false, 'message' => 'email_and_password_required']; } $email = strtolower(trim($basic_profile['email'])); $existing = Filebase::read_data('users', Filebase::hash($email), 'account'); if ($existing) return ['result' => false, 'message' => 'user_exists']; $now = time(); $stored = $basic_profile; $stored['email'] = $email; $stored['password_hash'] = password_hash($basic_profile['password'], PASSWORD_DEFAULT); $stored['created'] = $now; if (!isset($stored['roles'])) $stored['roles'] = ['user']; Filebase::write_data('users', Filebase::hash($email), 'account', $stored); return ['result' => true, 'id' => $email, 'profile' => $stored]; } static function AuthWithPassword($password, $basic_profile = false) { if ($basic_profile === false) { if (!isset($_POST['email'])) return ['result' => false, 'message' => 'email_missing']; $email = strtolower(trim($_POST['email'])); $basic_profile = Filebase::read_data('users', Filebase::hash($email), 'account'); if ($basic_profile) $basic_profile['id'] = $email; } if (!$basic_profile) return ['result' => false, 'message' => 'no_such_user']; if (!isset($basic_profile['password_hash'])) return ['result' => false, 'message' => 'no_password_set']; if (password_verify($password, $basic_profile['password_hash'])) { if (session_status() !== PHP_SESSION_ACTIVE) session_start(); $_SESSION[self::$session_key] = $basic_profile['id']; self::$current_profile = $basic_profile; return ['result' => true, 'profile' => $basic_profile]; } return ['result' => false, 'message' => 'invalid_password']; } static function Permission($thing_name) { if (!self::IsSignedIn()) return false; $roles = self::$current_profile['roles'] ?? []; if (in_array('admin', $roles)) return true; $perm_map = [ 'edit' => ['admin', 'editor'], 'view' => ['admin', 'editor', 'user'], ]; $allowed = $perm_map[$thing_name] ?? ['admin']; return count(array_intersect($roles, $allowed)) > 0; } static function IsSignedIn() { if (session_status() !== PHP_SESSION_ACTIVE) session_start(); if (isset($_SESSION[self::$session_key]) && $_SESSION[self::$session_key]) { if (self::$current_profile) return true; $id = $_SESSION[self::$session_key]; $profile = Filebase::read_data('users', Filebase::hash($id), 'account'); if ($profile) { $profile['id'] = $id; self::$current_profile = $profile; return true; } unset($_SESSION[self::$session_key]); } return false; } static function Logout() { if (session_status() !== PHP_SESSION_ACTIVE) session_start(); unset($_SESSION[self::$session_key]); self::$current_profile = null; return true; } }