public function oauth($tokenid)
{
$successURL = isset($_GET['returnurl']) ? $_GET['returnurl'] : new URL('auth', 'invalidReturn');
$failureURL = isset($_GET['cancelurl']) ? $_GET['cancelurl'] : $successURL;
$grant = isset($_GET['grant']) ? (int) $_GET['grant'] === 1 : null;
$session = Session::getInstance();
$token = db()->table('token')->get('token', $tokenid)->fetch();
#No token, no access
if (!$token) {
throw new PublicException('No token', 404);
}
$this->view->set('token', $token);
$this->view->set('cancelURL', $failureURL);
$this->view->set('continue', (string) new URL('auth', 'oauth', $tokenid, array_merge($_GET->getRaw(), array('grant' => 1))));
if (!$session->getUser()) {
return $this->response->getHeaders()->redirect(new URL('user', 'login', array('returnto' => (string) URL::current())));
}
if ($grant === false) {
return $this->response->getHeaders()->redirect($failureURL);
}
if ($grant === true) {
$token->user = $this->user;
$token->store();
return $this->response->getHeaders()->redirect($successURL);
}
}
public function _onload()
{
#Get the user session, if no session is given - we skip all of the processing
#The user could also check the token
$s = Session::getInstance();
$u = $s->getUser();
$t = isset($_GET['token']) ? db()->table('token')->get('token', $_GET['token'])->fetch() : null;
if (!$u && !$t) {
return;
}
#Export the user to the controllers that may need it.
$user = $u ? db()->table('user')->get('_id', $u)->fetch() : $t->user;
$this->user = $user;
$this->token = $t;
try {
#Check if the user is an administrator
$admingroupid = SysSettingModel::getValue('admin.group');
$isAdmin = !!db()->table('user\\group')->get('group__id', $admingroupid)->addRestriction('user', $user)->fetch();
} catch (PrivateException $e) {
$isAdmin = false;
}
$this->isAdmin = $isAdmin;
$this->view->set('authUser', $this->user);
$this->view->set('userIsAdmin', $isAdmin);
}
public function logout()
{
$s = Session::getInstance();
$s->destroy();
return $this->response->getHeaders()->redirect(new URL());
}
