Home Explore Help
Sign In
cixo-electronic
/
phpnotify
2
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: b15c523bef
Branches Tags
phpnotify
/
sources
/
login_authorization.php

login_authorization.php 2.4 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778 
  1. <?php
    2. 

  2. 

  3. namespace phpnotify;
    4. 

  4. 

  5. use \TypeError as TypeError;
    6. 

  6. use \base64_encode as base64_encode;
    7. 

  7. 

  8. /**
    9. 

  9.  * This could be used to authorize by username and password.
    10. 

  10.  * 
    11. 

  11.  * It could be used to authorize by login and password. It is better option
    12. 

  12.  * than empty authorization, which does not give any security, but it is 
    13. 

  13.  * necessary to use TLS, because password and login does not being hashed, 
    14. 

  14.  * and could being captured by intermediary when use empty HTTP.
    15. 

  15.  */
    16. 

  16. class login_authorization extends authorization_method {
    17. 

  17.     /**
    18. 

  18.      * It store encoded login and password, in form which is used by header,
    19. 

  19.      * that mean `base64('login:password')`.
    20. 

  20.      * @var string
    21. 

  21.      */
    22. 

  22.     private string $coded;
    23. 

  23. 

  24.     /** 
    25. 

  25.      * This create new login authorization.
    26. 

  26.      *
    27. 

  27.      * This create new login authorization, require username and password
    28. 

  28.      * for them. Username and password could not being empty.
    29. 

  29.      *
    30. 

  30.      * @throws TypeError When login or password is empty.
    31. 

  31.      * 
    32. 

  32.      * @param string $login Login of the user.
    33. 

  33.      * @param string $password Password for that user.
    34. 

  34.      */
    35. 

  35.     public function __construct(string $login, string $password) {
    36. 

  36.         $login = trim($login);
    37. 

  37.         $password = trim($password);
    38. 

  38.         
    39. 

  39.         if (strlen($login) === 0 || strlen($password) === 0) {
    40. 

  40.             throw new TypeError('Login and password could being empty.');
    41. 

  41.         }
    42. 

  42. 

  43.         $this->coded = $this->encode($login, $password);
    44. 

  44.     }
    45. 

  45. 

  46.     /**
    47. 

  47.      * It return true, because header is required when use login.
    48. 

  48.      *
    49. 

  49.      * @return bool True because header is required for login authorization.
    50. 

  50.      */
    51. 

  51.     public function is_header_required(): bool {
    52. 

  52.         return true;
    53. 

  53.     }
    54. 

  54. 

  55.     /**
    56. 

  56.      * This return content of the header.
    57. 

  57.      *
    58. 

  58.      * This return content of the headed, which contain coded login and
    59. 

  59.      * password. It is coded in the base64, which is not hash function end
    60. 

  60.      * could be easy decoded. It is cause that TLS must being used.
    61. 

  61.      *
    62. 

  62.      * @return string Content of the headed.
    63. 

  63.      */
    64. 

  64.     public function header_content(): string {
    65. 

  65.         return 'Basic '.$this->coded;
    66. 

  66.     }
    67. 

  67. 

  68.     /**
    69. 

  69.      * This encode login and password to use it headed.
    70. 

  70.      *
    71. 

  71.      * @param string $login Login of the user.
    72. 

  72.      * @param string $password Password for that user.
    73. 

  73.      * @return string Encoded form of login and password.
    74. 

  74.      */
    75. 

  75.     private function encode(string $login, string $password): string {
    76. 

  76.         return base64_encode($login.':'.$password);
    77. 

  77.     }
    78. 

  78. }
    79.