Existing users code refactoring

PodcastGenerator/core/User.php

@@ -0,0 +1,135 @@
+<?php
+
+############################################################
+# PODCAST GENERATOR
+#
+# Created by the Podcast Generator Development Team
+# http://www.podcastgenerator.net
+#
+# This is Free Software released under the GNU/GPL License.
+############################################################
+
+namespace PodcastGenerator;
+
+/**
+ * Represents a user and their profile data.
+ */
+class User implements \JsonSerializable
+{
+    /**
+     * The name of the user for logging into the site.
+     *
+     * @var string
+     */
+    private readonly string $username;
+
+    /**
+     * The hash value of the user's password.
+     *
+     * @var string
+     */
+    private string $passwordHash = '';
+
+    /**
+     * An indicator that the user has unsaved changes.
+     *
+     * @var boolean
+     */
+    private bool $dirty;
+
+    /**
+     * Creates a new User object from the provided parameters.
+     *
+     * @param string $username   The name of the user.
+     * @param mixed $properties  An associative array of user properties, or a
+     *                           string of the user's password hash. Optional.
+     */
+    public function __construct($username, $properties = null)
+    {
+        $this->username = $username;
+
+        if (is_string($properties)) {
+            // If $properties is a string instead of an associative array or
+            // object, then it's the hashed password.
+            $this->passwordHash = $properties;
+        } elseif (is_array($properties) || is_object($properties)) {
+            // Array or object, assume each key exists
+            foreach ($properties as $key => $value) {
+                if ($key === 'username' || $key === 'dirty') {
+                    continue; // don't set these properties here!
+                } elseif ($key === 'password') {
+                    $this->passwordHash = $value;
+                    continue;
+                }
+                $this->{$key} = $value;
+            }
+        }
+
+        $this->dirty = false;
+    }
+
+    /**
+     * Gets if the User object has unsaved changes.
+     *
+     * @return boolean
+     */
+    public function isDirty(): bool
+    {
+        return $this->dirty;
+    }
+
+    /**
+     * Gets the name of the user.
+     *
+     * @return string
+     */
+    public function getUsername(): string
+    {
+        return $this->username;
+    }
+
+    /**
+     * Gets the hash value of the user's password.
+     *
+     * @return string
+     */
+    public function getPasswordHash(): string
+    {
+        return $this->passwordHash;
+    }
+
+    /**
+     * Sets the hash value of the user's password.
+     *
+     * @param string $hashedPassword  The pre-hashed password for the user.
+     * @return void
+     */
+    public function setPasswordHash($hashedPassword): void
+    {
+        $this->passwordHash = $hashedPassword;
+        $this->dirty = true;
+    }
+
+    /**
+     * Sets the hash value of the user's password from the provided plain text password.
+     *
+     * @param string $plainPassword  The plain text password for the user.
+     * @return void
+     *
+     * This produces the password hash using the password_hash() function and
+     * the default password hashing algorithm.
+     */
+    public function setPassword($plainPassword): void
+    {
+        $this->setPasswordHash(password_hash($plainPassword, PASSWORD_DEFAULT));
+    }
+
+    public function jsonSerialize(): mixed
+    {
+        $this->dirty = false;
+        return [
+            'username' => $this->username,
+            'password' => $this->passwordHash
+        ];
+    }
+}

PodcastGenerator/core/include_admin.php

@@ -36,6 +36,7 @@
 // This file is wizard to convert old password to a more secure algorithm
 // Load useful functions
 include 'misc/functions.php';
+include 'users.php';
 // Load HTML helper functions
 include 'html_helpers.php';
 // Load translations

PodcastGenerator/core/misc/functions.php

@@ -36,44 +36,6 @@ function checkLogin($username, $password_plain)
     return false;
 }
 
-function addUser($username, $password_plain)
-{
-    global $config;
-    $users =  json_decode($config['users_json'], true);
-    // Check if user exists
-    if (array_key_exists($username, $users)) {
-        return false;
-    }
-    $users[$username] = password_hash($password_plain, PASSWORD_DEFAULT);
-    return $config->set('users_json', str_replace('"', '\"', json_encode($users)), true);
-}
-
-function deleteUser($username)
-{
-    global $config;
-    $users =  json_decode($config['users_json'], true);
-    unset($users[$username]);
-    return $config->set('users_json', str_replace('"', '\"', json_encode($users)), true);
-}
-
-function changeUserPassword($username, $new_password_plain)
-{
-    global $config;
-    $users = json_decode($config['users_json'], true);
-    // Check if user exists
-    if (!array_key_exists($username, $users)) {
-        return false;
-    }
-    $users[$username] = password_hash($new_password_plain, PASSWORD_DEFAULT);
-    return $config->set('users_json', str_replace('"', '\"', json_encode($users)), true);
-}
-
-function getUsers()
-{
-    global $config;
-    return json_decode($config['users_json'], true);
-}
-
 function randomString($length = 8)
 {
     $characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';

PodcastGenerator/core/users.php

@@ -0,0 +1,73 @@
+<?php
+
+############################################################
+# PODCAST GENERATOR
+#
+# Created by Alberto Betella and Emil Engler
+# http://www.podcastgenerator.net
+#
+# This is Free Software released under the GNU/GPL License.
+############################################################
+
+/**
+ * Adds a new user to the users collection.
+ *
+ * @param string $username        The username of the new user.
+ * @param string $password_plain  The unencrypted password of the new user.
+ * @return bool  Whether the user was successfully saved.
+ */
+function addUser($username, $password_plain)
+{
+    global $config;
+    $users =  json_decode($config['users_json'], true);
+    // Check if user exists
+    if (array_key_exists($username, $users)) {
+        return false;
+    }
+    $users[$username] = password_hash($password_plain, PASSWORD_DEFAULT);
+    return $config->set('users_json', str_replace('"', '\"', json_encode($users)), true);
+}
+
+/**
+ * Deletes an existing user from the users collection.
+ *
+ * @param string $username  The username of the user to delete.
+ * @return bool  Whether the user was successfully deleted.
+ */
+function deleteUser($username)
+{
+    global $config;
+    $users =  json_decode($config['users_json'], true);
+    unset($users[$username]);
+    return $config->set('users_json', str_replace('"', '\"', json_encode($users)), true);
+}
+
+/**
+ * Changes an existing user's password.
+ *
+ * @param string $username            The username of the user to update.
+ * @param string $new_password_plain  The unencrypted new password of the user.
+ * @return bool  Whether the user was successfully updated.
+ */
+function changeUserPassword($username, $new_password_plain)
+{
+    global $config;
+    $users = json_decode($config['users_json'], true);
+    // Check if user exists
+    if (!array_key_exists($username, $users)) {
+        return false;
+    }
+    $users[$username] = password_hash($new_password_plain, PASSWORD_DEFAULT);
+    return $config->set('users_json', str_replace('"', '\"', json_encode($users)), true);
+}
+
+/**
+ * Gets an array of all registered users.
+ *
+ * @return array  An array of users.
+ */
+function getUsers()
+{
+    global $config;
+    return json_decode($config['users_json'], true);
+}

contrib/recover/reset.php

@@ -1,6 +1,7 @@
 <?php
 require '../core/Configuration.php';
 require '../core/misc/functions.php';
+require '../core/users.php';
 
 $config = PodcastGenerator\Configuration::load('../config.php');
 $users = getUsers();