ sakura.urls.content }}/global.css" />

View file

@ -18,24 +18,50 @@ if(
switch($_REQUEST['mode']) {
// Login processing
case 'login':
case 'register':
case 'forgotpassword':
// Add page specific things
$renderData['page'] = [
'title' => 'auth test',
'title' => 'Login',
'redirect' => $_SERVER['PHP_SELF'],
'message' => 'meow meow meow meow meow meow meow meow meow meow meow meow'
'message' => 'what'
];
break;
// Registration processing
case 'register':
// Add page specific things
$renderData['page'] = [
'title' => 'Register on Flashii',
'redirect' => $_SERVER['PHP_SELF'],
'message' => 'what'
];
break;
// Unforgetting passwords
case 'forgotpassword':
// Add page specific things
$renderData['page'] = [
'title' => 'Forgot Password',
'redirect' => $_SERVER['PHP_SELF'],
'message' => 'what'
];
break;
}
// Print page contents
print Templates::render('errors/information.tpl', $renderData);
exit;
}
}
// Add page specific things
$renderData['page'] = [
'title' => 'Login to Flashii'