From b5ecdb455b45ce18c8457e824d440b26d4894c24 Mon Sep 17 00:00:00 2001
From: Thomas Chazot <tchazot63@gmail.com>
Date: Tue, 10 Jan 2023 19:16:07 +0100
Subject: [PATCH] quitter match marche + tentative hashage

---
 api-rest/gateways/userGateway.php                     | 10 ++++++++--
 bob_party/src/core/Match/matchMulti.ts                |  2 +-
 bob_party/src/core/Match/matchSolo.ts                 |  2 +-
 bob_party/src/services/matchServices/saverMatchApi.ts |  5 +++--
 4 files changed, 13 insertions(+), 6 deletions(-)

diff --git a/api-rest/gateways/userGateway.php b/api-rest/gateways/userGateway.php
index 8b26fbc..734d496 100644
--- a/api-rest/gateways/userGateway.php
+++ b/api-rest/gateways/userGateway.php
@@ -110,12 +110,16 @@ class UserGateway{
     public function getUserForConnection(string $username,string $password):?User{
         $userQuery = "SELECT * 
                       FROM T_S_USER_USR
-                      WHERE USR_USERNAME=:username
-                        AND USR_PASSWORD=:password";
+                      WHERE USR_USERNAME=:username";
         $argUsernamePassword=(array('username'=>array($username,PDO::PARAM_STR),
                                     'password'=>array($password,PDO::PARAM_STR)));
         $this->connection->execQuery($userQuery,$argUsernamePassword);
         $res=$this->connection->getRes();
+        foreach($res as $row){
+            if(!password_verify($password,$row["USR_USERNAME"])){
+                return null;
+            }
+        }
         $usr=$this->convertResToUser($res);
         if ($usr != null){
             $usr->tabSkin=$this->getSkinList($usr->id);
@@ -127,6 +131,7 @@ class UserGateway{
 /// Parameters : * $u (User): user we want to insert in database
 /// Returning TRUE if the user has been added succesfully, FALSE otherwise
     public function postUser(string $username, string $password, string $nationality, string $sex, string $dateOfBirth) {
+        $password=password_hash($password,PASSWORD_DEFAULT);
         $insertUserQuery = "INSERT INTO T_S_USER_USR VALUES (NULL, :username, :password, :nationality, :sex, :dateOfBirth, 0, 0, 0, 1)";
         $getLastIdQuery = "SELECT max(PK_ID) id FROM T_S_USER_USR";
         $argUser=array('username' => array($username, PDO::PARAM_STR), 
@@ -146,6 +151,7 @@ class UserGateway{
 /// Parameters : * $u (User): user we want to update in database
 /// Returning TRUE if the modifications has been done succesfully, FALSE otherwise
     public function putUser(int $id,string $username, string $password, string $sex, string $nationality, int $currentBobCoins,int $totalBobCoins,int $nbGamesPlayed, int $currentSkin){
+        $password=password_hash($password,PASSWORD_DEFAULT);
         $updateUserQuery="UPDATE T_S_USER_USR 
                         SET USR_USERNAME = :username, 
                             USR_PASSWORD=:password,
diff --git a/bob_party/src/core/Match/matchMulti.ts b/bob_party/src/core/Match/matchMulti.ts
index e220b24..1eaf8e5 100644
--- a/bob_party/src/core/Match/matchMulti.ts
+++ b/bob_party/src/core/Match/matchMulti.ts
@@ -10,7 +10,7 @@ export default class MatchMulti extends Match{
         super(code, inGame, tabUser, game);
     }
 
-    async updatePostMatch(user:User, points: number): void {
+    async updatePostMatch(user:User, points: number): Promise<void> {
         const manage= new UserCoinsModifier();
         await manage.addCoins(user, this.getGame().coinsCalculator(points));
     }
diff --git a/bob_party/src/core/Match/matchSolo.ts b/bob_party/src/core/Match/matchSolo.ts
index 8545f27..8eaf62d 100644
--- a/bob_party/src/core/Match/matchSolo.ts
+++ b/bob_party/src/core/Match/matchSolo.ts
@@ -10,7 +10,7 @@ export default class MatchSolo extends Match{
         super(code, inGame, tabUser, game);
     }
 
-    async updatePostMatch(user:User, points: number): void {
+    async updatePostMatch(user:User, points: number): Promise<void> {
         const manage= new UserCoinsModifier();
         await manage.addCoins(user, this.getGame().coinsCalculator(points));
     }
diff --git a/bob_party/src/services/matchServices/saverMatchApi.ts b/bob_party/src/services/matchServices/saverMatchApi.ts
index c79183f..9087c27 100644
--- a/bob_party/src/services/matchServices/saverMatchApi.ts
+++ b/bob_party/src/services/matchServices/saverMatchApi.ts
@@ -44,7 +44,7 @@ export default class SaverMatchApi implements ISaverMatch{
     }
 
     async deleteUserFromMatch(u: User): Promise<void> {
-        let url=this.baseUrl + 'deleteUserFromMatch.php/' + u.id;
+        let url=this.baseUrl + 'deleteUserFromMatch/' + u.id;
         await this.axios({
             method: 'put',
             url: url,
@@ -61,7 +61,8 @@ export default class SaverMatchApi implements ISaverMatch{
 
         await MANAGER_MATCH.getLoaderMatch().loadByID(id).then(async (response)=>{
             if (response!==undefined && response !== null){
-                if (response.getTabUsers().length<response.getGame().getNbPlayerMax() || response.getInGame()===false){
+                console.log(response.getTabUsers().length + " : " + response.getGame().getNbPlayerMax());
+                if (response.getTabUsers().length<response.getGame().getNbPlayerMax() && response.getInGame()===false){
                     response.getTabUsers().push(u);
                     match=response;
                     await this.axios({