Upgrade auth security, add footer content

This commit is contained in:
Sky Johnson 2024-07-17 16:12:57 -05:00
parent 33510e97e3
commit d8446b7d3c
5 changed files with 55 additions and 4 deletions

View File

@ -22,6 +22,36 @@ body {
justify-content: space-between; justify-content: space-between;
margin-bottom: 1rem; margin-bottom: 1rem;
} }
footer {
margin-top: 1rem;
display: flex;
justify-content: space-between;
align-items: center;
background-color: rgba(0, 0, 0, 0.25);
padding: 0.5rem;
color: white;
}
div#content {
display: flex;
flex-direction: row;
gap: 1rem;
aside#left {
flex-grow: 1;
max-width: 250px;
}
aside#right {
flex-grow: 1;
max-width: 250px;
}
main {
flex-grow: 1;
}
}
} }
.form-group { .form-group {
@ -68,4 +98,4 @@ div.alert {
color: hsl(359deg, 68%, 11%); color: hsl(359deg, 68%, 11%);
background-color: hsl(359deg, 68%, 71%); background-color: hsl(359deg, 68%, 71%);
} }
} }

View File

@ -13,6 +13,11 @@ class Auth
// id of the player // id of the player
public static int $id = 0; public static int $id = 0;
public function __construct()
{
}
public function login(string $identifier, string $password, bool $remember = false): bool public function login(string $identifier, string $password, bool $remember = false): bool
{ {
// delete the old session // delete the old session
@ -32,11 +37,11 @@ class Auth
return true; return true;
} }
private function remember(int $id): array|false private function remember(int $id): array
{ {
$data = ['player_id' => $id, 'token' => token()]; $data = ['player_id' => $id, 'token' => token()];
Session::createOrUpdate($data); Session::createOrUpdate($data); // save the token in the database, overwriting the old one if it exists
setcookie(self::COOKIE_NAME, implode('::', $data), strtotime('+30 days'), '/', '', true, true); setcookie(self::COOKIE_NAME, implode('::', $data), strtotime('+30 days'), '/', '', true, true);
return $data; return $data;
@ -46,6 +51,11 @@ class Auth
{ {
if (isset($_SESSION['player_id'])) unset($_SESSION['player_id']); if (isset($_SESSION['player_id'])) unset($_SESSION['player_id']);
if (isset($_COOKIE[self::COOKIE_NAME])) setcookie(self::COOKIE_NAME, '', time() - 86400, '/', '', true, true); if (isset($_COOKIE[self::COOKIE_NAME])) setcookie(self::COOKIE_NAME, '', time() - 86400, '/', '', true, true);
if (ini_get("session.use_cookies")) {
$params = session_get_cookie_params();
setcookie(session_name(), '', time() - 42000, $params["path"], $params["domain"], $params["secure"], $params["httponly"]);
}
session_destroy();
} }
public function good(): bool public function good(): bool

View File

@ -0,0 +1 @@
hello

View File

@ -1 +1,11 @@
footer <div>
&copy; <?= date('Y') ?> <?= App::$s['game_dev'] ?>
</div>
<div>
<?= App::$db->q("SELECT COUNT(id) FROM players WHERE last_online > ?;", [time() - 300])->fetchColumn() ?> players online
</div>
<div>
<?= App::$db->queries() ?> queries in <?= round(App::$db->time(), 2) ?> seconds
</div>