60 lines
1.6 KiB
PHP
60 lines
1.6 KiB
PHP
<?php
|
|
declare(strict_types=1);
|
|
|
|
namespace Model;
|
|
|
|
use Controller\Sql;
|
|
|
|
class Session
|
|
{
|
|
public ?string $tokenHash = null;
|
|
public ?string $newSessid = null;
|
|
public ?User $user = null;
|
|
|
|
public static function create(User $user): Session
|
|
{
|
|
$sessid = bin2hex(random_bytes(32));
|
|
$sessidHash = hash('sha256', $sessid);
|
|
|
|
$sql = Sql::connection();
|
|
$stmt = $sql->prepare('INSERT INTO session (token, user) VALUES (UNHEX(?), ?)');
|
|
$stmt->execute([$sessidHash, $user->id]);
|
|
|
|
$session = new self();
|
|
$session->newSessid = $sessid;
|
|
$session->user = $user;
|
|
return $session;
|
|
}
|
|
|
|
public static function load(): ?self
|
|
{
|
|
if (!isset($_COOKIE['sessid'])) {
|
|
return null;
|
|
}
|
|
$sessidHash = hash('sha256', $_COOKIE['sessid']);
|
|
|
|
$sql = Sql::connection();
|
|
$stmt = $sql->prepare(
|
|
'SELECT user.id, user.name, user.admin FROM session
|
|
JOIN user ON session.user = user.id
|
|
WHERE token = UNHEX(?)'
|
|
);
|
|
$stmt->execute([$sessidHash]);
|
|
if ($row = $stmt->fetch(\PDO::FETCH_ASSOC)) {
|
|
$session = new Session();
|
|
$session->tokenHash = $sessidHash;
|
|
$session->user = new User($row['id'], $row['name'], null, (bool) $row['admin']);
|
|
return $session;
|
|
}
|
|
|
|
return null;
|
|
}
|
|
|
|
public function destroy(): void
|
|
{
|
|
$sql = Sql::connection();
|
|
$stmt = $sql->prepare('DELETE FROM session WHERE token = UNHEX(?)');
|
|
$stmt->execute([$this->tokenHash]);
|
|
}
|
|
}
|