Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
P
projet-cdaw
Project
Project
Details
Activity
Releases
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
1
Issues
1
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
Quentin Vrel
projet-cdaw
Commits
309e903b
Commit
309e903b
authored
Dec 03, 2020
by
Zohten
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
refactoring
parent
2deefeeb
Changes
2
Hide whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
34 additions
and
24 deletions
+34
-24
Controller.class.php
BackEnd/src/controller/Controller.class.php
+34
-0
UserController.class.php
BackEnd/src/controller/UserController.class.php
+0
-24
No files found.
BackEnd/src/controller/Controller.class.php
View file @
309e903b
...
...
@@ -40,4 +40,38 @@ abstract class Controller
}
return
$response
;
}
/**
* Authentificate a user if he has the same id as the one in token, bypassed by admin
*
* @param int $id id of the User
* @return Response
*/
public
function
authUser
(
$id
,
$perm
=
'user&admin'
){
// Token phase
$verifyArray
=
$this
->
request
->
verifyJwtToken
();
if
(
$verifyArray
[
'message'
]
!==
"Valid token."
)
{
$message
=
json_encode
(
$verifyArray
[
'error'
]);
return
Response
::
unauthorizedResponse
(
$message
);
}
// Auth phase
$data
=
$verifyArray
[
'decodedJWT'
]
->
data
;
switch
(
$perm
)
{
case
'user&admin'
:
if
((
$data
->
id
!=
$id
)
&&
(
$data
->
role
!=
2
))
{
$message
=
json_encode
([
"message"
=>
"You don't have access to this ressource."
]);
return
Response
::
unauthorizedResponse
(
$message
);
}
case
'admin'
:
if
((
$data
->
role
!=
2
))
{
$message
=
json_encode
([
"message"
=>
"You are not admin."
]);
return
Response
::
unauthorizedResponse
(
$message
);
}
case
'validtoken'
:
break
;
}
$message
=
json_encode
([
"message"
=>
"Authentified."
]);
return
Response
::
okResponse
(
$message
);
}
}
BackEnd/src/controller/UserController.class.php
View file @
309e903b
...
...
@@ -47,30 +47,6 @@ class UserController extends Controller
return
Response
::
errorResponse
(
$message
);
}
/**
* Authentificate a user if he has the same id as the one in token, bypassed by admin
*
* @param int $id id of the User
* @return Response
*/
public
function
authUser
(
$id
){
// Token phase
$verifyArray
=
$this
->
request
->
verifyJwtToken
();
if
(
$verifyArray
[
'message'
]
!==
"Valid token."
)
{
$message
=
json_encode
(
$verifyArray
[
'error'
]);
return
Response
::
unauthorizedResponse
(
$message
);
}
// Auth phase
$data
=
$verifyArray
[
'decodedJWT'
]
->
data
;
if
((
$data
->
id
!=
$id
)
&&
(
$data
->
role
!=
2
))
{
$message
=
json_encode
([
"message"
=>
"You don't have access to this account."
]);
return
Response
::
unauthorizedResponse
(
$message
);
}
$message
=
json_encode
([
"message"
=>
"Authentified."
]);
return
Response
::
okResponse
(
$message
);
}
/**
* (GET) Get all users in USER table
*
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment