database migrations and models for users, devices, tokens

1 files changed, 63 insertions, 10 deletions

diff --git a/src/Controllers/LoginController.php b/src/Controllers/LoginController.php
index d48628b..1ff234c 100644
--- a/src/Controllers/LoginController.php
+++ b/src/Controllers/LoginController.php
@@ -2,10 +2,15 @@
 
 namespace App\Controllers;
 
+use App\Database;
+use App\Errors\AppException;
+use App\Errors\ErrorCode;
 use App\Errors\UnknownError;
-use App\Support\Parser;
+use App\Models\Device;
+use App\Models\User;
 use App\Types\LoginFlow;
 use App\Types\LoginType;
+use App\Types\UserRegistrationKind;
 use Symfony\Component\HttpFoundation\Request;
 use Symfony\Component\HttpFoundation\Response;
 use Symfony\Component\HttpFoundation\JsonResponse;
@@ -14,7 +19,6 @@ class LoginController
 {
   /**
    * GET /_matrix/client/r0/login
-   * GET /_matrix/client/v3/login
    */
   public function supportedLoginTypes(): Response
   {
@@ -31,28 +35,77 @@ class LoginController
   public function login(): Response
   {
     $request = Request::createFromGlobals();
-    $content = json_decode($request->getContent(), true);
+    $body = json_decode($request->getContent(), true);
 
     // validate login type
     $loginType = null;
     try {
-      $loginType = LoginType::from($content["type"]);
+      $loginType = LoginType::from($body["type"]);
     } catch (\ValueError $error) {
       throw new UnknownError("Bad login type.", Response::HTTP_BAD_REQUEST);
     }
 
-    // get user name
-    $user = Parser::parseUser($content["identifier"]["user"]);
+    // get user id
+    $userId = $body["identifier"]["user"];
 
     #if ($loginType == LoginType::PASSWORD) {}
 
+    $user = User::fetchWithPassword($userId, $body["password"]);
+
+    if (! $user) {
+      throw new AppException(ErrorCode::FORBIDDEN, "Invalid credentials.", Response::HTTP_FORBIDDEN);
+    }
+
+    $deviceId = $body["device_id"] ?? "";
+    $device = $user->fetchDevice($deviceId);
+
+    if (! $device) {
+      $device = Device::new(
+        $user->getId(),
+        initialDisplayName: $body["initial_device_display_name"] ?? "",
+      );
+    }
+
     return new JsonResponse([
-      "access_token" => "abc123",
-      "device_id" => "ABC",
+      "access_token" => $device->getAccessToken(),
+      "device_id" => $device->getId(),
       "expires_in_ms" => 60000,
-      "refresh_token" => "def456",
-      "user_id" => "@{$user["username"]}:{$_ENV["DOMAIN"]}",
+      "refresh_token" => $device->getRefreshToken(),
+      "user_id" => $user->getId(),
       #"well_known" => [],
     ]);
   }
+
+  /**
+   * POST /_matrix/client/v3/register
+   */
+  public function register(): Response
+  {
+    $request = Request::createFromGlobals();
+    $body = json_decode($request->getContent(), true);
+
+    $kind = UserRegistrationKind::from($request->query->get("kind") ?? "user");
+
+    $username = $body["username"];
+    $userId = "@$username:$_ENV[DOMAIN]";
+
+    Database::getInstance()->query("insert into users (id, password) values (:id, :password)", [
+      "id" => $userId,
+      "password" => $body["password"],
+    ]);
+
+    $device_id = $body["device_id"] ?? "";
+    $initialDeviceDisplayName = $body["initialDeviceDisplayName"] ?? "";
+
+    $device = Device::new($userId, $device_id, $initialDeviceDisplayName);
+    $device->insert();
+
+    return new JsonResponse([
+      "access_token" => $device->getAccessToken(),
+      "device_id" => $device->getId(),
+      "expires_in_ms" => 60000,
+      "refresh_token" => $device->getRefreshToken(),
+      "user_id" => $userId,
+    ]);
+  }
 }