From cf84456426691764fae51fe10f5746353863ef23 Mon Sep 17 00:00:00 2001
From: REJack <info@rejack.de>
Date: Thu, 1 Nov 2018 22:53:21 +0100
Subject: [PATCH] added Models/UserModel & Models/LoginAttemptModel

---
 Models/LoginAttemptModel.php |  77 +++++++++++++++++++++++++
 Models/UserModel.php         | 109 +++++++++++++++++++++++++++++++++++
 2 files changed, 186 insertions(+)
 create mode 100644 Models/LoginAttemptModel.php
 create mode 100644 Models/UserModel.php

diff --git a/Models/LoginAttemptModel.php b/Models/LoginAttemptModel.php
new file mode 100644
index 0000000..2bf4143
--- /dev/null
+++ b/Models/LoginAttemptModel.php
@@ -0,0 +1,77 @@
+<?php namespace Magefly\Aauth\Models;
+
+use \CodeIgniter\Model;
+use Magefly\Aauth\Config\Aauth as AauthConfig;
+
+class LoginAttemptModel extends Model
+{
+	protected $useSoftDeletes = false;
+	protected $useTimestamps  = true;
+	protected $createdField   = 'created_datetime';
+	protected $updatedField   = 'updated_datetime';
+	protected $protectFields  = false;
+
+	public function __construct()
+	{
+		parent::__construct();
+		$this->config = new AauthConfig();
+		$this->table = $this->config->dbTableLoginAttempts;
+		$this->DBGroup = $this->config->dbProfile;
+	}
+
+	public function update($id = null, $data = null)
+	{
+		$request = \Config\Services::request();
+
+		$builder = $this->builder();
+		$ip_address = $request->getIPAddress();
+		$builder->where('ip_address', $ip_address);
+		$builder->where('updated_datetime >=', date("Y-m-d H:i:s", strtotime("-".$this->config->loginAttemptLimitTimePeriod)));
+
+		if ($builder->countAllResults() == 0)
+		{
+			$data = [];
+			$data['ip_address'] = $ip_address;
+			$data['count'] = 1;
+			$data[$this->updatedField] = $this->setDate();
+			$builder->insert($data);
+			return true;
+		}
+		else
+		{
+			$row = $builder->get()->getFirstRow();
+			$data = array();
+			$data['count'] = $row->count + 1;
+			$data[$this->updatedField] = $this->setDate();
+			$builder->update($data, array('id' => $row->id));
+
+			if ( $data['count'] > $this->config->loginAttemptLimit)
+			{
+				return false;
+			}
+			else
+			{
+				return true;
+			}
+		}
+	}
+
+	public function get()
+	{
+		$request = \Config\Services::request();
+
+		$builder = $this->builder();
+		$ip_address = $request->getIPAddress();
+		$builder->where('ip_address', $ip_address);
+		$builder->where('updated_datetime >=', date("Y-m-d H:i:s", strtotime("-".$this->config->loginAttemptLimitTimePeriod)));
+		if ($builder->countAllResults() != 0)
+		{
+			$row = $builder->get()->getFirstRow();
+			return $row->count;
+		}
+		else
+		{
+			return 0;
+		}
+	}
+}
diff --git a/Models/UserModel.php b/Models/UserModel.php
new file mode 100644
index 0000000..9e2eefe
--- /dev/null
+++ b/Models/UserModel.php
@@ -0,0 +1,109 @@
+<?php namespace Magefly\Aauth\Models;
+
+use \CodeIgniter\Model;
+use Magefly\Aauth\Config\Aauth as AauthConfig;
+
+class UserModel extends Model
+{
+	protected $useSoftDeletes = true;
+	protected $useTimestamps  = true;
+	protected $createdField   = 'created_datetime';
+	protected $updatedField   = 'updated_datetime';
+	protected $allowedFields  = ['email', 'username', 'password'];
+	protected $beforeInsert   = ['hashPassword'];
+	protected $beforeUpdate   = ['hashPassword'];
+
+	public function __construct()
+	{
+		parent::__construct();
+		$this->config = new AauthConfig();
+		$this->table = $this->config->dbTableUsers;
+		$this->DBGroup = $this->config->dbProfile;
+		$this->validationRules['email'] = 'required|if_exist|valid_email|is_unique['.$this->table.'.email,id,{id}]';
+		$this->validationRules['password'] = 'required|if_exist|min_length['.$this->config->passwordMin.']|max_length['.$this->config->passwordMax.']';
+		$this->validationRules['username'] = 'if_exist|is_unique['.$this->table.'.username,id,{id}]|alpha_numeric_space|min_length[3]';
+		$this->validationMessages = [
+			'email' => [
+				'is_unique' => lang('Aauth.existsAlreadyEmail'),
+				'valid_email' => lang('Aauth.invalidEmail'),
+			],
+			'password' => [
+				'min_length' => lang('Aauth.invalidPassword'),
+				'max_length' => lang('Aauth.invalidPassword'),
+			],
+			'username' => [
+				'is_unique' => lang('Aauth.existsAlreadyUsername'),
+				'min_length' => lang('Aauth.invalidUsername'),
+			],
+		];
+
+		if ($this->config->loginUseUsername)
+		{
+			$this->validationRules['username'] = 'is_unique['.$this->table.'.username,id,{id}]|required|alpha_numeric_space|min_length[3]';
+			$this->validationMessages['username']['required'] = lang('Aauth.requiredUsername');
+		}
+	}
+
+	public function findAllExtra(int $limit = 0, int $offset = 0, array $options = null)
+	{
+		$builder = $this->builder();
+
+		if ($this->tempUseSoftDeletes === true)
+		{
+			$builder->where($this->deletedField, 0);
+		}
+
+		if (isset($options['where']))
+		{
+			foreach ($options['where'] as $key => $value)
+			{
+				$builder->where($key, $value);
+			}
+		}
+
+		if (isset($options['order_by']))
+		{
+			foreach ($options['order_by'] as $key => $value)
+			{
+				$builder->orderBy($key, $value);
+			}
+		}
+
+		$row = $builder->limit($limit, $offset)
+				->get();
+
+		$row = $row->getResult($this->tempReturnType);
+
+		$row = $this->trigger('afterFind', ['data' => $row, 'limit' => $limit, 'offset' => $offset]);
+
+		$this->tempReturnType = $this->returnType;
+		$this->tempUseSoftDeletes = $this->useSoftDeletes;
+
+		return $row['data'];
+	}
+
+	public function exists(int $id)
+	{
+		$builder = $this->builder();
+
+		if ($this->tempUseSoftDeletes === true)
+		{
+			$builder->where($this->deletedField, 0);
+		}
+
+		$builder->like($this->table.'.'.$this->primaryKey, $id);
+
+		return $builder->countAllResults();
+	}
+
+	protected function hashPassword(array $data)
+	{
+		if ( ! isset($data['data']['password']))
+		{
+			return $data;
+		}
+
+		$data['data']['password'] = password_hash($data['data']['password'], $this->config->passwordHashAlgo, $this->config->passwordHashOptions);
+		return $data;
+	}
+}