Refactoring User authentication

2025-05-06 10:03:55 +02:00 · 2023-05-21 18:16:46 +02:00 · 2023-05-21 18:16:46 +02:00 · 1417cdf066
commit 1417cdf066
parent 9f05df5951
3 changed files with 119 additions and 31 deletions
--- a/app/Helpers/User.php
+++ b/app/Helpers/User.php
@ -0,0 +1,86 @@
+<?php
+
+namespace App\Helpers;
+
+use Exception;
+use Illuminate\Support\Facades\Hash;
+use Illuminate\Support\Facades\Storage;
+
+class User {
+
+	static function isLogged():Bool {
+		// Checking credentials auth
+		if (session()->get('authenticated', false) === true && session()->has('username')) {
+			// If user still exists
+			try {
+				self::getUserDetails(session()->get('username'));
+				return true;
+			}
+			catch (Exception $e) {}
+		}
+		return false;
+	}
+
+	static function loginUser(String $username, String $password):Bool {
+		try {
+			// Checking user existence
+			$user = self::getUserDetails($username);
+
+			// Checking password
+			if (true !== Hash::check($password, $user['password'])) {
+				throw new Exception('Invalid password');
+			}
+
+			// OK, user's credentials are OK
+			session()->put('username', $username);
+			session()->put('authenticated', true);
+			return true;
+		}
+		catch (Exception $e) {
+			throw $e;
+		}
+	}
+
+	static function getLoggedUserDetails():Array {
+		if (self::isLogged()) {
+			return self::getUserDetails(session()->get('username'));
+		}
+		throw new UnauthenticatedUser('User is not logged in');
+	}
+
+	static function getUserDetails(String $username):Array {
+
+		// Checking user existence
+		if (Storage::disk('users')->missing($username.'.json')) {
+			throw new Exception('No such user');
+		}
+
+		// Getting user.json
+		if (! $json = Storage::disk('users')->get($username.'.json')) {
+			throw new Exception('Could not fetch user details');
+		}
+
+		// Decoding JSON
+		if (! $user = json_decode($json, true)) {
+			throw new Exception('Cannot decode JSON file');
+		}
+
+		return $user;
+	}
+
+	static function setUserDetails(String $username, Array $data):Array {
+		$original = self::getUserDetails($username);
+		$updated = array_merge($original, $data);
+
+		if (Storage::disk('users')->put($username.'.json', json_encode($updated))) {
+			return $updated;
+		}
+
+		throw new Exception('Could not update user\'s details');
+	}
+}
+
+
+class UnauthenticatedUser extends Exception {}
+
+?>
--- a/app/Http/Controllers/WebController.php
+++ b/app/Http/Controllers/WebController.php
@ -2,11 +2,9 @@

 namespace App\Http\Controllers;
 use App\Helpers\Upload;
+use App\Helpers\User;
 use Exception;
 use Illuminate\Http\Request;
-use Illuminate\Support\Facades\Hash;
-use Illuminate\Support\Facades\Session;
-use Illuminate\Support\Facades\Storage;

 class WebController extends Controller
 {
@ -23,38 +21,29 @@ class WebController extends Controller
 		abort_if(! $request->ajax(), 403);

 		$request->validate([
-			'login'		=> 'required',
-			'password'	=> 'required'
+			'login'		=> 'required|alphanum|min:4|max:40',
+			'password'	=> 'required|min:5|max:100'
 		]);

 		try {
-			if (Storage::disk('users')->missing($request->login.'.json')) {
-				throw new Exception('Authentication failed');
-			}
-
-			$json = Storage::disk('users')->get($request->login.'.json');
-
-			if (! $user = json_decode($json, true)) {
-				throw new Exception('Cannot decode JSON file');
-			}
-
-			if (! Hash::check($request->password, $user['password'])) {
-				throw new Exception('Authentication failed');
-			}
-
-			$request->session()->put('login', $request->login);
-			$request->session()->put('authenticated', true);
-
+			if (true === User::loginUser($request->login, $request->password)) {
 				return response()->json([
 					'result'	=> true,
 				]);
 			}
+		}
 		catch (Exception $e) {
 			return response()->json([
 				'result'	=> false,
-				'error'		=> $e->getMessage()
-			]);
+				'error'		=> 'Authentication failed, please try again.'
+			], 403);
 		}
+
+		// This should never happen
+		return response()->json([
+			'result'	=> false,
+			'error'		=> 'Unexpected error'
+		]);
 	}

 	function newBundle(Request $request) {
@ -66,7 +55,22 @@ class WebController extends Controller
 			'owner_token'	=> 'required'
 		]);

+		$owner = null;
+		if (User::isLogged()) {
+			$user = User::getLoggedUserDetails();
+			$owner = $user['username'];
+
+			// If bundle dimension is not initialized
+			if (empty($user['bundles']) || ! is_array($user['bundles'])) {
+				$user['bundles'] = [];
+			}
+
+			array_push($user['bundles'], $request->bundle_id);
+			User::setUserDetails($user['username'], $user);
+		}
+
 		$metadata = [
+			'owner'			=> $owner,
 			'created_at'	=> time(),
 			'completed' 	=> false,
 			'expiry'		=> config('sharing.default-expiry', 86400),
--- a/app/Http/Middleware/UploadAccess.php
+++ b/app/Http/Middleware/UploadAccess.php
@ -6,6 +6,7 @@ use Closure;
 use Illuminate\Http\Request;
 use Symfony\Component\HttpFoundation\Response;
 use App\Helpers\Upload;
+use App\Helpers\User;
 use Illuminate\Support\Facades\Storage;

 class UploadAccess
@ -25,12 +26,9 @@ class UploadAccess
 		}

 		// Checking credentials auth
-		if ($request->session()->get('authenticated', false) === true && $request->session()->has('login')) {
-			// If user still exists
-			if (Storage::disk('users')->exists($request->session()->get('login').'.json')) {
+		if (User::isLogged()) {
 			return $next($request);
 		}
-		}

 		// Fallback, authentication required
 		if ($request->ajax()) {