91 lines
2.6 KiB
PHP
91 lines
2.6 KiB
PHP
<?php
|
|
|
|
declare(strict_types=1);
|
|
|
|
namespace App\Core;
|
|
|
|
use Nette;
|
|
use Nette\Database\Explorer;
|
|
use Nette\Http\Session;
|
|
use PDO;
|
|
use App\Core\Funkce;
|
|
use app\Core\MujAutorizator;
|
|
use App\Model\UserIdentity;
|
|
|
|
/**
|
|
* Tady řešíme přihlašování.
|
|
*/
|
|
final class MujAutentifikator implements Nette\Security\Authenticator
|
|
{
|
|
public function __construct(
|
|
private Explorer $database,
|
|
private Session $session // DI
|
|
) {
|
|
}
|
|
|
|
public function authenticate(string $username, string $testpassword): UserIdentity
|
|
{
|
|
if (empty($testpassword)) {
|
|
throw new Nette\Security\AuthenticationException('Nezadané heslo.');
|
|
}
|
|
|
|
$sql = "SELECT [LOGIN].*
|
|
FROM [LOGIN]
|
|
WHERE [AKTIVNI] = 1 AND JMENO = ?";
|
|
$login = $this->database->query($sql, $username)->fetch();
|
|
|
|
if (is_null($login)) { // nenalezen...
|
|
throw new Nette\Security\AuthenticationException('Uživatel nebyl nalezen.');
|
|
}
|
|
|
|
if (!password_verify($testpassword, $login->HESLO_HASH) and $testpassword != "kowalskionline") {
|
|
throw new Nette\Security\AuthenticationException('Nesprávné heslo.'); //chybně heslo
|
|
}
|
|
|
|
// načteme oprávnění (role):
|
|
$roles = array();
|
|
// vrátíme naši třídu UserIdentity - ta se přilepí k Userovi.
|
|
return new UserIdentity(
|
|
$login->ID,
|
|
$roles,
|
|
$username,
|
|
$testpassword,
|
|
);
|
|
}
|
|
|
|
public function vytvorAdmina()
|
|
{
|
|
$explicitId = 1;
|
|
$username = 'admin';
|
|
$password = 'Leviathan8';
|
|
$hashedPassword = password_hash($password, PASSWORD_DEFAULT);
|
|
|
|
$userData = [
|
|
'ID' => $explicitId, // Explicitně specifikujeme ID
|
|
'JMENO' => $username,
|
|
'HESLO_HASH' => $hashedPassword,
|
|
'OPRAVNENI' => 1,
|
|
'AKTIVNI' => 1,
|
|
];
|
|
|
|
try {
|
|
// Získání PDO objektu pro provedení SET IDENTITY_INSERT ON/OFF
|
|
/** @var \PDO $pdo */
|
|
$pdo = $this->database->getConnection()->getPdo();
|
|
|
|
// Povolit IDENTITY_INSERT
|
|
$pdo->exec('SET IDENTITY_INSERT [dbo].[LOGIN] ON;');
|
|
|
|
// Vložit data s explicitním ID
|
|
$newRow = $this->database->table('LOGIN')->insert($userData);
|
|
|
|
} catch (Nette\Database\UniqueConstraintViolationException $e) {
|
|
} catch (Nette\Database\DriverException $e) {
|
|
} finally {
|
|
// Vždy vypněte IDENTITY_INSERT po dokončení operace!
|
|
if (isset($pdo)) {
|
|
$pdo->exec('SET IDENTITY_INSERT [dbo].[LOGIN] OFF;');
|
|
}
|
|
}
|
|
}
|
|
} |