[feat] Added password service and security csrf

MrAnyx · MrAnyx · commit 363607ae9e3a · 2020-10-15T22:18:40.000+02:00
diff --git a/src/Foundation/AbstractController.php b/src/Foundation/AbstractController.php
@@ -61,9 +61,9 @@ public function generate(string $name, array $params = [], array $flags = []): s
      * @return void
      */
     public function createSession(array $params): void {
-        if($params === null || empty($params) || count($params) === 0){
+        if($params === null || empty($params) || empty($params)){
             throw new SessionException("createSession function requires an array, null given", 1001);
-        } else if(count($_SESSION) > 0) {
+        } else if(!empty($_SESSION)) {
             throw new SessionException('A session has already been started', 1002);
         } else {
             $_SESSION["csrf_token"] = CsrfToken::generate();
@@ -79,14 +79,27 @@ public function createSession(array $params): void {
      * @return void
      */
     public function closeSession(): void {
-        if(count($_SESSION) === 0){
+        if(empty($_SESSION) === 0){
             throw new SessionException('No session was created. $_SESSION is empty', 1003);
         } else {
             session_unset();
             session_destroy();
         }
     }
 
+    /**
+     * Return the ucrrent session
+     *
+     * @return array|null
+     */
+    public function getSession(): ?array {
+        if(empty($_SESSION)) {
+            return null;
+        } else {
+            return $_SESSION;
+        }
+    }
+
     /**
      * Redirect to a url using a specific url
      *
@@ -113,4 +126,33 @@ public function redirectRouteName(string $routeName, array $params = [], array $
         }
     }
 
+
+    /**
+     * Return a value from $_POST for a specific index
+     *
+     * @param string $index
+     * @return mixed|null
+     */
+    public function post(string $index){
+        return isset($_POST[$index]) ? $_POST[$index] : null; 
+    }
+
+    /**
+     * Return a value from $_GET for a specific index
+     *
+     * @param string $index
+     * @return mixed|null
+     */
+    public function get(string $index) {
+        if(isset($_GET[$index])){
+            if(is_numeric($_GET[$index])){
+                return (int) $_GET[$index];
+            } else {
+                return $_GET[$index];
+            }
+        } else {
+            return null;
+        }
+    }
+
 }
diff --git a/src/Foundation/Twig.php b/src/Foundation/Twig.php
@@ -3,13 +3,15 @@
 namespace TimePHP\Foundation;
 
 use Closure;
+use Twig\Markup;
 use Twig\TwigFilter;
 use Twig\Environment;
 use Twig\TwigFunction;
 use Twig\Loader\FilesystemLoader;
 use TimePHP\Exception\TwigException;
 
-class Twig {
+class Twig
+{
 
    /**
     * Twig variable
@@ -23,7 +25,8 @@ class Twig {
     *
     * @param array $options
     */
-   public function __construct(array $options) {
+   public function __construct(array $options)
+   {
 
       $this->twig = new Environment(new FilesystemLoader(__DIR__ . "/../../../../../App/Bundle/Views"));
 
@@ -36,7 +39,9 @@ public function __construct(array $options) {
       $this->twig->addFunction(new TwigFunction('generate', function (string $nameUrl, array $params = [], array $flags = []): string {
          return sprintf(Router::generate($nameUrl, $params, $flags));
       }));
-
+      $this->twig->addFunction(new TwigFunction('provideCsrf', function (string $csrfInputName = "csrf_token"): string {
+         return !empty($_SESSION) ? new Markup("<input type=\"hidden\" name=\"$csrfInputName\" value\"".$_SESSION["csrf_token"]."\"/>", "utf-8") : "";
+      }, ['is_safe' => ['html']]));
       $this->twig->addFunction(new TwigFunction('dump', function ($object): string {
          ob_start();
          dump($object);
@@ -48,40 +53,41 @@ public function __construct(array $options) {
          $name = $function["name"];
 
          if (array_key_exists("function", $function) && is_object($function["function"])) {
-            if($function["type"] === "function") {
+            if ($function["type"] === "function") {
                $this->twig->addFunction(new TwigFunction($name, $function["function"]));
-            } elseif($function["type"] === "filter") {
+            } elseif ($function["type"] === "filter") {
                $this->twig->addFilter(new TwigFilter($name, $function["function"]));
             }
          } else if (array_key_exists("class", $function) && array_key_exists("function", $function) && is_callable([new $function["class"], $function["function"]])) {
             $callable = Closure::fromCallable([new $function["class"], $function["function"]]);
-            if($function["type"] === "function") {
+            if ($function["type"] === "function") {
                $this->twig->addFunction(new TwigFunction($name, $callable));
-            } elseif($function["type"] === "filter") {
+            } elseif ($function["type"] === "filter") {
                $this->twig->addFilter(new TwigFilter($name, $callable));
             }
          } else {
             if ($_ENV["APP_ENV"] == 0) {
                header('HTTP/1.1 500 Internal Server Error');
             } else {
-               if ($type === "addFunction") {
+               if ($function["type"] === "function") {
                   throw new TwigException("Cannot add the custom twig function : $name", 4001);
-               } elseif ($type === "addFilter") {
-                  throw new TwigException("Cannot add the custom twig filter : $name", 4001);
+               } elseif ($function["type"] === "filter") {
+                  throw new TwigException("Cannot add the custom twig filter : $name", 4002);
+               } else {
+                  throw new TwigException("{$function["type"]} is not a valid twig option type. Must be either function or filter.", 4003);
                }
             }
          }
       }
-
    }
 
    /**
     * Return Twig variable
     *
     * @return Environment
     */
-   public function getRenderer(): Environment {
+   public function getRenderer(): Environment
+   {
       return $this->twig;
    }
-
-}
+}
diff --git a/src/Security/PasswordService.php b/src/Security/PasswordService.php
@@ -0,0 +1,29 @@
+<?php
+
+namespace TimePHP\Security;
+
+class PasswordService {
+
+   /**
+    * Hash a password using the Bcrypt default algorithm
+    *
+    * @param string $password
+    * @param string $algo
+    * @return string
+    */
+   public static function hash(string $password, string $algo = PASSWORD_BCRYPT): string{
+      return password_hash($password, $algo);
+   }
+
+   /**
+    * Compare a password and a hash
+    *
+    * @param string $password
+    * @param string $hash
+    * @return boolean
+    */
+   public static function compare(string $password, string $hash): bool {
+      return password_verify($password, $hash);
+   }
+   
+}
