servnest/fn/auth.php

<?php

define("USERNAME_REGEX", "^[\p{L}\p{N}_-]{1,64}$");
define("PASSWORD_REGEX", "^(?=.*[\p{Ll}])(?=.*[\p{Lu}])(?=.*[\p{N}]).{8,1024}|.{10,1024}$");

define("PLACEHOLDER_USERNAME", "lain");
define("PLACEHOLDER_PASSWORD", "••••••••••••••••••••••••");

// Password storage security
define("ALGO_PASSWORD", PASSWORD_ARGON2ID);
define("OPTIONS_PASSWORD", array(
	"memory_cost" => 65536,
	"time_cost" => 24,
	"threads" => 64,
));

function checkPasswordFormat($password) {
	if (preg_match("/" . PASSWORD_REGEX . "/u", $password) !== 1)
		userError("Password malformed.");
}

function checkUsernameFormat($username) {
	if (preg_match("/" . USERNAME_REGEX . "/u", $username) !== 1)
		userError("Username malformed.");
}

function hashPassword($password) {
	return password_hash($password, ALGO_PASSWORD, OPTIONS_PASSWORD);
}

function userExist($username) {
	return isset(query('select', 'users', ['username' => $username], 'username')[0]);
}

function checkPassword($username, $password) {
	return password_verify($password, query('select', 'users', ['username' => $username], 'password')[0]);
}

function outdatedPasswordHash($username) {
	return password_needs_rehash(query('select', 'users', ['username' => $username], 'password')[0], ALGO_PASSWORD, OPTIONS_PASSWORD);
}

function changePassword($username, $password) {
	$db = new PDO('sqlite:' . DB_PATH);

	$stmt = $db->prepare("UPDATE users SET password = :password WHERE username = :username");

	$stmt->bindValue(':username', $username);
	$stmt->bindValue(':password', hashPassword($password));

	$stmt->execute();
}