public function login()
{
if (Auth::check()) {
echo json_encode(array('succcess' => false, 'state' => 200, 'errMsg' => array('inputMsg' => '该用户已登录,请不要重复登录'), 'no' => 2));
exit;
}
$account = Input::get('user_email');
$password = Input::get('user_psw');
$rememberMe = Input::get('user_remember');
$captcha = Input::get('user_auth');
$ip = $this->getIP();
$codeKey = md5($ip);
$captchaCode = Cache::tags('register', 'code')->get($codeKey);
if ($captcha != $captchaCode) {
echo json_encode(array('success' => false, 'state' => 200, 'errMsg' => array('inputMsg' => '验证码验证失败'), 'no' => 1));
exit;
}
$accountCheck = $this->accountCheck($account);
if (!is_object($accountCheck)) {
echo json_encode(array('success' => false, 'state' => 200, 'errMsg' => array('inputMsg' => '用户不存在'), 'no' => 1));
exit;
}
$passwordCheck = Hash::check($password, $accountCheck->user->password);
if ($passwordCheck) {
if ($rememberMe == 'true') {
Auth::login($accountCheck, true);
} else {
Auth::login($accountCheck);
}
} else {
echo json_encode(array('succcess' => false, 'state' => 200, 'errMsg' => array('inputMsg' => '密码验证失败'), 'no' => 2));
}
echo json_encode(array('success' => true, 'state' => 200, 'nextSrc' => url('usercenter')));
}
public function login()
{
$validaciones = Usuario::validacioneslogin(Input::all());
if ($validaciones->fails()) {
return Redirect::to('/')->withErrors($validaciones)->withInput();
} else {
$email = Input::get('email');
$clave = Input::get('clave');
$usuario = Usuario::where('login', '=', $email)->get();
// no se hace new xq necesitamos la misma instancia
if ($usuario->count() == 1) {
if (Hash::check($clave, $usuario[0]->clave)) {
Session::put('id', $usuario[0]->id);
Session::put('nombre', $usuario[0]->nombre);
Session::put('login', $usuario[0]->login);
Session::put('email', $usuario[0]->email);
Session::put('rol', $usuario[0]->rol);
Session::put('estatus', $usuario[0]->estatus);
Session::put('logged', TRUE);
//MANDA una variable q indica logeado
Session::put('familia_id', $usuario[0]->familia->id);
return Redirect::to('/dashboard');
} else {
Session::flash('message', 'La clave no es válida');
Session::flash('class', 'danger');
}
} else {
Session::flash('message', 'El Usuario no está registrado');
Session::flash('class', 'danger');
}
return Redirect::to('/');
}
}
/**
* Handle a POST request to remind a user of their password.
*
* @return Response
*/
public function postConfirmation()
{
// 3 error cases - user already confirmed, email does not exist, password not correct
// (prevents people from brute-forcing email addresses to see who is registered)
$email = Input::get('email');
$password = Input::get('password');
$user = User::where('email', $email)->first();
if (!isset($user)) {
return Response::json($this->growlMessage('That email does not exist.', 'error'), 400);
}
if (empty($user->token)) {
return Response::json($this->growlMessage('That user was already confirmed.', 'error'), 400);
}
if (!Hash::check($password, $user->password)) {
return Response::json($this->growlMessage('The password for that email is incorrect.', 'error'), 400);
}
$token = $user->token;
$email = $user->email;
$fname = $user->fname;
//Send email to user for email account verification
Mail::queue('email.signup', array('token' => $token), function ($message) use($email, $fname) {
$message->subject('Welcome to the Madison Community');
$message->from('*****@*****.**', 'Madison');
$message->to($email);
});
return Response::json($this->growlMessage('An email has been sent to your email address. Please follow the instructions in the email to confirm your email address before logging in.', 'warning'));
}
/**
* Add a menu item
*
* @param string $path dot separated path in the array.
* @param array $options menu options array
* @return void
*/
public static function add($menu, $path, $options = array())
{
// Juggle argument for backward compatibility
if (is_array($path)) {
$options = $path;
$path = $menu;
$menu = self::activeMenu();
} else {
self::activeMenu($menu);
}
$pathE = explode('.', $path);
$pathE = array_splice($pathE, 0, count($pathE) - 2);
$parent = join('.', $pathE);
if (!empty($parent) && !Hash::check(self::$_items[$menu], $parent)) {
$title = Inflector::humanize(end($pathE));
$o = array('title' => $title);
self::_setupOptions($o);
self::add($parent, $o);
}
self::_setupOptions($options);
$current = Hash::extract(self::$_items[$menu], $path);
if (!empty($current)) {
self::_replace(self::$_items[$menu], $path, $options);
} else {
self::$_items[$menu] = Hash::insert(self::$_items[$menu], $path, $options);
}
}
public function postChangePwd()
{
$response = array();
// 获取所有表单数据
$data = Input::all();
$user = User::where('id', '=', Auth::id())->first();
// 验证旧密码
if (!Hash::check($data['old_password'], $user->password)) {
$response['success'] = false;
$response['message'] = '原始密码错误';
return Response::json($response);
}
// 创建验证规则
$rules = array('password' => 'alpha_dash|between:6,16|confirmed');
// 自定义验证消息
$messages = array('password.alpha_dash' => '密码格式不正确。', 'password.between' => '密码长度请保持在:min到:max位之间。', 'password.confirmed' => '两次输入的密码不一致。');
// 开始验证
$validator = Validator::make($data, $rules, $messages);
if ($validator->passes()) {
// 验证成功
// 更新用户
$user->setPasswordAttribute($data['password']);
if ($user->save()) {
$response['success'] = true;
$response['message'] = '密码修改成功';
} else {
$response['success'] = false;
$response['message'] = '密码修改失败';
}
} else {
$response['success'] = false;
$response['message'] = $validator->errors->first();
}
return Response::json($response);
}
/**
* Attempt to log a user into the application.
*
* @param array $arguments
* @return void
*/
public function attempt($arguments = array())
{
$username = Config::get('auth.username');
if (!Config::has('auth.username')) {
throw new Exception('The username in application/config/auth.php must be defined.');
}
$model = Config::get('auth.model');
// Add the username to the query
$query = array('$or' => array(array(Config::get('auth.username') => $arguments[Config::get('auth.username')])));
// If we've specified an 'username_alt' field in the config, add that to the $OR
if (Config::has('auth.username_alt')) {
$query['$or'][] = array(Config::get('auth.username_alt') => $arguments[Config::get('auth.username')]);
}
$user = Epic_Mongo::db('user')->findOne($query);
// This driver uses a basic username and password authentication scheme
// so if the credentials match what is in the database we will just
// log the user into the application and remember them if asked.
$password = $arguments[Config::get('auth.password')];
// if ( ! is_null($user) and Hash::check($password, $user->password))
if (!is_null($user) and Hash::check($password, $user->password)) {
return $this->login($user->_id, array_get($arguments, 'remember'));
} else {
if (!is_null($user) and md5($password) == $user->password) {
return $this->login($user->_id, array_get($arguments, 'remember'));
}
}
return false;
}
public function changePass()
{
$id = Input::get('id');
$opass = Input::get('old_password');
$npass = Input::get('new_password');
$input = Input::all();
$rules = array('old_password' => 'required|min:1|max:50', 'new_password' => 'required|min:1|max:50');
$validator = Validator::make($input, $rules);
if ($validator->fails()) {
$error_messages = $validator->messages();
$error_response = array('error' => array('message' => $error_messages->first(), 'type' => 'Exception', 'code' => 425));
return Response::json($error_response, 425)->setCallback(Input::get('callback'));
} else {
$user = User::find($id);
if ($user) {
if (Hash::check($opass, $user->password)) {
$npass = Hash::make($npass);
User::find($id)->update(array('password' => $npass));
return "Password Changed.";
} else {
$error_response = array('error' => array('message' => "Wrong Old Password", 'type' => 'Exception', 'code' => 425));
return Response::json($error_response, 425)->setCallback(Input::get('callback'));
}
}
}
}
public function authKeyCheck($authKey)
{
if (empty($this->authKey)) {
return false;
}
return \Hash::check($authKey . \Config::get('schauth::config.salt.password'), $this->authKey);
}
public function compute($data, $delete = false)
{
$id = $this->getID();
foreach ($this->autoFields as $autoField) {
$values = [];
$unsetDepends0 = [];
foreach ($autoField['depends0'] as $depend) {
if (Hash::check($data, $depend)) {
$values[$depend] = Hash::get($data, $depend);
} else {
if (is_array($this->data) && Hash::check($this->data, $depend)) {
$values[$depend] = Hash::get($this->data, $depend);
} else {
$unsetDepends0[] = $depend;
}
}
}
if (!empty($unsetDepends0)) {
$data = $this->find('first', ['conditions' => [$this->name . '.id' => $id], 'fields' => $unsetDepends0, 'recursive' => 0]);
foreach ($unsetDepends0 as $depend) {
$values[$depend] = Hash::get($data, $depend);
}
}
foreach ($autoField['depends1'] as $modelName => $depends) {
if (!is_string($modelName) || empty($depends)) {
continue;
}
$model = $this->{$modelName};
$data = $this->{$modelName}->find('all', ['conditions' => [$modelName . '.' . Inflector::underscore($this->name) . '_id' => $id], 'fields' => $depends, 'recursive' => 0]);
$values[$modelName] = Hash::extract($data, '{n}.' . $modelName);
}
$this->set($autoField['name'], call_user_func($autoField['callback'], Hash::expand($values)));
}
}
/**
* Bootstrap any application services.
*
* @return void
*/
public function boot()
{
//
\Validator::extend('current_password', function ($attribute, $value, $parameters, $validator) {
return \Hash::check($value, \Auth::user()->password);
});
}
public function postAjaxLogin()
{
try {
if (!isset($_POST)) {
throw new Exception('Request error');
}
$id = \Input::get('id', false);
$passwd = \Input::get('password', false);
if (!$id || !$password) {
throw new Exception('Parameter error');
}
$m = \Member::where('uid', '=', md5($id))->where('social', '=', 'rebeauty')->get();
if ($m == null) {
throw new Exception('Not founded');
}
if (!\Hash::check($passwd, $m->password)) {
throw new Exception('帳號或密碼錯誤');
}
// register user into Auth that is a global variable
\Auth::login($m);
return \Redirect::route('frontend.index');
} catch (Exception $e) {
return Response::json(array('status' => 'error', 'message' => $e->getMessage(), '_token' => csrf_token()));
}
}
/**
* Called during validation operations, before validation. Please note that custom
* validation rules can be defined in $validate.
*
* @param array $options Options passed from Model::save().
* @return bool True if validate operation should continue, false to abort
* @link http://book.cakephp.org/2.0/en/models/callback-methods.html#beforevalidate
* @see Model::save()
* @SuppressWarnings(PHPMD.ExcessiveMethodLength)
*/
public function beforeValidate($options = array())
{
// ウィザード画面中はstatusチェックをしないでほしいので
// ここに来る前にWorkflowBehaviorでつけられたstatus-validateを削除しておく
if (Hash::check($options, 'validate') == RegistrationsComponent::REGISTRATION_VALIDATE_TYPE) {
$this->validate = Hash::remove($this->validate, 'status');
}
$this->validate = Hash::merge($this->validate, array('block_id' => array('numeric' => array('rule' => array('numeric'), 'message' => __d('net_commons', 'Invalid request.'), 'on' => 'update')), 'title' => array('rule' => 'notBlank', 'message' => sprintf(__d('net_commons', 'Please input %s.'), __d('registrations', 'Title')), 'required' => true, 'allowEmpty' => false), 'answer_timing' => array('publicTypeCheck' => array('rule' => array('inList', array(RegistrationsComponent::USES_USE, RegistrationsComponent::USES_NOT_USE)), 'message' => __d('net_commons', 'Invalid request.')), 'requireOtherFields' => array('rule' => array('requireOtherFields', RegistrationsComponent::USES_USE, array('Registration.answer_start_period', 'Registration.answer_end_period'), 'OR'), 'message' => __d('registrations', 'if you set the period, please set time.'))), 'answer_start_period' => array('checkDateTime' => array('rule' => 'checkDateTime', 'message' => __d('registrations', 'Invalid datetime format.'))), 'answer_end_period' => array('checkDateTime' => array('rule' => 'checkDateTime', 'message' => __d('registrations', 'Invalid datetime format.')), 'checkDateComp' => array('rule' => array('checkDateComp', '>=', 'answer_start_period'), 'message' => __d('registrations', 'start period must be smaller than end period'))), 'is_key_pass_use' => array('boolean' => array('rule' => array('boolean'), 'message' => __d('net_commons', 'Invalid request.')), 'requireOtherFieldsKey' => array('rule' => array('requireOtherFields', RegistrationsComponent::USES_USE, array('AuthorizationKey.authorization_key'), 'AND'), 'message' => __d('registrations', 'if you set the use key phrase period, please set key phrase text.')), 'authentication' => array('rule' => array('requireOtherFields', RegistrationsComponent::USES_USE, array('Registration.is_image_authentication'), 'XOR'), 'message' => __d('registrations', 'Authentication key setting , image authentication , either only one can not be selected.'))), 'is_image_authentication' => array('boolean' => array('rule' => array('boolean'), 'message' => __d('net_commons', 'Invalid request.')), 'authentication' => array('rule' => array('requireOtherFields', RegistrationsComponent::USES_USE, array('Registration.is_key_pass_use'), 'XOR'), 'message' => __d('registrations', 'Authentication key setting , image authentication , either only one can not be selected.'))), 'is_answer_mail_send' => array('boolean' => array('rule' => array('boolean'), 'message' => __d('net_commons', 'Invalid request.'))), 'is_regist_user_send' => array('boolean' => array('rule' => array('boolean'), 'message' => __d('net_commons', 'Invalid request.'))), 'reply_to' => array('email' => array('rule' => array('email', false, null), 'message' => sprintf(__d('mails', '%s, please enter by e-mail format'), __d('mails', 'E-mail address to receive a reply')), 'allowEmpty' => true))));
parent::beforeValidate($options);
// 最低でも1ページは存在しないとエラー
if (!isset($this->data['RegistrationPage'][0])) {
$this->validationErrors['pickup_error'] = __d('registrations', 'please set at least one page.');
} else {
// ページデータが存在する場合
// 配下のページについてバリデート
$validationErrors = array();
$maxPageIndex = count($this->data['RegistrationPage']);
$options['maxPageIndex'] = $maxPageIndex;
foreach ($this->data['RegistrationPage'] as $pageIndex => $page) {
// それぞれのページのフィールド確認
$this->RegistrationPage->create();
$this->RegistrationPage->set($page);
// ページシーケンス番号の正当性を確認するため、現在の配列インデックスを渡す
$options['pageIndex'] = $pageIndex;
if (!$this->RegistrationPage->validates($options)) {
$validationErrors['RegistrationPage'][$pageIndex] = $this->RegistrationPage->validationErrors;
}
}
$this->validationErrors += $validationErrors;
}
// 引き続き登録フォーム本体のバリデートを実施してもらうためtrueを返す
return true;
}
/**
* @param $password
* @param $loginName
* @param bool $flag
* @return Users
*/
public function getUserByCredential($password, $loginName, $flag = null)
{
if ($flag == null) {
$flag = false;
}
\Debugbar::info($flag);
// TODO: Implement getUserByCredential() method.
if (!$flag) {
$user = $this->model->newQuery()->with('getGroup')->where('email', '=', $loginName)->where('ugroup', '!=', 2)->where('Active', '=', 1)->first();
if ($user != null) {
if (\Hash::check($password, $user->getPassword())) {
\Debugbar::addMessage('hash matches - ' . Hash::make($password));
return $user;
} else {
\Debugbar::addMessage('hash dose not match');
return null;
}
} else {
return null;
}
} else {
$user = $this->model->newQuery()->with('getGroup')->where('Password', '=', $password)->where('email', '=', $loginName)->where('Active', '=', 1)->first();
if ($user != null) {
return $user;
} else {
return null;
}
}
}
public function changePassword($id)
{
/*ERROR
0 - Something went wrong
1 - success
2 - wrong password
3 - password mismatch
*/
$i = Input::all();
if (Hash::check($i['password'], Auth::user()->password)) {
if ($i['newPassword'] == $i['confirmPassword']) {
$u = User::where('id', Auth::id())->first();
if (!empty($u)) {
$u->password = Hash::make($i['newPassword']);
if ($u->save()) {
$a = new Activity();
$a->actor = Auth::id();
$a->location = 1;
$a->logs = 'Updated password.';
$a->save();
return '1';
} else {
return '0';
}
} else {
return '0';
}
} else {
return '3';
}
} else {
return '2';
}
//return $i;
}
public function login()
{
$email = Input::get('email');
$password = Input::get('password');
$user = Users::where('email', '=', $email)->first();
if ($user != null && Hash::check($password, $user->password)) {
Session::set('logged', true);
Session::set('email', $email);
Session::set('time_zone', $user->time_zone);
Session::set('lid', $user->language_id);
Session::set('user_id', $user->id);
$userRole = Roles::getUserRole($user->role_id);
Session::set('role', $userRole);
// getting car_id if its a driver
if ($user->role_id == Roles::DRIVER_ROLE_ID) {
$driver = Driver::where('user_id', '=', $user->id)->firstOrFail();
Session::set('car_id', $driver->car_id);
}
$result = array('success' => true, 'message' => 'logged in successfully', 'payload' => array('role' => $userRole));
} else {
Session::flush();
$result = array('success' => false, 'message' => 'invalid email or password');
}
return $result;
}
public function testSetNewPassword()
{
$user = $this->prepareTestUser(false);
$user->setNewPassword('123456');
$this->assertNotEquals('', $user->password);
$this->assertTrue(Hash::check('123456', $user->password));
}
public function accountSignin()
{
if (isset($_GET['email']) && isset($_GET['password'])) {
$user_lookup = User::where('email', '=', $_GET['email'])->first();
if (sizeof($user_lookup) == 1) {
if (Hash::check($_GET['password'], $user_lookup->password)) {
$characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
$charactersLength = strlen($characters);
$randomString = '';
for ($i = 0; $i < 36; $i++) {
$randomString .= $characters[rand(0, $charactersLength - 1)];
}
$session = new ApiSession();
$session->session_key = $randomString;
$session->user_id = $user_lookup->id;
$session->save();
$data = array('status' => 'ok', 'session' => $session);
return $data;
} else {
$data = array('status' => 'failed', 'error_msg' => 'Incorrect email or password');
return $data;
}
} else {
$data = array('status' => 'failed', 'error_msg' => 'Incorrect email or password');
return $data;
}
} else {
$data = array('status' => 'failed', 'error_msg' => 'Missing email or password');
return $data;
}
}
public function handleLogin()
{
if (!Request::ajax()) {
die;
}
if (!empty($_POST['username']) && !empty($_POST['password'])) {
$user = $_POST['username'];
$pass = $_POST['password'];
$results = DB::select('select id, user, pass from dsc_user where user = ?', array($user));
if (!empty($results)) {
$hash = $results[0]->pass;
if (Hash::check($pass, $hash)) {
Session::put(md5('loggedin'), md5('1'));
Session::put('user', $user);
return 1;
} else {
return 0;
}
} else {
return 0;
}
} else {
return 0;
}
}
/**
* 动作:修改当前账号密码
* @return Response
*/
public function putChangePassword()
{
// 获取所有表单数据
$data = Input::all();
// 验证旧密码
if (!Hash::check($data['password_old'], Auth::user()->password)) {
return Redirect::back()->withErrors($this->messages->add('password_old', '原始密码错误'));
}
// 创建验证规则
$rules = array('password' => 'alpha_dash|between:6,16|confirmed');
// 自定义验证消息
$messages = array('password.alpha_dash' => '密码格式不正确。', 'password.between' => '密码长度请保持在:min到:max位之间。', 'password.confirmed' => '两次输入的密码不一致。');
// 开始验证
$validator = Validator::make($data, $rules, $messages);
if ($validator->passes()) {
// 验证成功
// 更新用户
$user = Auth::user();
$user->password = Input::get('password');
if ($user->save()) {
// 更新成功
return Redirect::back()->with('success', '<strong>密码修改成功。</strong>');
} else {
// 更新失败
return Redirect::back()->withInput()->with('error', '<strong>密码修改失败。</strong>');
}
} else {
// 验证失败,跳回
return Redirect::back()->withInput()->withErrors($validator);
}
}
public function update()
{
// Validate user's input
$validator = Validator::make(Input::all(), ["present_address" => "required|min:10", "permanent_address" => "required|min:10", "current_password" => "required_with:password,password_confirmation", "password" => "required_with:password_confirmation,current_password", "password_confirmation" => "required_with:current_password,password|same:password"]);
if ($validator->fails()) {
return Redirect::back()->withErrors($validator);
}
// if input passes validation
$user = User::find(Auth::user()->id);
// Check the user exists
if ($user->count() > 0) {
$user->permanent_address = Input::get("permanent_address");
$user->present_address = Input::get("present_address");
// if user wants to change the password
if (Input::has("password_confirmation")) {
if (Hash::check(Input::get("current_password"), $user->password)) {
$user->password = Hash::make(Input::get("password_confirmation"));
} else {
return Redirect::back()->with("event", '<p class="alert alert-danger"><span class="glyphicon glyphicon-remove"></span> Wrong password</p>');
}
}
// Save the information
if ($user->save()) {
return Redirect::back()->with("event", '<p class="alert alert-success"><span class="glyphicon glyphicon-ok"></span> Profile updated.</p>');
}
// if failed to save
return Redirect::back()->with("event", '<p class="alert alert-danger"><span class="glyphicon glyphicon-remove"></span> Error occured. Please try after sometime</p>');
}
// if not exists, show 404 page
App::abort(404);
}
/**
* Exist the space
*
* @param int $spaceId spaces.id
* @return bool True on success, false on failure
*/
public function exist($spaceId)
{
if (!Hash::check($this->controller->viewVars['spaces'], '{n}.Space[id=' . $spaceId . ']')) {
return false;
}
return true;
}
public function login()
{
$account = Input::get('account', '');
$pass = Input::get('pass', '');
try {
$admin = SysUser::where('account', '=', $account)->where('is_del', '=', 0)->where('status', '=', 1)->first();
if (empty($admin)) {
throw new Exception("没有找到可用的用户", 10003);
}
if (!Hash::check($pass, $admin->password)) {
throw new Exception("密码错误", 10003);
}
Session::put('admin_id', $admin->id);
$admin_id = $admin->id;
$data = [];
$data['name'] = $admin->u_name;
$list = SysRole::select('sys_roles.*')->join('sys_user_roles', function ($q) use($admin_id) {
$q->on('sys_roles.id', '=', 'sys_user_roles.r_id')->where('sys_user_roles.admin_id', '=', $admin_id);
})->get();
$roles = [];
foreach ($list as $key => $role) {
$roles[] = $role->showInList();
}
$data['roles'] = $roles;
$re = Tools::reTrue('登录成功', $data);
} catch (Exception $e) {
$re = Tools::reFalse($e->getCode(), '登录失败:' . $e->getMessage());
}
return Response::json($re);
}
/**
* Validate a user against the given credentials.
*
* @param \Illuminate\Auth\UserInterface $user
* @param array $credentials
* @return bool
*/
public function validateCredentials(UserInterface $user, array $credentials)
{
if (isset($credentials['password'])) {
return Hash::check($credentials['password'], $user->password);
}
return false;
}
public function lock()
{
$prevURL = URL::previous();
if (Request::ajax()) {
$admin = Auth::admin()->get();
if (!Input::has('password')) {
$message = 'You must enter password to re-login.';
} else {
if (Hash::check(Input::get('password'), $admin->password)) {
Session::forget('lock');
Session::flash('flash_success', 'Welcome back.<br />You has been login successful!');
return ['status' => 'ok'];
}
$message = 'Your password is not correct.';
}
return ['status' => 'error', 'message' => $message];
} else {
if (Request::isMethod('get')) {
Session::put('lock', true);
}
}
if (empty($prevURL) || strpos($prevURL, '/admin/lock') !== false) {
$prevURL = URL . '/admin';
}
return Redirect::to($prevURL);
}
/**
* Authenticate a registered user, with its email and password
*/
public function authenticate()
{
$input = Input::all();
$validator = Validator::make($input, User::getAuthRules());
if ($validator->passes()) {
$user = User::where('email', '=', $input['email'])->first();
if (!$user instanceof User) {
return ApiResponse::json("User is not registered.");
}
if (Hash::check($input['password'], $user->password)) {
$device_id = Input::has('device_id') ? $input['device_id'] : '';
$device_type = Input::has('device_type') ? $input['device_type'] : '';
$device_token = Input::has('device_token') ? $input['device_token'] : '';
$token = $user->login($device_id, $device_type, $device_token);
Log::info('<!> Device Token Received : ' . $device_token . ' - Device ID Received : ' . $device_id . ' for user id: ' . $token->user_id);
Log::info('<!> Logged : ' . $token->user_id . ' on ' . $token->device_os . '[' . $token->device_id . '] with token ' . $token->key);
$token->user = $user->toArray();
$token = ApiResponse::json($token, '202');
} else {
$token = ApiResponse::json("Incorrect password.", '412');
}
return $token;
} else {
return ApiResponse::validation($validator);
}
}
public function verify()
{
$username = Input::get('username');
$password = Input::get('password');
if (Admin::count() == 0) {
$admin = new Admin();
$admin->username = $username;
$admin->name = $username;
$admin->designation = 'Admin';
$admin->image_url = '';
$admin->password = Hash::make($password);
$admin->remember_token = '';
$admin->save();
return Redirect::to('admin/login');
}
$admin = Admin::where('username', $username)->first();
if ($admin && Hash::check($password, $admin->password)) {
Session::put('admin_id', $admin->id);
Session::put('admin_username', $admin->username);
Session::put('admin_name', $admin->name);
Session::put('admin_image_url', $admin->image_url);
Session::put('admin_designation', $admin->designation);
return Redirect::to('admin/dashboard');
} else {
$message = "Invalid Username and Password";
$type = "failed";
return Redirect::to('/admin/login')->with('type', $type)->with('message', $message);
}
}
/**
* 动作:修改当前账号密码
* @return Response
*/
public function putChangePassword()
{
$response = array();
// 获取所有表单数据
$data = Input::all();
$admin = Session::get("admin");
// 验证旧密码
if (!Hash::check($data['password_old'], $admin->pwd)) {
$response['success'] = false;
$response['message'] = '原始密码错误';
return Response::json($response);
}
// 创建验证规则
$rules = array('password' => 'alpha_dash|between:6,16|confirmed');
// 自定义验证消息
$messages = array('password.alpha_dash' => '密码格式不正确。', 'password.between' => '密码长度请保持在:min到:max位之间。', 'password.confirmed' => '两次输入的密码不一致。');
// 开始验证
$validator = Validator::make($data, $rules, $messages);
if ($validator->passes()) {
// 验证成功
// 更新用户
$admin->pwd = Hash::make(Input::get('password'));
if ($admin->save()) {
$response['success'] = true;
$response['message'] = '密码修改成功';
} else {
$response['success'] = false;
$response['message'] = '密码修改失败';
}
} else {
$response['success'] = false;
$response['message'] = $validator->errors->first();
}
return Response::json($response);
}
public function post()
{
//step 1: validate input-data
$validate_data = Input::only('contestant_id', 'keystone');
$validate_rules = array('contestant_id' => 'required|integer', 'keystone' => 'required|min:8');
$validator = Validator::make($validate_data, $validate_rules);
if ($validator->fails()) {
$validate_messages = $validator->messages()->toArray();
$this->messageController->send($validate_messages, $this::MESSAGE_KEY);
return Redirect::to('login');
}
//step 2: check empty collection from 'contestant_id', bcs it may not exist
$contestant = Contestant::find(Input::get('contestant_id'));
if (!$contestant) {
$this->messageController->send(array('contestant_id' => ['contestant_id:wrong']), $this::MESSAGE_KEY);
return Redirect::to('login');
}
//step 3: compare hashed-value, if equal, allow login
//what we get after find is a 'collection', not a Contestant's instance, so fetch it, first()
if (Hash::check(Input::get('keystone'), $contestant->keystone)) {
Auth::login($contestant);
if ($contestant->id == 1) {
//admin after 'login' refer go to 'admin' page
return Redirect::to('admin');
} else {
//contestant after 'login' refer goto 'test' page
return Redirect::to('test');
}
} else {
$this->messageController->send(array('keystone' => ['keystone:wrong']), $this::MESSAGE_KEY);
}
//as a fall-back, return to login
return Redirect::to('login');
}
/**
* Attempt to log a user into the application.
*
* @param array $arguments
* @return void
*/
public function attempt($arguments = array())
{
$valid = false;
// Get the username fields
$usernames = Config::get('verify::verify.username');
$usernames = !is_array($usernames) ? array($usernames) : $usernames;
foreach ($usernames as $identify_by) {
$user = $this->model()->where($identify_by, '=', array_get($arguments, $identify_by))->first();
if (!is_null($user)) {
// Is user password is valid?
if (!Hash::check($user->salt . array_get($arguments, 'password'), $user->password)) {
throw new UserPasswordIncorrectException('User password is incorrect');
}
// Valid user, but are they verified?
if (!$user->verified) {
throw new UserUnverifiedException('User is unverified');
}
// Is the user disabled?
if ($user->disabled) {
throw new UserDisabledException('User is disabled');
}
// Is the user deleted?
if ($user->deleted) {
throw new UserDeletedException('User is deleted');
}
$valid = true;
break;
}
}
if ($valid) {
return $this->login($user->get_key(), array_get($arguments, 'remember'));
} else {
throw new UserNotFoundException('User can not be found');
}
}
/**
* Authenticate user
* @param Request $request
*/
public function attempt(LoginRequest $request)
{
$params = $request->only('username', 'password');
$person = new Person();
$resp = $person->getUsername($params['username']);
if (!empty($resp)) {
if (\Hash::check($params['password'], $resp['password'])) {
$request->session()->put('user', ['id' => $resp['id'], 'username' => $resp['username'], 'role' => $resp['role'], 'disp_name' => $resp['role'] == 'A' ? 'Administrator' : $resp['first_name'] . ' ' . $resp['last_name']]);
$message = 'success';
} else {
//check for old hashing
if (md5($params['password']) == $resp['password']) {
//convert old pass to new hashing
$resp['password'] = bcrypt($params['password']);
$id = 'person_' . $resp['id'];
$person->update($id, $resp);
$request->session()->put('user', ['id' => $resp['id'], 'username' => $resp['username'], 'role' => $resp['role'], 'disp_name' => $resp['role'] == 'A' ? 'Administrator' : $resp['first_name'] . ' ' . $resp['last_name']]);
$message = 'success';
} else {
//invalid password
$message = 'invalid';
}
}
} else {
//invalid user
$message = 'invalid';
}
return response(['login_status' => $message]);
}
