Files
RomhackPlaza/app/Auth/XenForoGuard.php
Benjamin b422cd2c82 Fixed a lot of responsive problems.
- Fixed auth problem
- Fixed BBCode and Markdown apparition in some unnecessary parts
2026-07-01 11:51:30 +02:00

193 lines
3.9 KiB
PHP

<?php
namespace App\Auth;
use Illuminate\Contracts\Auth\Guard;
use Illuminate\Http\Request;
/**
* Xenforo authentification bridge.
*/
class XenForoGuard implements Guard
{
/**
* Authenticated user.
* @var XenForoUser|null
*/
private ?XenForoUser $user = null;
public function __construct(private readonly Request $request) {}
/**
* Check if user is logged in.
* @return bool
*/
public function check(): bool
{
return $this->user() !== null;
}
/**
* Check if user is a guest.
* @return bool
*/
public function guest(): bool
{
return ! $this->check();
}
/**
* Get user ID.
* @return mixed
*/
public function id(): mixed
{
return $this->user()?->getAuthIdentifier();
}
/**
* If user is defined.
* @return bool
*/
public function hasUser(): bool
{
return $this->user !== null;
}
/**
* Login user.
* @return XenForoUser|null
*/
public function user(): ?XenForoUser
{
if ($this->hasUser())
return $this->user;
$user = $this->getFromSession();
if( $user )
return $user;
$user = $this->getFromCookie();
if( $user )
return $user;
return null;
}
private function getFromSession(): ?XenForoUser
{
$sessionId = $this->request->cookie('xf_session');
if(!$sessionId)
return null;
$xfSession = \DB::connection('xenforo')
->table('session')
->where('session_id', $sessionId)
->value('session_data');
if(!$xfSession)
return null;
$sessionData = unserialize($xfSession);
if (!$sessionData || !isset($sessionData['userId']) || !$sessionData['userId'])
return null;
$xfUser = \DB::connection('xenforo')
->table('user')
->where('user_id', $sessionData['userId'])
->first();
if(!$xfUser)
return null;
return $this->user = new XenForoUser($xfUser);
}
private function isCorrectCookieKey(string $key, $record): bool
{
$known = $record->remember_key;
if( !$known )
return false;
$check = hash('sha256', $key, true);
return hash_equals($known, $check);
}
private function getFromCookie(): ?XenForoUser
{
$cookie = $this->request->cookie('xf_user');
if(!$cookie)
return null;
$parts = explode(',', $cookie);
if( count( $parts ) !== 2 )
return null;
[$userId, $key] = $parts;
$userId = (int) $userId;
if( !$userId || !$key )
return null;
$remembers = \DB::connection('xenforo')
->table('user_remember')
->where('user_id', $userId)
->get();
if( !$remembers )
return null;
$valid = false;
foreach( $remembers as $remember )
{
if( $this->isCorrectCookieKey($key, $remember) && $remember->expiry_date >= time() ){
$valid = true;
break;
}
}
if( !$valid )
return null;
$xfUser = \DB::connection('xenforo')
->table('user')
->where('user_id', $userId)
->first();
if(!$xfUser)
return null;
return $this->user = new XenForoUser($xfUser);
}
/**
* Unused.
*
* @param array $credentials
*
* @return bool
*/
public function validate(array $credentials = []): bool
{
return false;
}
public function setUser(mixed $user): void
{
$this->user = $user;
}
/**
* Unused.
* @return void
*/
public function logout(): void
{
redirect('/');
}
}