16235369cb
Highlights include configurable menus, specials, cart/checkout, taxes, customer accounts with email 2FA, newsletters, analytics, refunds, PDF/CSV exports, Square/Mailgun adapters, and optional MySQL migration. See README.md for setup and production configuration. Verified PHP/JavaScript syntax, responsive layouts, registration, 2FA, checkout, dashboard workflows, settings persistence, and PDF generation. Real Square, Mailgun, and MySQL connections require credentials/server access. Square implementation follows the official Payments API and Refunds API.
85 lines
2.0 KiB
PHP
85 lines
2.0 KiB
PHP
<?php
|
|
|
|
declare(strict_types=1);
|
|
|
|
namespace FatBottom\Core;
|
|
|
|
final class Auth
|
|
{
|
|
private ?array $cachedUser = null;
|
|
private bool $resolved = false;
|
|
|
|
public function __construct(private readonly Database $db)
|
|
{
|
|
}
|
|
|
|
public function user(): ?array
|
|
{
|
|
if ($this->resolved) {
|
|
return $this->cachedUser;
|
|
}
|
|
$this->resolved = true;
|
|
$id = (int) ($_SESSION['user_id'] ?? 0);
|
|
if ($id === 0) {
|
|
return null;
|
|
}
|
|
|
|
$this->cachedUser = $this->db->fetch(
|
|
'SELECT * FROM users WHERE id = ? AND active = 1',
|
|
[$id]
|
|
);
|
|
return $this->cachedUser;
|
|
}
|
|
|
|
public function check(): bool
|
|
{
|
|
return $this->user() !== null;
|
|
}
|
|
|
|
public function login(array $user): void
|
|
{
|
|
session_regenerate_id(true);
|
|
$_SESSION['user_id'] = (int) $user['id'];
|
|
unset($_SESSION['pending_2fa_user_id']);
|
|
$this->resolved = true;
|
|
$this->cachedUser = $user;
|
|
}
|
|
|
|
public function logout(): void
|
|
{
|
|
unset($_SESSION['user_id'], $_SESSION['pending_2fa_user_id']);
|
|
session_regenerate_id(true);
|
|
$this->resolved = true;
|
|
$this->cachedUser = null;
|
|
}
|
|
|
|
public function requireLogin(): array
|
|
{
|
|
$user = $this->user();
|
|
if ($user === null) {
|
|
Http::flash('warning', 'Please sign in to continue.');
|
|
Http::redirect('/login');
|
|
}
|
|
return $user;
|
|
}
|
|
|
|
public function requireStaff(): array
|
|
{
|
|
$user = $this->requireLogin();
|
|
if (!in_array($user['role'], ['admin', 'manager', 'staff'], true)) {
|
|
Http::abort(403, 'You do not have access to the staff dashboard.');
|
|
}
|
|
return $user;
|
|
}
|
|
|
|
public function requireAdmin(): array
|
|
{
|
|
$user = $this->requireLogin();
|
|
if ($user['role'] !== 'admin') {
|
|
Http::abort(403, 'Administrator access is required.');
|
|
}
|
|
return $user;
|
|
}
|
|
}
|
|
|