Gydo194 · November 16, 2017 17:25
diff --git a/Auth demo.php b/Auth demo.php
 <?php

 defined("AUTH_SESSION_VAR_NAME") || define("AUTH_SESSION_VAR_NAME", "user");


 if (!isset($_REQUEST["nosess"]))
    session_start();

 class Auth {
    /*
     * The Authenticator v3.0 by Gydo194
     * Date: 1611171716
     * Author: Gydo194
     * Description: Simple and efficient authentication mechanism with both session and sessionless mode support.
     */

    /**
     *  The user's username
     * @var string username
     */
    private static $username = "";

    /**
     *
     * @var type string the user's password
     */
    private static $password = "";

    /**
     * Dual purpose; both serves as the user's access level and as an 
     * indicator whether the user is logged in.
     * 
     * @var int the user's access level
     */
    private static $accessLevel = 0;

    //getters

    public static function getUserName(): string {
        return self::$username;
    }

    public static function getPassword(): string {
        return self::$password;
    }

    public static function getAccessLevel(): int {
        return self::$accessLevel;
    }

    //no public setters on purpose.
    //these vars have to be set by the authentication mechanism itself.

    private static function setUserName(string $user) {
        self::$username = $user;
    }

    private static function setPassword(string $pass) {
        self::$password = $pass;
    }

    private static function setAccessLevel(int $accessLevel) {
        self::$accessLevel = $accessLevel;
    }

    //state getters
    public static function isLoggedIn(): bool {
        return self::$accessLevel > 0 ? true : false;
    }
    
    
    
    
    

    /**
     * Gets a request parameter value
     * 
     * @param string $param the parameter to get
     * @return string the value of the parameter, "" if not set.
     */
    private static function getRequestParameter(string $param): string {
        switch ($_SERVER["REQUEST_METHOD"]) {
            case "GET":
                if (isset($_GET[$param]))
                    return filter_input(INPUT_GET, $param);
                else
                    return "";
                break;
            case "POST":
                if (isset($_POST[$param]))
                    return filter_input(INPUT_POST, $param);
                else
                    return "";
                break;
        }
        return "";
    }

    

    //session login handling functions
    
    /**
     * check if the session hold user data.
     * @return bool
     */
    private static function hasSessionLogin(): bool {
        if (session_id()) {
            if (isset($_SESSION[AUTH_SESSION_VAR_NAME]["access"])) {
                if ($_SESSION[AUTH_SESSION_VAR_NAME] > 0)
                    return true;
            }
        }
        return false;
    }
    
  
    private static function getSessionLogin(): void {
        if(!session_id()) return;
        self::setUserName($_SESSION[AUTH_SESSION_VAR_NAME]["user"]);
        self::setPassword($_SESSION[AUTH_SESSION_VAR_NAME]["pass"]);
        self::setAccessLevel($_SESSION[AUTH_SESSION_VAR_NAME]["access"]);
    }
    
    private static function saveSessionLogin(): void {
        if(!session_id()) return;
        $_SESSION[AUTH_SESSION_VAR_NAME]["user"] = self::getUserName();
        $_SESSION[AUTH_SESSION_VAR_NAME]["pass"] = self::getPassword();
        $_SESSION[AUTH_SESSION_VAR_NAME]["access"] = self::getAccessLevel();
    }
    
    
    
    
    
    //credential validating

    private static function validateCredentials(string $user, string $pass): bool {
        //function to be extended
        if ($user === "ADMIN" && $pass === "admin") {
            self::setAccessLevel(2);
            return true;
        }

        if ($user === "USER" && $pass === "user") {
            self::setAccessLevel(1);
            return true;
        }

        return false;
    }
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
     public static function login(string $user, string $pass): void {
        if (self::validateCredentials($user, $pass)) {
            self::setUserName($user);
            self::setPassword($pass);
        }
    }
    
    
    
    
    
    public static function autoLogin(): void {
        if(self::hasSessionLogin()) { self::getSessionLogin(); return; } 
        //nope no session login
        $user = self::getRequestParameter("user");
        $pass = self::getRequestParameter("pass");
        if (self::validateCredentials($user, $pass)) {
            self::setUserName($user);
            self::setPassword($pass);
            self::saveSessionLogin(); //save login to session
        }        
    }

    
    

 }

 /*
 * TESTING
 */


 /*
  echo Auth::isLoggedIn() ? "true" : "false";
  echo "<br>Logging in<br>";
 */

 Auth::autoLogin(); // <-- login using ONE function call!!



 $access = Auth::getAccessLevel();
 $user = Auth::getUserName();
 $pass = Auth::getPassword();
 $login = Auth::isLoggedIn();

 if ($login) {
    echo "Welcome, <b>$user</b>! Your access level is <b>$access</b>, and your password is <b>$pass</b>.<br>";
 } else {
    echo "Nope that doesn't work.<br>";
 }
	<?php

	defined("AUTH_SESSION_VAR_NAME") \|\| define("AUTH_SESSION_VAR_NAME", "user");


	if (!isset($_REQUEST["nosess"]))
	session_start();

	class Auth {
	/*
	* The Authenticator v3.0 by Gydo194
	* Date: 1611171716
	* Author: Gydo194
	* Description: Simple and efficient authentication mechanism with both session and sessionless mode support.
	*/

	/**
	* The user's username
	* @var string username
	*/
	private static $username = "";

	/**
	*
	* @var type string the user's password
	*/
	private static $password = "";

	/**
	* Dual purpose; both serves as the user's access level and as an
	* indicator whether the user is logged in.
	*
	* @var int the user's access level
	*/
	private static $accessLevel = 0;

	//getters

	public static function getUserName(): string {
	return self::$username;
	}

	public static function getPassword(): string {
	return self::$password;
	}

	public static function getAccessLevel(): int {
	return self::$accessLevel;
	}

	//no public setters on purpose.
	//these vars have to be set by the authentication mechanism itself.

	private static function setUserName(string $user) {
	self::$username = $user;
	}

	private static function setPassword(string $pass) {
	self::$password = $pass;
	}

	private static function setAccessLevel(int $accessLevel) {
	self::$accessLevel = $accessLevel;
	}

	//state getters
	public static function isLoggedIn(): bool {
	return self::$accessLevel > 0 ? true : false;
	}






	/**
	* Gets a request parameter value
	*
	* @param string $param the parameter to get
	* @return string the value of the parameter, "" if not set.
	*/
	private static function getRequestParameter(string $param): string {
	switch ($_SERVER["REQUEST_METHOD"]) {
	case "GET":
	if (isset($_GET[$param]))
	return filter_input(INPUT_GET, $param);
	else
	return "";
	break;
	case "POST":
	if (isset($_POST[$param]))
	return filter_input(INPUT_POST, $param);
	else
	return "";
	break;
	}
	return "";
	}



	//session login handling functions

	/**
	* check if the session hold user data.
	* @return bool
	*/
	private static function hasSessionLogin(): bool {
	if (session_id()) {
	if (isset($_SESSION[AUTH_SESSION_VAR_NAME]["access"])) {
	if ($_SESSION[AUTH_SESSION_VAR_NAME] > 0)
	return true;
	}
	}
	return false;
	}


	private static function getSessionLogin(): void {
	if(!session_id()) return;
	self::setUserName($_SESSION[AUTH_SESSION_VAR_NAME]["user"]);
	self::setPassword($_SESSION[AUTH_SESSION_VAR_NAME]["pass"]);
	self::setAccessLevel($_SESSION[AUTH_SESSION_VAR_NAME]["access"]);
	}

	private static function saveSessionLogin(): void {
	if(!session_id()) return;
	$_SESSION[AUTH_SESSION_VAR_NAME]["user"] = self::getUserName();
	$_SESSION[AUTH_SESSION_VAR_NAME]["pass"] = self::getPassword();
	$_SESSION[AUTH_SESSION_VAR_NAME]["access"] = self::getAccessLevel();
	}





	//credential validating

	private static function validateCredentials(string $user, string $pass): bool {
	//function to be extended
	if ($user === "ADMIN" && $pass === "admin") {
	self::setAccessLevel(2);
	return true;
	}

	if ($user === "USER" && $pass === "user") {
	self::setAccessLevel(1);
	return true;
	}

	return false;
	}
















	public static function login(string $user, string $pass): void {
	if (self::validateCredentials($user, $pass)) {
	self::setUserName($user);
	self::setPassword($pass);
	}
	}





	public static function autoLogin(): void {
	if(self::hasSessionLogin()) { self::getSessionLogin(); return; }
	//nope no session login
	$user = self::getRequestParameter("user");
	$pass = self::getRequestParameter("pass");
	if (self::validateCredentials($user, $pass)) {
	self::setUserName($user);
	self::setPassword($pass);
	self::saveSessionLogin(); //save login to session
	}
	}




	}

	/*
	* TESTING
	*/


	/*
	echo Auth::isLoggedIn() ? "true" : "false";
	echo "<br>Logging in<br>";
	*/

	Auth::autoLogin(); // <-- login using ONE function call!!



	$access = Auth::getAccessLevel();
	$user = Auth::getUserName();
	$pass = Auth::getPassword();
	$login = Auth::isLoggedIn();

	if ($login) {
	echo "Welcome, <b>$user</b>! Your access level is <b>$access</b>, and your password is <b>$pass</b>.<br>";
	} else {
	echo "Nope that doesn't work.<br>";
	}