. */ namespace SP\Providers\Auth\Database; use Exception; use SP\Core\Crypt\Hash; use SP\DataModel\UserLoginData; use SP\Providers\Auth\AuthInterface; use SP\Services\User\UserLoginResponse; use SP\Services\User\UserPassService; use SP\Services\User\UserService; /** * Class Database * * Autentificación basada en base de datos * * @package SP\Providers\Auth\Database */ final class Database implements AuthInterface { /** * @var UserLoginData $userLoginData */ protected $userLoginData; /** * @var UserService */ private $userService; /** * @var UserPassService */ private $userPassService; /** * Database constructor. * * @param UserService $userService * @param UserPassService $userPassService */ public function __construct(UserService $userService, UserPassService $userPassService) { $this->userService = $userService; $this->userPassService = $userPassService; } /** * Autentificar al usuario * * @param UserLoginData $userLoginData Datos del usuario * * @return DatabaseAuthData */ public function authenticate(UserLoginData $userLoginData) { $this->userLoginData = $userLoginData; $authData = new DatabaseAuthData(); $authData->setAuthoritative($this->isAuthGranted()); $authData->setAuthenticated($this->authUser()); return $authData; } /** * Indica si es requerida para acceder a la aplicación * * @return boolean */ public function isAuthGranted(): bool { return true; } /** * Autentificación de usuarios con BD. * * Esta función comprueba la clave del usuario. Si el usuario necesita ser migrado desde phpPMS, * se ejecuta el proceso para actualizar la clave. * * @return bool */ protected function authUser(): bool { try { $userLoginResponse = UserService::mapUserLoginResponse($this->userService->getByLogin($this->userLoginData->getLoginUser())); $this->userLoginData->setUserLoginResponse($userLoginResponse); if ($userLoginResponse->getIsMigrate() && $this->checkMigrateUser($userLoginResponse) ) { $this->userPassService->migrateUserPassById($userLoginResponse->getId(), $this->userLoginData->getLoginPass()); return true; } return Hash::checkHashKey($this->userLoginData->getLoginPass(), $userLoginResponse->getPass()); } catch (Exception $e) { processException($e); } return false; } /** * @param UserLoginResponse $userLoginResponse * * @return bool */ protected function checkMigrateUser(UserLoginResponse $userLoginResponse): bool { return ($userLoginResponse->getPass() === sha1($userLoginResponse->getHashSalt() . $this->userLoginData->getLoginPass()) || $userLoginResponse->getPass() === md5($this->userLoginData->getLoginPass()) || hash_equals($userLoginResponse->getPass(), crypt($this->userLoginData->getLoginPass(), $userLoginResponse->getHashSalt())) || Hash::checkHashKey($this->userLoginData->getLoginPass(), $userLoginResponse->getPass())); } }