back_gestalt/kernel/modules/secure/controllers/SecureRestController.php

<?php

namespace kernel\modules\secure\controllers;

use Firebase\JWT\JWT;
use Firebase\JWT\Key;
use JetBrains\PhpStorm\NoReturn;
use kernel\App;
use kernel\helpers\Debug;
use kernel\Mailing;
use kernel\modules\secure\models\SecretCode;
use kernel\modules\secure\services\SecureService;
use kernel\modules\user\models\User;
use kernel\modules\user\service\UserService;
use kernel\Request;
use kernel\RestController;
use kernel\services\TokenService;
use PHPMailer\PHPMailer\Exception;
use Random\RandomException;

class SecureRestController extends RestController
{
    public function __construct()
    {
        $this->model = new User();
    }

    /**
     * @throws RandomException
     */
    #[NoReturn] public function actionAuth(): void
    {
        $request = new Request();
        $data = $request->post();
        $model = $this->model->where('username', $data['username'])->first();
        $res = [];
        if ($model) {
            if (password_verify($data["password"], $model->password_hash)) {
                $model->access_token_expires_at = date("Y-m-d H:i:s", strtotime(App::$secure['token_expired_time']));
                $model->access_token = match (App::$secure['token_type']) {
                    "JWT" => TokenService::JWT($_ENV['SECRET_KEY'], 'HS256'),
                    "md5" => TokenService::md5(),
                    "crypt" => TokenService::crypt(),
                    "hash" => TokenService::hash('sha256'),
                    default => TokenService::random_bytes(20),
                };

                $res = [
                    "access_token" => $model->access_token,
                    "access_token_expires_at" => $model->access_token_expires_at,
                ];
            }
            $model->save();
        }
        
        $this->renderApi($res);
    }

    /**
     * @throws Exception
     * @throws RandomException
     */
    #[NoReturn] public function actionEmailAuth(): void
    {
        $mailing = new Mailing();
        $request = new Request();
        $data = $request->post();
        $model = $this->model->where('email', $data['email'])->first();

        if (!$model) {
            $password = bin2hex(random_bytes(8));

            UserService::createUserByEmailAndPassword($data['email'], $password);
            $model = UserService::getByField('email', $data['email']);

            SecureService::createSecretCode($model);
            $secretCode = SecureService::getByField("user_id", $model->id);


            $mailing->send_html("register_by_code.php", ['code' => $secretCode->code, 'password' => $password], [
                'address' => $data['email'],
                'subject' => "Код регистрации",
                "from_name" => $_ENV['APP_NAME']
            ]);
        } else {
            SecureService::updateSecretCode($model);
            $secretCode = SecureService::getByField("user_id", $model->id);

            $mailing->send_html("login_by_code.php", ['code' => $secretCode->code], [
                'address' => $data['email'],
                'subject' => "Код авторизации",
                "from_name" => $_ENV['APP_NAME']
            ]);
        }
    }

}