private static function updateExistingSession(Session $session)
{
$query = "UPDATE session SET expires_on = :expiration";
$params = array("expiration" => $session->getNextExpirationTime());
if ($session->isDeleted()) {
}
$stmt = static::db()->prepare($query);
$stmt->execute($params);
}
public function __invoke(Request $request, Response $response, $next)
{
$parser = new RequestParser($request);
$data = $parser->getData();
$session_key = $username = $password = null;
if (!empty($data['session_key'])) {
$session_key = $data['session_key'];
}
if (!empty($data['username'])) {
$username = $data['username'];
}
if (!empty($data['password'])) {
$password = $data['password'];
}
if (!is_null($session_key)) {
$session = SessionRepository::getSessionByKey($session_key);
if (is_null($session)) {
$new_response = $response->withStatus(401);
$new_response->getBody()->write("Unauthorized: Invalid session key");
return $new_response;
}
$request->session = $session;
$response = $next($request, $response);
return $response;
}
if (is_null($username) || is_null($password)) {
$new_response = $response->withStatus(401);
$new_response->getBody()->write("Unauthorized: Must supply (session_key) or (username and password)");
return $new_response;
}
$user = UserRepository::getUserByUsernameAndPassword($username, $password);
if (is_null($user)) {
$new_response = $response->withStatus(401);
$new_response->getBody()->write("Unauthorized: Invalid credentials");
return $new_response;
}
$session = new Session();
$session->setUser($user);
$response = $next($request, $response);
return $response;
}
private static function insertTimezone(Timezone $tz)
{
$query = "INSERT INTO timezone( owner_id, name, city, utc_offset )\n VALUES( :owner_id, :name, :city, :utc_offset );";
$params = array("owner_id" => Session::getAuthenicatedSession()->getUser()->getId(), "name" => $tz->getName(), "city" => $tz->getCity(), "utc_offset" => $tz->getUtcOffset());
$stmt = static::db()->prepare($query);
$stmt->execute($params);
$timezone_id = static::db()->lastInsertId();
$tz->setId($timezone_id);
$session = Session::getAuthenicatedSession();
$user_id = $session->getUser()->getId();
static::insertTimezoneUserRelationship($timezone_id, $user_id);
}
private static function insertNewRole(Role $role)
{
$query = "INSERT INTO role(name,created_by) VALUES( :name, :created_by )";
$params = array("name" => $role->name, "created_by" => Session::getAuthenicatedSession()->getUser()->getId());
$stmt = static::db()->prepare($query);
$stmt->execute($params);
return $stmt->rowCount();
}
<?php
/**
* Created by PhpStorm.
* User: shannon
* Date: 12/14/15
* Time: 6:15 PM
*/
use Psr\Http\Message\ServerRequestInterface as Request;
use Psr\Http\Message\ResponseInterface as Response;
use Syndicate\Entities\Session;
use Syndicate\Repositories\SessionRepository;
use Syndicate\Utils\RequestParser;
$create_session = function (Request $request, Response $response) {
$session = Session::getAuthenicatedSession();
$user = $session->getUser();
SessionRepository::saveSession($session);
$session_data = array("session_key" => $session->getKey());
$user_data = array("id" => $user->getId(), "username" => $user->username, "first_name" => $user->first_name, "last_name" => $user->last_name);
$response_data = array("session" => $session_data, "user" => $user_data, "privileges" => $user->getPrivileges());
$response->getBody()->write(json_encode($response_data));
return $response;
};
$app->post("/session/create", $create_session);
$close_session = function (Request $request, Response $response) {
$parser = new RequestParser($request);
$data = $parser->getData();
if (empty($data['session_key'])) {
$new_response = $response->withStatus(400);
$new_response->getBody()->write("Must supply session_key");
return $new_response;
if (!empty($errors)) {
$new_response = $response->withStatus(400);
$r = array("errors" => $errors);
$new_response->getBody()->write(json_encode($r));
return $new_response;
}
$count = UserRepository::saveUserRoleRelationshipsForUserId($data['user_id'], $data['role_ids']);
$response->getBody()->write("Saved {$count} relationships");
return $response;
};
$app->post("/user/roles", $save_user_roles);
$save_timezone_activations = function (Request $request, Response $response) {
$parser = new RequestParser($request);
$data = $parser->getData();
$errors = array();
$user_id = Session::getAuthenicatedSession()->getUser()->getId();
if (!empty($data['user_id'])) {
$user_id = $data['user_id'];
}
if (!is_numeric($data['user_id'])) {
$errors[] = "User id should be numeric";
}
$activate = array();
if (!empty($data['activate'])) {
$activate = $data['activate'];
}
$deactivate = array();
if (!empty($data['deactivate'])) {
$deactivate = $data['deactivate'];
}
if (empty($activate) && empty($deactivate)) {
