135 lines
3.6 KiB
PHP
Executable File
135 lines
3.6 KiB
PHP
Executable File
<?php
|
|
|
|
class Auth {
|
|
public static function check() {
|
|
if (!isset($_SESSION['user_id'])) {
|
|
return false;
|
|
}
|
|
|
|
$timeout = defined('SESSION_TIMEOUT') ? SESSION_TIMEOUT : 28800;
|
|
|
|
if (isset($_SESSION['last_activity']) && (time() - $_SESSION['last_activity'] > $timeout)) {
|
|
session_destroy();
|
|
return false;
|
|
}
|
|
|
|
$_SESSION['last_activity'] = time();
|
|
return true;
|
|
}
|
|
|
|
public static function user() {
|
|
if (!self::check()) {
|
|
return null;
|
|
}
|
|
return $_SESSION;
|
|
}
|
|
|
|
public static function id() {
|
|
return $_SESSION['user_id'] ?? null;
|
|
}
|
|
|
|
public static function role() {
|
|
return $_SESSION['role'] ?? null;
|
|
}
|
|
|
|
public static function isAdmin() {
|
|
return self::role() === 'ADMIN';
|
|
}
|
|
|
|
public static function isCapturist() {
|
|
return self::role() === 'CAPTURIST' || self::isAdmin();
|
|
}
|
|
|
|
public static function isViewer() {
|
|
return self::role() === 'VIEWER';
|
|
}
|
|
|
|
public static function isLector() {
|
|
return self::role() === 'LECTOR';
|
|
}
|
|
|
|
public static function getAccessibleHouseIds() {
|
|
$db = Database::getInstance();
|
|
|
|
if (self::isAdmin()) {
|
|
$result = $db->fetchAll("SELECT id FROM houses");
|
|
return array_column($result, 'id');
|
|
} elseif (self::isLector()) {
|
|
$userId = self::id();
|
|
$result = $db->fetchAll(
|
|
"SELECT house_id FROM user_house_permissions WHERE user_id = ?",
|
|
[$userId]
|
|
);
|
|
return array_column($result, 'house_id');
|
|
} else {
|
|
$result = $db->fetchAll("SELECT id FROM houses");
|
|
return array_column($result, 'id');
|
|
}
|
|
}
|
|
|
|
public static function requireAuth() {
|
|
if (!self::check()) {
|
|
header('Location: /login.php');
|
|
exit;
|
|
}
|
|
}
|
|
|
|
public static function requireAdmin() {
|
|
self::requireAuth();
|
|
if (!self::isAdmin()) {
|
|
header('Location: /dashboard.php');
|
|
exit;
|
|
}
|
|
}
|
|
|
|
public static function requireCapturist() {
|
|
self::requireAuth();
|
|
if (!self::isCapturist()) {
|
|
header('Location: /dashboard.php');
|
|
exit;
|
|
}
|
|
}
|
|
|
|
public static function login($user) {
|
|
session_regenerate_id(true);
|
|
$_SESSION['user_id'] = $user['id'];
|
|
$_SESSION['username'] = $user['username'];
|
|
$_SESSION['role'] = $user['role'];
|
|
$_SESSION['first_name'] = $user['first_name'];
|
|
$_SESSION['last_name'] = $user['last_name'];
|
|
$_SESSION['last_activity'] = time();
|
|
|
|
$db = Database::getInstance();
|
|
$db->execute(
|
|
"UPDATE users SET last_login = NOW() WHERE id = ?",
|
|
[$user['id']]
|
|
);
|
|
|
|
self::logActivity('login', "Usuario {$user['username']} inició sesión");
|
|
}
|
|
|
|
public static function logout() {
|
|
self::logActivity('logout', "Usuario {$_SESSION['username']} cerró sesión");
|
|
session_destroy();
|
|
header('Location: /login.php');
|
|
exit;
|
|
}
|
|
|
|
public static function logActivity($action, $details = '') {
|
|
if (!self::check()) {
|
|
return;
|
|
}
|
|
|
|
$db = Database::getInstance();
|
|
$db->execute(
|
|
"INSERT INTO activity_logs (user_id, action, details, ip_address) VALUES (?, ?, ?, ?)",
|
|
[
|
|
self::id(),
|
|
$action,
|
|
$details,
|
|
$_SERVER['REMOTE_ADDR'] ?? null
|
|
]
|
|
);
|
|
}
|
|
}
|