/**
* @Route ("/impersonate")
* @HttpMethod ({"GET"})
*
* @param array $params
* @throws Exception
* @return string
*/
public function impersonate(array $params)
{
if (!Config::$a['allowImpersonation']) {
throw new Exception('Impersonating is not allowed');
}
$userId = isset($params['userId']) && !empty($params['userId']) ? $params['userId'] : '';
$username = isset($params['username']) && !empty($params['username']) ? $params['username'] : '';
if (empty($userId) && empty($username)) {
throw new Exception('[username] or [userId] required');
}
$authService = AuthenticationService::instance();
$userService = UserService::instance();
if (!empty($userId)) {
$user = $userService->getUserById($userId);
} else {
if (!empty($username)) {
$user = $userService->getUserByUsername($username);
}
}
if (empty($user)) {
throw new Exception('User not found. Try a different userId or username');
}
$credentials = $authService->getUserCredentials($user, 'impersonating');
Session::start();
Session::updateCredentials($credentials);
ChatIntegrationService::instance()->setChatSession($credentials, Session::getSessionId());
return 'redirect: /';
}
/**
* Checks the users current session status
* Does a remember me login
* @return void
*/
public function init()
{
$app = Application::instance();
$authService = AuthenticationService::instance();
// If the session hasnt started, or the data is not valid (result from php clearing the session data), check the Remember me cookie
if (!Session::isStarted() || !Session::getCredentials()->isValid()) {
$userId = $authService->getRememberMe();
if ($userId !== false) {
$userManager = UserService::instance();
$user = $userManager->getUserById($userId);
if (!empty($user)) {
Session::start(Session::START_NOCOOKIE);
$credentials = $authService->getUserCredentials($user, 'rememberme');
Session::updateCredentials($credentials);
ChatIntegrationService::instance()->setChatSession($credentials, Session::getSessionId());
$authService->setRememberMe($user);
}
}
}
}
/**
* @param AuthenticationCredentials $authCreds
* @throws Exception
*/
public function handleAuthCredentials(AuthenticationCredentials $authCreds)
{
$userService = UserService::instance();
$user = $userService->getUserByAuthId($authCreds->getAuthId(), $authCreds->getAuthProvider());
if (empty($user)) {
throw new Exception('Invalid auth user');
}
// The user has registed before...
// Update the auth profile for this provider
$authProfile = $userService->getUserAuthProfile($user['userId'], $authCreds->getAuthProvider());
if (!empty($authProfile)) {
$userService->updateUserAuthProfile($user['userId'], $authCreds->getAuthProvider(), array('authCode' => $authCreds->getAuthCode(), 'authDetail' => $authCreds->getAuthDetail()));
}
// Renew the session upon successful login, makes it slightly harder to hijack
$session = Session::instance();
$session->renew(true);
$credentials = $this->getUserCredentials($user, $authCreds->getAuthProvider());
Session::updateCredentials($credentials);
ChatIntegrationService::instance()->setChatSession($credentials, Session::getSessionId());
// Variable is sent from the login form
if (Session::set('rememberme')) {
$this->setRememberMe($user);
}
}
/**
* Flag a user session for update
* @param int $userId
*/
public function flagUserForUpdate($userId)
{
$user = UserService::instance()->getUserById($userId);
$credentials = $this->getUserCredentials($user, 'session');
if (Session::instance() != null && Session::getCredentials()->getUserId() == $userId) {
// Update the current session if the userId is the same as the credential user id
Session::updateCredentials($credentials);
// Init / create the current users chat session
ChatIntegrationService::instance()->setChatSession($credentials, Session::getSessionId());
} else {
// Otherwise set a session variable which is picked up by the remember me service to update the session
$cache = Application::instance()->getCacheDriver();
$cache->save(sprintf('refreshusersession-%s', $userId), time(), intval(ini_get('session.gc_maxlifetime')));
}
ChatIntegrationService::instance()->refreshChatUserSession($credentials);
}
