From 1acfcc3d9858ba5a46f0bc0abf5b53781466b9a1 Mon Sep 17 00:00:00 2001 From: flashwave Date: Sun, 11 Feb 2018 14:55:24 +0100 Subject: [PATCH] Some user related stuff. --- src/Controllers/AuthController.php | 48 +++++++----------------------- src/Users/Session.php | 26 ++++++++++++++++ src/Users/User.php | 30 +++++++++++++++++++ tests/UserTest.php | 18 +++++++++++ 4 files changed, 85 insertions(+), 37 deletions(-) create mode 100644 tests/UserTest.php diff --git a/src/Controllers/AuthController.php b/src/Controllers/AuthController.php index b8517e8a..ee2a3c72 100644 --- a/src/Controllers/AuthController.php +++ b/src/Controllers/AuthController.php @@ -12,6 +12,14 @@ use Misuzu\Users\Session; class AuthController extends Controller { + private const USERNAME_VALIDATION_ERRORS = [ + 'trim' => 'Your username may not start or end with spaces!', + 'short' => "Your username is too short, it has to be at least " . User::USERNAME_MIN_LENGTH . " characters!", + 'long' => "Your username is too long, it can't be longer than " . User::USERNAME_MAX_LENGTH . " characters!", + 'invalid' => 'Your username contains invalid characters.', + 'spacing' => 'Please use either underscores or spaces, not both!', + ]; + public function login() { if ($_SERVER['REQUEST_METHOD'] === 'GET') { @@ -38,14 +46,7 @@ class AuthController extends Controller return ['error' => 'Invalid username or password!']; } - $session = new Session; - $session->user_id = $user->user_id; - $session->session_ip = IP::remote(); - $session->user_agent = 'Misuzu Testing 1'; - $session->expires_on = Carbon::now()->addMonth(); - $session->session_key = bin2hex(random_bytes(32)); - $session->save(); - + $session = Session::createSession($user, 'Misuzu T1'); Application::getInstance()->setSession($session); $this->setCookie('uid', $session->user_id, 604800); $this->setCookie('sid', $session->session_key, 604800); @@ -128,12 +129,12 @@ class AuthController extends Controller } $username = $_POST['username'] ?? ''; - $username_validate = $this->validateUsername($username); + $username_validate = User::validateUsername($username); $password = $_POST['password'] ?? ''; $email = $_POST['email'] ?? ''; if ($username_validate !== '') { - return ['error' => $username_validate]; + return ['error' => self::USERNAME_VALIDATION_ERRORS[$username_validate]]; } try { @@ -183,31 +184,4 @@ class AuthController extends Controller return ''; } - - private function validateUsername(string $username): string - { - $username_length = strlen($username); - - if (($username ?? '') !== trim($username)) { - return 'Your username may not start or end with spaces!'; - } - - if ($username_length < 3) { - return "Your username is too short, it has to be at least 3 characters!"; - } - - if ($username_length > 16) { - return "Your username is too long, it can't be longer than 16 characters!"; - } - - if (strpos($username, ' ') !== false || !preg_match('#^[A-Za-z0-9-\[\]_ ]+$#u', $username)) { - return 'Your username contains invalid characters.'; - } - - if (strpos($username, '_') !== false && strpos($username, ' ') !== false) { - return 'Please use either underscores or spaces, not both!'; - } - - return ''; - } } diff --git a/src/Users/Session.php b/src/Users/Session.php index dadb6a36..153d74c5 100644 --- a/src/Users/Session.php +++ b/src/Users/Session.php @@ -9,6 +9,32 @@ class Session extends Model protected $primaryKey = 'session_id'; protected $dates = ['expires_on']; + public static function createSession( + User $user, + ?string $userAgent = null, + Carbon $expires = null, + ?string $ipAddress = null + ): Session { + $ipAddress = $ipAddress ?? IP::remote(); + $userAgent = $userAgent ?? 'Misuzu'; + $expires = $expires ?? Carbon::now()->addMonth(); + + $session = new Session; + $session->user_id = $user->user_id; + $session->session_ip = $ipAddress; + $session->user_agent = $userAgent; + $session->expires_on = $expires; + $session->session_key = self::generateKey(); + $session->save(); + + return $session; + } + + public static function generateKey(): string + { + return bin2hex(random_bytes(32)); + } + public function getSessionIpAttribute(string $ipAddress): string { return IP::pack($ipAddress); diff --git a/src/Users/User.php b/src/Users/User.php index 6de445f0..906a5460 100644 --- a/src/Users/User.php +++ b/src/Users/User.php @@ -11,6 +11,9 @@ class User extends Model private const PASSWORD_HASH_ALGO = PASSWORD_ARGON2I; + public const USERNAME_MIN_LENGTH = 3; + public const USERNAME_MAX_LENGTH = 16; + protected $primaryKey = 'user_id'; public static function createUser( @@ -33,6 +36,33 @@ class User extends Model return $user; } + public static function validateUsername(string $username): string + { + $username_length = strlen($username); + + if ($username !== trim($username)) { + return 'trim'; + } + + if ($username_length < self::USERNAME_MIN_LENGTH) { + return 'short'; + } + + if ($username_length > self::USERNAME_MAX_LENGTH) { + return 'long'; + } + + if (strpos($username, ' ') !== false || !preg_match('#^[A-Za-z0-9-\[\]_ ]+$#u', $username)) { + return 'invalid'; + } + + if (strpos($username, '_') !== false && strpos($username, ' ') !== false) { + return 'spacing'; + } + + return ''; + } + public function getRegisterIpAttribute(string $ipAddress): string { return IP::pack($ipAddress); diff --git a/tests/UserTest.php b/tests/UserTest.php new file mode 100644 index 00000000..bc30347d --- /dev/null +++ b/tests/UserTest.php @@ -0,0 +1,18 @@ +assertEquals(User::validateUsername('flashwave'), ''); + $this->assertEquals(User::validateUsername(' flash '), 'trim'); + $this->assertEquals(User::validateUsername('f'), 'short'); + $this->assertEquals(User::validateUsername('flaaaaaaaaaaaaaaaash'), 'long'); + $this->assertEquals(User::validateUsername('F|@$h'), 'invalid'); + $this->assertEquals(User::validateUsername('fl ash_wave'), 'spacing'); + } +}