Primer version funcional

2025-12-29 23:37:11 -06:00
commit 5289fd4133
294 changed files with 111418 additions and 0 deletions
--- a/core/Auth.php
+++ b/core/Auth.php
@@ -0,0 +1,134 @@
+<?php
+
+class Auth {
+    public static function check() {
+        if (!isset($_SESSION['user_id'])) {
+            return false;
+        }
+        
+        $timeout = defined('SESSION_TIMEOUT') ? SESSION_TIMEOUT : 28800;
+        
+        if (isset($_SESSION['last_activity']) && (time() - $_SESSION['last_activity'] > $timeout)) {
+            session_destroy();
+            return false;
+        }
+        
+        $_SESSION['last_activity'] = time();
+        return true;
+    }
+    
+    public static function user() {
+        if (!self::check()) {
+            return null;
+        }
+        return $_SESSION;
+    }
+    
+    public static function id() {
+        return $_SESSION['user_id'] ?? null;
+    }
+    
+    public static function role() {
+        return $_SESSION['role'] ?? null;
+    }
+    
+    public static function isAdmin() {
+        return self::role() === 'ADMIN';
+    }
+    
+    public static function isCapturist() {
+        return self::role() === 'CAPTURIST' || self::isAdmin();
+    }
+    
+    public static function isViewer() {
+        return self::role() === 'VIEWER';
+    }
+
+    public static function isLector() {
+        return self::role() === 'LECTOR';
+    }
+
+    public static function getAccessibleHouseIds() {
+        $db = Database::getInstance();
+
+        if (self::isAdmin()) {
+            $result = $db->fetchAll("SELECT id FROM houses");
+            return array_column($result, 'id');
+        } elseif (self::isLector()) {
+            $userId = self::id();
+            $result = $db->fetchAll(
+                "SELECT house_id FROM user_house_permissions WHERE user_id = ?",
+                [$userId]
+            );
+            return array_column($result, 'house_id');
+        } else {
+            $result = $db->fetchAll("SELECT id FROM houses");
+            return array_column($result, 'id');
+        }
+    }
+    
+    public static function requireAuth() {
+        if (!self::check()) {
+            header('Location: /login.php');
+            exit;
+        }
+    }
+    
+    public static function requireAdmin() {
+        self::requireAuth();
+        if (!self::isAdmin()) {
+            header('Location: /dashboard.php');
+            exit;
+        }
+    }
+    
+    public static function requireCapturist() {
+        self::requireAuth();
+        if (!self::isCapturist()) {
+            header('Location: /dashboard.php');
+            exit;
+        }
+    }
+    
+    public static function login($user) {
+        session_regenerate_id(true);
+        $_SESSION['user_id'] = $user['id'];
+        $_SESSION['username'] = $user['username'];
+        $_SESSION['role'] = $user['role'];
+        $_SESSION['first_name'] = $user['first_name'];
+        $_SESSION['last_name'] = $user['last_name'];
+        $_SESSION['last_activity'] = time();
+        
+        $db = Database::getInstance();
+        $db->execute(
+            "UPDATE users SET last_login = NOW() WHERE id = ?",
+            [$user['id']]
+        );
+        
+        self::logActivity('login', "Usuario {$user['username']} inició sesión");
+    }
+    
+    public static function logout() {
+        self::logActivity('logout', "Usuario {$_SESSION['username']} cerró sesión");
+        session_destroy();
+        header('Location: /login.php');
+        exit;
+    }
+    
+    public static function logActivity($action, $details = '') {
+        if (!self::check()) {
+            return;
+        }
+        
+        $db = Database::getInstance();
+        $db->execute(
+            "INSERT INTO activity_logs (user_id, action, details, ip_address) VALUES (?, ?, ?, ?)",
+            [
+                self::id(),
+                $action,
+                $details,
+                $_SERVER['REMOTE_ADDR'] ?? null
+            ]
+        );
+    }
+}