Files
order/app/Core/Auth.php
T
Ty Clifford 16235369cb - Implemented the full Fat Bottom Grille storefront and staff dashboard.
Highlights include configurable menus, specials, cart/checkout, taxes, 
customer accounts with email 2FA, newsletters, analytics, refunds, 
PDF/CSV exports, Square/Mailgun adapters, and optional MySQL migration.

See README.md for setup and production configuration. Verified 
PHP/JavaScript syntax, responsive layouts, registration, 2FA, checkout, 
dashboard workflows, settings persistence, and PDF generation.
Real Square, Mailgun, and MySQL connections require credentials/server 
access. Square implementation follows the official Payments API and 
Refunds API.
2026-06-10 13:27:42 -04:00

85 lines
2.0 KiB
PHP

<?php
declare(strict_types=1);
namespace FatBottom\Core;
final class Auth
{
private ?array $cachedUser = null;
private bool $resolved = false;
public function __construct(private readonly Database $db)
{
}
public function user(): ?array
{
if ($this->resolved) {
return $this->cachedUser;
}
$this->resolved = true;
$id = (int) ($_SESSION['user_id'] ?? 0);
if ($id === 0) {
return null;
}
$this->cachedUser = $this->db->fetch(
'SELECT * FROM users WHERE id = ? AND active = 1',
[$id]
);
return $this->cachedUser;
}
public function check(): bool
{
return $this->user() !== null;
}
public function login(array $user): void
{
session_regenerate_id(true);
$_SESSION['user_id'] = (int) $user['id'];
unset($_SESSION['pending_2fa_user_id']);
$this->resolved = true;
$this->cachedUser = $user;
}
public function logout(): void
{
unset($_SESSION['user_id'], $_SESSION['pending_2fa_user_id']);
session_regenerate_id(true);
$this->resolved = true;
$this->cachedUser = null;
}
public function requireLogin(): array
{
$user = $this->user();
if ($user === null) {
Http::flash('warning', 'Please sign in to continue.');
Http::redirect('/login');
}
return $user;
}
public function requireStaff(): array
{
$user = $this->requireLogin();
if (!in_array($user['role'], ['admin', 'manager', 'staff'], true)) {
Http::abort(403, 'You do not have access to the staff dashboard.');
}
return $user;
}
public function requireAdmin(): array
{
$user = $this->requireLogin();
if ($user['role'] !== 'admin') {
Http::abort(403, 'Administrator access is required.');
}
return $user;
}
}