Ejemplo n.º 1
0
$app->put('/account/lang', function () use($app) {
    $data = json_decode($app->request()->getBody());
    DatawrapperSession::setLanguage($data->lang);
    ok();
});
/* login user */
$app->post('/auth/login', function () use($app) {
    $payload = json_decode($app->request()->getBody());
    //  v-- don't expire login anymore
    $user = UserQuery::create()->findOneByEmail($payload->email);
    if (!empty($user) && $user->getDeleted() == false) {
        if ($user->getPwd() === secure_password($payload->pwhash)) {
            DatawrapperSession::login($user, $payload->keeplogin == true);
            ok();
        } else {
            Action::logAction($user, 'wrong-password', json_encode(get_user_ips()));
            error('login-invalid', __('The password is incorrect.'));
        }
    } else {
        error('login-email-unknown', __('The email is not registered yet.'));
    }
});
/* return the server salt for secure auth */
$app->get('/auth/salt', function () use($app) {
    ok(array('salt' => DW_AUTH_SALT));
});
/*
 *logs out the current user
 */
$app->post('/auth/logout', function () {
    $user = DatawrapperSession::getUser();
Ejemplo n.º 2
0
        } else {
            if ($curUser->isAdmin()) {
                $user = UserQuery::create()->findPK($user_id);
                $pwd = $user->getPwd();
            }
        }
        if (!empty($user)) {
            if ($user->getPwd() == $pwd) {
                // Delete user
                if (!$curUser->isAdmin()) {
                    DatawrapperSession::logout();
                }
                $user->erase();
                ok();
            } else {
                Action::logAction($user, 'delete-request-wrong-password', json_encode(get_user_ips()));
                error('wrong-password', __('The password you entered is not correct.'));
            }
        } else {
            error('user-not-found', 'no user found with that id');
        }
    } else {
        error('need-login', 'you must be logged in to do that');
    }
});
$app->put('/account/reset-password', function () use($app) {
    $payload = json_decode($app->request()->getBody());
    if (!empty($payload->token)) {
        $user = UserQuery::create()->getUserByPwdResetToken($payload->token);
        if (!empty($user)) {
            if (!empty($payload->pwd)) {