/** * Get publicly accessible URL for the file * * @param ElggFile $file * @return string */ function elgg_file_viewer_get_public_url($file) { if (!elgg_instanceof($file, 'object', 'file')) { return ''; } if (!elgg_is_logged_in()) { return $file->getURL(); } $user = elgg_get_logged_in_user_entity(); $token = create_user_token($user->username); $base_url = elgg_normalize_url("services/api/rest/ob"); $params = array('method' => 'efv.download', 'guid' => $file->getGUID(), 'auth_token' => $token); return elgg_http_add_url_query_elements($base_url, $params); }
function engap_gettoken($username, $password) { //error_log("user".$username); if (is_email_address($username)) { $users = get_user_by_email($username); if (is_array($users) && count($users) == 1) { $user = $users[0]; $username = $user->username; } } else { $user = get_user_by_username($username); } // validate username and password if ($user instanceof ELGGUser) { if (true === elgg_authenticate($username, $password)) { //expiry in minute //1 hour = 60 //24 hours = 1440 $token = create_user_token($username, 1440); //1 day if ($token) { $return['token'] = $token; $return['username'] = $user->username; $return['user_guid'] = $user->guid; $return['email'] = $user->email; $return['phone'] = $user->phone; $return['city'] = $user->city; $return['avatar_path'] = $user->getIconURL('large'); $plugin = elgg_get_plugin_from_id("engap"); $return['plugin_version'] = $plugin->getManifest()->getVersion(); return $return; } } } throw new SecurityException(elgg_echo('SecurityException:authenticationfailed')); }
/** * The auth.gettoken API. * This API call lets a user log in, returning an authentication token which can be used * to authenticate a user for a period of time. It is passed in future calls as the parameter * auth_token. * * @param string $username Username * @param string $password Clear text password * * @return string Token string or exception * @throws SecurityException * @access private */ function auth_gettoken($username, $password) { // check if username is an email address if (is_email_address($username)) { $users = get_user_by_email($username); // check if we have a unique user if (is_array($users) && count($users) == 1) { $username = $users[0]->username; } } // validate username and password if (true === elgg_authenticate($username, $password)) { $token = create_user_token($username); if ($token) { return $token; } } throw new SecurityException(elgg_echo('SecurityException:authenticationfailed')); }
/** * The auth.gettoken API. * This API call lets a user log in, returning an authentication token which can be used * to authenticate a user for a period of time. It is passed in future calls as the parameter * auth_token. * * @param string $username Username * @param string $password Clear text password * * @return string Token string or exception * @throws SecurityException * @access private */ function auth_gettoken($username, $password) { if (true === elgg_authenticate($username, $password)) { $token = create_user_token($username); if ($token) { return $token; } } throw new SecurityException(elgg_echo('SecurityException:authenticationfailed')); }