1 files changed, 69 insertions, 71 deletions

diff --git a/src/web/helpers/auth.php b/src/web/helpers/auth.php
index 9228706..187f556 100644
--- a/src/web/helpers/auth.php
+++ b/src/web/helpers/auth.php
@@ -1,85 +1,83 @@
 <?php /* Copyright (c) 2024 Freya Murphy */
 
-$keys = array();
+class AuthHelper {
 
-function get_cookie() {
-	$cookie_name = 'X-LDAP-Auth-Key';
-	if(isset($_COOKIE[$cookie_name])) {
-		return $_COOKIE[$cookie_name];
-	} else {
-		return FALSE;
-	}
-}
-
-function store_cookie($key) {
-	$cookie_name = 'X-LDAP-Auth-Key';
-	$cookie_options = array (
-         'expires' => time() + 60*60*24*30,
-         'path' => '/',
-		 'domain' => getenv("COOKIE_DOMAIN"),
-		 'secure' => true,
-		 'httponly' => true,
-		 'samesite' => 'None'
-    );
-	setcookie(
-		$cookie_name,
-		$key,
-		$cookie_options
-	);
-}
+	private $session_lifetime_seconds;
 
-function load_key($key) {
-	$file = "/tmp/$key";
-	if (!file_exists($file))
-		return FALSE;
-	$content = explode("\n", file_get_contents($file));
-	return array(
-		'user' => $content[0],
-		'time' => $content[1]
-	);
-}
+	function __construct() {
+		$this->session_lifetime_seconds = 60 * 60 * 24 * 3;
+	}
 
-function store_key($key, $user) {
-	$file = "/tmp/$key";
-	$now = (string)time();
-	$content = "$user\n{$now}";
-	file_put_contents($file, $content, LOCK_EX);
-}
+	/**
+	 * Generate a random token
+	 * @param int $length
+	 */
+	private function gen_token(int $length): string {
+	    $characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
+	    $random = '';
 
-function get_random($n)
-{
-    $characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
-    $randomString = '';
+	    for ($i = 0; $i < $length; $i++) {
+	        $index = rand(0, strlen($characters) - 1);
+	        $random .= $characters[$index];
+	    }
 
-    for ($i = 0; $i < $n; $i++) {
-        $index = rand(0, strlen($characters) - 1);
-        $randomString .= $characters[$index];
-    }
+	    return $random;
+	}
 
-    return $randomString;
-}
+	/**
+	 * Saves a user into the session specified by their auth key
+	 * @param Session $session - the session user data
+	 */
+	public function save_session(Session $session): void {
+		$path = "/tmp/{$session->token}";
+		$data = json_encode($session->to_array());
+		file_put_contents($path, $data, LOCK_EX);
+	}
 
-function key_auth() {
-	$key = get_cookie();
-	if ($key === FALSE) {
-		return FALSE;
+	/**
+	 * Loads the auth session associated with a specific key
+	 * @param string $token - the session $key
+	 */
+	private function load_session(string $token): ?Session {
+		try {
+			$path = "/tmp/$token";
+			if (!file_exists($path)) {
+				return NULL;
+			}
+			$content = file_get_contents($path);
+			$json = json_decode($content, TRUE);
+			$session = new Session();
+			if ($session->from_array($json))
+				return NULL;
+			return $session;
+		} catch (Exception $e) {
+			return NULL;
+		}
 	}
-	$data = load_key($key);
-	if ($data === FALSE) {
-		return FALSE;
+
+	/**
+	 * Creates a new session for a user
+	 */
+	public function create_session(User $user): Session {
+		$session = new Session();
+		$session->token = $this->gen_token(128);
+		$session->created = time();
+		$session->user = $user;
+		$session->reset_expiry();
+		$this->save_session($session);
+		return $session;
 	}
-	$user = $data['user'];
-	$time = $data['time'];
-	$now = time();
-	if ($time > $now || $now - $time > 60 * 60 * 24) {
-		return FALSE;
+
+	/**
+	 * Gets the current authed session
+	 */
+	public function get_session(): ?Session {
+		$cookie_name = getenv("COOKIE_NAME");
+		if(!isset($_COOKIE[$cookie_name])) {
+			return NULL;
+		}
+		$token = $_COOKIE[$cookie_name];
+		return $this->load_session($token);
 	}
-	store_key($key, $user);
-	return  $user;
-}
 
-function key_new($user) {
-	$key = get_random(128);
-	store_key($key, $user);
-	store_cookie($key);
 }