Auth.php
3.77 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
<?php
class Auth {
const REG_METH_AUTO_REG = 1;
const REG_METH_VALID_EMAIL = 2;
const FORGOT_METH_VALID_EMAIL = 1;
const FORGOT_METH_RAND_PASS = 2;
const ACTION_ACTIVATE = 'activate_account';
public static function make() {
static $made = false;
if (true === $made) {
throw new Exception('Auth has already been instantiated');
}
$made = true;
// if _GET activate self::activate();
}
/**
* Attempts to login the user
* @param {String} $username
* @param {String} $password
* @param {Boolean} $remember
* @returns WP_User instance
* @throws LogicException If headers have already been passed
* @throws InvalidArgumentException If the authentication is invalid
*/
public static function login($username, $password, $remember = true) {
if (headers_sent()) {
throw new LogicException('Unable to login because headers have been sent');
}
$auth = _signon(Array(
'user_login' => esc_sql($username)
, 'user_password' => esc_sql($password)
, 'remember' => $remember
));
$ref = new ReflectionObject($auth);
if ($ref->name == 'WP_User') {
return $auth;
}
throw new InvalidArgumentException('Invalid username/password');
//$auth->get_error_message()); this would be nice except it links to a wp-page
}
/**
* Attempts to log the user out
* @returns Boolean
* @throws LogicException If HTTP headers have already been sent
*/
public static function logout() {
if (headers_sent()) {
throw new LogicException('Unable to logout because headers have been sent');
}
_logout();
return true;
}
public static function register($user_data = Array(), $registration_method) {
require_once(ABSPATH . WPINC . DIRECTORY_SEPARATOR . 'registration.php');
$valid = new Auth_Validation($user_data);
if (count($valid->errors) > 0) {
throw new BadMethodCallException(implode("\n", $valid->errors));
}
array_filter($user_data, 'esc_sql');
$id = (int)_insert_user($user_data);
global $wpdb;
$wpdb->query("UPDATE `{$wpdb->users}` SET `user_status` = 1 WHERE `ID` = {$id}");
return $id;
}
public static function activate($username, $activation_key) {
do_action(self::ACTION_ACTIVATE, $user_id);
}
public static function forgot_password($username, $forgot_method) {
}
}
class Auth_Validation extends Validation {
/**
* @rule Not blank
* @rule Valid WordPress username
* @returns Boolean
*/
protected function username($val) {
if (empty($val)) {
throw new Exception('Username is blank');
}
require_once(ABSPATH . WPINC . DIRECTORY_SEPARATOR . 'registration.php');
if (!validate_username($val)) {
throw new Exception('Username must be at least 4 characters, letters and numbers only');
}
if (username_exists($_POST['reg_username'])) {
throw new Exception('Username already exists');
}
}
/**
* @rule Not blank
* @returns Boolean
*/
protected function password($val) {
if (empty($val)) {
throw new Exception('Password can not be blank');
}
}
/**
* @rule Valid email address (*@*.*)
* @returns Boolean
*/
protected function email($val) {
if (!(boolean)filter_var($val, FILTER_VALIDATE_EMAIL)) {
throw new Exception('Invalid email address');
}
if (false !== email_exists($val)) {
throw new Exception('Email address already registered');
}
}
}
?>