From 1c54254c746a11a4614324e32c785024d21b74b9 Mon Sep 17 00:00:00 2001
From: Christiaan Goossens <contact@christiaangoossens.nl>
Date: Tue, 14 Mar 2017 12:01:41 +0100
Subject: [PATCH] Added static object linking & authorization methods

---
 public/index.php                       |  2 +
 src/Application.php                    | 37 +++++++++++++++
 src/Application/Auth/Authorization.php | 49 ++++++++++++++++++++
 src/Application/Helper/IBAN.php        | 64 ++++++++++++++++++++++++++
 src/Application/Helper/Rekeningen.php  | 42 +++++++++++++++++
 src/Application/Login.php              | 41 ++++++++---------
 src/bootstrap.php                      | 15 +++++-
 src/settings.php                       |  2 +-
 templates/login.phtml                  | 26 +++++------
 9 files changed, 242 insertions(+), 36 deletions(-)
 create mode 100644 src/Application.php
 create mode 100644 src/Application/Auth/Authorization.php
 create mode 100644 src/Application/Helper/IBAN.php
 create mode 100644 src/Application/Helper/Rekeningen.php

diff --git a/public/index.php b/public/index.php
index 105dcc1..49d2a47 100644
--- a/public/index.php
+++ b/public/index.php
@@ -12,6 +12,8 @@
  *  Jelmer Hinssen
  */
 
+ // Create session
+ session_start();
 
 /**
  * Check if the script is running in CLI mode
diff --git a/src/Application.php b/src/Application.php
new file mode 100644
index 0000000..18dda13
--- /dev/null
+++ b/src/Application.php
@@ -0,0 +1,37 @@
+<?php
+
+/**
+ *  Informatica Eindproject D4p
+ *  6in3, Stedelijk Gymnasium Nijmegen
+ *  Docent: Hans de Wolf
+ *
+ *  ==================
+ *
+ *  Daniel Boutros,
+ *  Christiaan Goossens,
+ *  Jelmer Hinssen
+ */
+
+namespace Inforbank;
+
+class Application
+{
+    public static $container;
+    public static $app;
+
+    public static function set($app)
+    {
+        self::$app = $app;
+        self::$container = $app->getContainer();
+    }
+
+    public static function getContainer()
+    {
+        return self::$container;
+    }
+
+    public static function getApplication()
+    {
+        return self::$app;
+    }
+}
diff --git a/src/Application/Auth/Authorization.php b/src/Application/Auth/Authorization.php
new file mode 100644
index 0000000..34b36d0
--- /dev/null
+++ b/src/Application/Auth/Authorization.php
@@ -0,0 +1,49 @@
+<?php
+
+/**
+ *  Informatica Eindproject D4p
+ *  6in3, Stedelijk Gymnasium Nijmegen
+ *  Docent: Hans de Wolf
+ *
+ *  ==================
+ *
+ *  Daniel Boutros,
+ *  Christiaan Goossens,
+ *  Jelmer Hinssen
+ */
+
+namespace Inforbank\Application\Auth;
+
+use Inforbank\Application;
+
+class Authorization
+{
+    public function login($rekeningnr, $passcode)
+    {
+        $container = Application::getContainer();
+        $db = $container->db;
+
+        $rekeningen = $db->rekeningen->where('rekeningnr', $rekeningnr);
+
+        if (count($rekeningen) !== 1) {
+            throw new \Exception("Rekening niet bekend.");
+        }
+
+        $id = $rekeningen->max("id");
+        $klantnr = $rekeningen[$id]['klantid'];
+
+        $klant = $db->klanten->where('id', $klantnr)[$klantnr];
+        if ($klant['code'] === $passcode) {
+            $_SESSION['user'] = $klant;
+
+            return true;
+        }
+
+        return false;
+    }
+
+    public function getUser()
+    {
+        return $_SESSION['user'];
+    }
+}
diff --git a/src/Application/Helper/IBAN.php b/src/Application/Helper/IBAN.php
new file mode 100644
index 0000000..a6f97cb
--- /dev/null
+++ b/src/Application/Helper/IBAN.php
@@ -0,0 +1,64 @@
+<?php
+
+/**
+ *  Informatica Eindproject D4p
+ *  6in3, Stedelijk Gymnasium Nijmegen
+ *  Docent: Hans de Wolf
+ *
+ *  ==================
+ *
+ *  Daniel Boutros,
+ *  Christiaan Goossens,
+ *  Jelmer Hinssen
+ */
+
+namespace Inforbank\Application\Helper;
+
+class IBAN
+{
+    private function wordToNumbers($word)
+    {
+        $newword = "";
+        $wordarray = str_split($word);
+        foreach ($wordarray as $v) {
+            $newword .= ord(strtolower($v)) - 87;
+        }
+        return $newword;
+    }
+
+
+    public function getIBAN($rekeningnr)
+    {
+        $landcode = "NL"; // NL in vertaling
+        $landnumber = $this->wordToNumbers($landcode);
+
+
+        $bankcode = "INFO";
+        $banknumber = $this->wordToNumbers($bankcode);
+
+        $rekeningnr = str_pad($rekeningnr, 10, 0, STR_PAD_LEFT);
+
+        $bignum = $banknumber . $rekeningnr . $landnumber . "00";
+
+        $modulo97 = '';
+        $checkdigits = '00';
+
+        // begin modulo staartdeling
+        $modulo97 = (int)substr($bignum, 0, 6);
+        $modulo97 = $modulo97 % 97;
+        $modulo97 = (1000000 * $modulo97) + (int)substr($bignum, 6, 6);
+        $modulo97 = $modulo97 % 97;
+        $modulo97 = (1000000 * $modulo97) + (int)substr($bignum, 12, 6);
+        $modulo97 = $modulo97 % 97;
+        $modulo97 = (1000000 * $modulo97) + (int)substr($bignum, 18, 6);
+        $modulo97 = $modulo97 % 97;
+        $checkdigits = 98 - $modulo97;
+        // einde modulo staartdeling
+        if (strlen($checkdigits) < 2) {
+            $checkdigits = '0' . $checkdigits;
+        }
+
+        $rekeningnrarr = str_split($rekeningnr, 4);
+        return $landcode.$checkdigits." ".$bankcode." ".$rekeningnrarr[0]." ".$rekeningnrarr[1]." ".$rekeningnrarr[2];
+    }
+}
diff --git a/src/Application/Helper/Rekeningen.php b/src/Application/Helper/Rekeningen.php
new file mode 100644
index 0000000..d9a4862
--- /dev/null
+++ b/src/Application/Helper/Rekeningen.php
@@ -0,0 +1,42 @@
+<?php
+
+/**
+ *  Informatica Eindproject D4p
+ *  6in3, Stedelijk Gymnasium Nijmegen
+ *  Docent: Hans de Wolf
+ *
+ *  ==================
+ *
+ *  Daniel Boutros,
+ *  Christiaan Goossens,
+ *  Jelmer Hinssen
+ */
+
+namespace Inforbank\Application\Helper;
+
+use Inforbank\Application;
+
+class Rekeningen
+{
+    public function getCurrentUserRekeningen()
+    {
+        $container = Application::getContainer();
+        $user = $container->auth->getUser();
+
+        $db = $container->db;
+        $ibanhelper = new IBAN;
+
+        $rekeningen = $db->rekeningen->where('klantid', $user['id']);
+
+        $returnArray = array();
+
+        foreach ($rekeningen as $rekening) {
+            $returnArray[] = array(
+                "rekeningnr" => $ibanhelper->getIBAN($rekening['rekeningnr']),
+                "saldo" => (double) $rekening['saldo']
+            );
+        }
+
+        return $returnArray;
+    }
+}
diff --git a/src/Application/Login.php b/src/Application/Login.php
index b353f10..f5a1e42 100644
--- a/src/Application/Login.php
+++ b/src/Application/Login.php
@@ -16,32 +16,31 @@ namespace Inforbank\Application;
 
 use \Slim\App;
 
-class Login {
-    public function __construct(App $app) {
+class Login
+{
+    public function __construct(App $app)
+    {
         $app->get('/login', function ($request, $response, $args) {
             // Render index view
             return $this->renderer->render($response, 'login.phtml', $args);
         });
-		$app->post('/login', function ($request, $response, $args) {
+        $app->post('/login', function ($request, $response, $args) {
             // Render index view
-			$post = $request->getParsedBody();
-			
-			$user = $this->db->gebruikers("username = ?", $post["username"]);
-			if ($user->count("*") === 0){
-				echo "Onjuiste gebruikersnaam of wachtwoord";
-			} else {
-				if(password_verify($post["password"], $user["password"])){
-					session_start();
-					$_SESSION["user"] = [
-						"uuid" => $user["uuid"],
-						"username" => $user["username"]
-					];
-				}else{
-					echo "fout";
-				}
-			}
-			$newResponse = $response->withHeader('Location', '');
-			return $this->renderer->render($newResponse, 'login.phtml', $args);
+            $post = $request->getParsedBody();
+
+            try {
+                $resp = $this->auth->login($post['rekeningnr'], $post['pascode']);
+
+                if ($resp) {
+                    echo "HIER EEN REDIRECT GRAAG";
+                } else {
+                    echo "ERR PASS!";
+                }
+            } catch (\Exception $e) {
+                echo "ERR REK!";
+            }
+
+            die();
         });
     }
 }
diff --git a/src/bootstrap.php b/src/bootstrap.php
index 98d1082..ea45166 100644
--- a/src/bootstrap.php
+++ b/src/bootstrap.php
@@ -77,7 +77,11 @@ $container['db.pdo'] = function ($c) {
     $pass = $settings['pass'];
     $charset = $settings['charset'];
 
-    return new PDO("mysql:dbname=$name;host=$host;charset=$charset", $user, $pass);
+    return new PDO("mysql:dbname=$name;host=$host;charset=$charset", $user, $pass,
+    array(
+            PDO::ATTR_TIMEOUT => 5,
+            PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION
+        ));
 };
 
 $container['db'] = function ($c) {
@@ -86,6 +90,15 @@ $container['db'] = function ($c) {
     return new NotORM($pdo);
 };
 
+// Add auth object
+$container['auth'] = function () {
+    return new \Inforbank\Application\Auth\Authorization();
+};
+
+
+// Link static objects
+Inforbank\Application::set($app);
+
 // Inject the application main class
 /**
  * ==============
diff --git a/src/settings.php b/src/settings.php
index 06744a3..739ee3c 100644
--- a/src/settings.php
+++ b/src/settings.php
@@ -11,7 +11,7 @@ return [
 
         // Database settings
         'db' => [
-            'host' => 'mysql.verictas.nl',
+            'host' => '185.56.145.27',
             'user' => 'inforban_db',
             'pass' => 'inforbank',
             'name' => 'inforban_db',
diff --git a/templates/login.phtml b/templates/login.phtml
index 7394117..5f76b49 100644
--- a/templates/login.phtml
+++ b/templates/login.phtml
@@ -13,7 +13,7 @@
 			padding: 15px;
 			margin: 0 auto;
 		}
-		
+
 		.btn-primary {
 			color: #ff6000;
 			background-color: #2e652c;
@@ -34,23 +34,23 @@
 		}
 	</style>
     <body>
-	<div class = "jumbotron">
-	<div class = "container">
+	<div class="jumbotron">
+	<div class="container">
 	<h1>InforBank</h1>
 	</div>
 	</div>
-	<div class = "container">
-        <form class = "form-signin" method = "post">
-			<h2 class = "form-signin-heading">Inloggen</h2>
-			<label for="inputUsername" class = "sr-only">Gebruikersnaam</label>
-			<input type = "text" id = "inputUsername" name = "username" class = "form-control" placeholder="Gebruikersnaam"/>
-			
-			<label for="inputPassword" class = "sr-only">Wachtwoord</label>
-			<input type = "password" id = "inputPassword" name = "password" class = "form-control" placeholder="Wachtwoord"/>
-			<button class = "btn btn-lg btn-primary btn-block" type="submit">Inloggen</button>
+	<div class="container">
+        <form class="form-signin" method="post">
+			<h2 class="form-signin-heading">Inloggen</h2>
+			<label for="inputUsername" class="sr-only">Rekeningnummer (alleen cijfers)</label>
+			<input type="text" id="inputUsername" name="rekeningnr" class="form-control" placeholder="012456789"/>
+
+			<label for="inputPassword" class="sr-only">Pascode</label>
+			<input type="password" id="inputPassword" name="pascode" class="form-control" placeholder="0000"/>
+			<button class="btn btn-lg btn-primary btn-block" type="submit">Inloggen</button>
 		</form>
 	</div>
-	<footer class = "footer">
+	<footer class="footer">
 	&copy 2017 Alle rechten voorbehouden
 	</footer>
 	<script src="https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js"></script>