. */ namespace SP\Providers\Auth\Database; use Exception; use SP\Core\Crypt\Hash; use SP\DataModel\UserLoginData; use SP\Domain\User\Ports\UserPassServiceInterface; use SP\Domain\User\Ports\UserServiceInterface; use SP\Domain\User\Services\UserLoginResponse; use SP\Domain\User\Services\UserService; use function SP\processException; /** * Class Database * * Autentificación basada en base de datos * * @package SP\Providers\Auth\Database */ final class DatabaseAuth implements DatabaseAuthInterface { public function __construct( private readonly UserServiceInterface $userService, private readonly UserPassServiceInterface $userPassService ) { } /** * Authenticate using user's data * * @param UserLoginData $userLoginData * @return DatabaseAuthData */ public function authenticate(UserLoginData $userLoginData): DatabaseAuthData { $authData = new DatabaseAuthData($this->isAuthGranted()); return $this->authUser($userLoginData) ? $authData->success() : $authData->fail(); } /** * Indica si es requerida para acceder a la aplicación * * @return bool */ public function isAuthGranted(): bool { return true; } protected function authUser(UserLoginData $userLoginData): bool { try { $userLoginResponse = UserService::mapUserLoginResponse($this->userService->getByLogin($userLoginData->getLoginUser())); $userLoginData->setUserLoginResponse($userLoginResponse); if ($userLoginResponse->getIsMigrate() && $this->checkMigrateUser($userLoginResponse, $userLoginData) ) { $this->userPassService->migrateUserPassById( $userLoginResponse->getId(), $userLoginData->getLoginPass() ); return true; } return Hash::checkHashKey($userLoginData->getLoginPass(), $userLoginResponse->getPass()); } catch (Exception $e) { processException($e); } return false; } protected function checkMigrateUser(UserLoginResponse $userLoginResponse, UserLoginData $userLoginData): bool { $passHashSha = sha1($userLoginResponse->getHashSalt() . $userLoginData->getLoginPass()); return ($userLoginResponse->getPass() === $passHashSha || $userLoginResponse->getPass() === md5($userLoginData->getLoginPass()) || hash_equals( $userLoginResponse->getPass(), crypt($userLoginData->getLoginPass(), $userLoginResponse->getHashSalt()) ) || Hash::checkHashKey($userLoginData->getLoginPass(), $userLoginResponse->getPass())); } }