<?php
class Auth
{
/**
* @var mixed
*/
private static $user = null;
public static function user()
{
return self::$user;
}
/**
* @param $username
* @param $password
*/
public static function attempt($username, $password)
{
$db = Database::getInstance();
$user = $db->fetch(
"SELECT id, username, password, full_name, email, role, status FROM users WHERE username = ?",
[$username]
);
if (!$user) {
return false;
}
if (!password_verify($password, $user['password'])) {
return false;
}
if ($user['status'] !== 'active') {
return false;
}
// Remove password from user array
unset($user['password']);
self::$user = $user;
return true;
}
/**
* @param array $roles
*/
public static function checkPermission($roles = [])
{
if (!self::$user) {
return false;
}
if (empty($roles)) {
return true;
}
return in_array(self::$user['role'], $roles);
}
/**
* @param $user
*/
public static function login($user)
{
// Remove password from user array if exists
if (isset($user['password'])) {
unset($user['password']);
}
self::$user = $user;
// Generate token
return TokenService::generate($user['id'], $user['username'], $user['role']);
}
}