Ejemplos de ImcModelTokens en PHP

Ejemplo n.º 1

Archivo: api.json.php Proyecto: viru48/imc

 private function validateRequest($isNew = false)
 {
     $app = JFactory::getApplication();
     $token = $app->input->getString('token');
     $m_id = $app->input->getInt('m_id');
     $l = $app->input->getString('l');
     //1. check necessary arguments are exist
     if (is_null($token) || is_null($m_id) || is_null($l)) {
         $app->enqueueMessage('Either token, m_id (modality), or l (language) are missing', 'error');
         throw new Exception('Request is invalid');
     }
     //set language
     ImcFrontendHelper::setLanguage($app->input->getString('l'), array('com_users', 'com_imc'));
     //check for nonce (existing token)
     if (ImcModelTokens::exists($token)) {
         throw new Exception('Token is already used');
     }
     //2. get the appropriate key according to given modality
     $result = $this->keyModel->getItem($m_id);
     $key = $result->skey;
     if (strlen($key) < 16) {
         $app->enqueueMessage('Secret key is not 16 characters', 'error');
         throw new Exception('Secret key is invalid. Contact administrator');
     } else {
         $this->mcrypt->setKey($key);
     }
     //3. decrypt and check token validity
     $decryptedToken = $this->mcrypt->decrypt($token);
     $objToken = json_decode($decryptedToken);
     if (!is_object($objToken)) {
         throw new Exception('Token is invalid');
     }
     if (!isset($objToken->u) || !isset($objToken->p) || !isset($objToken->t) || !isset($objToken->r)) {
         throw new Exception('Token is not well formatted');
     }
     //TODO: Set timeout at options
     if (time() - $objToken->t > 3 * 60) {
         throw new Exception('Token has expired');
     }
     //4. authenticate user
     $userid = JUserHelper::getUserId($objToken->u);
     $user = JFactory::getUser($userid);
     $userInfo = array();
     if ($isNew) {
         $userInfo['username'] = $objToken->u;
         $userInfo['password'] = $objToken->p;
     } else {
         if ($objToken->u == 'imc-guest' && $objToken->p == 'imc-guest') {
             $userid = 0;
         } else {
             $match = JUserHelper::verifyPassword($objToken->p, $user->password, $userid);
             if (!$match) {
                 $app->enqueueMessage(JText::_('COM_IMC_API_USERNAME_PASSWORD_NO_MATCH'), 'error');
                 throw new Exception('Token does not match');
             }
             if ($user->block) {
                 $app->enqueueMessage(JText::_('COM_IMC_API_USER_NOT_ACTIVATED'), 'error');
                 throw new Exception(JText::_('COM_IMC_API_USER_BLOCKED'));
             }
         }
     }
     //5. populate token table
     $record = new stdClass();
     $record->key_id = $m_id;
     $record->user_id = $userid;
     //$record->json_size = $json_size;
     $record->method = $app->input->getMethod();
     $record->token = $token;
     $record->unixtime = $objToken->t;
     ImcModelTokens::insertToken($record);
     //this static method throws exception on error
     return $isNew ? $userInfo : (int) $userid;
 }

Ejemplo n.º 2

Archivo: api.json.php Proyecto: Ricardolau/imc

 private function validateRequest()
 {
     return 569;
     //TODO: REMOVE THIS LINE. ONLY FOR DEBUGGING PURPOSES
     $app = JFactory::getApplication();
     $token = $app->input->getString('token');
     $m_id = $app->input->getInt('m_id');
     $l = $app->input->getString('l');
     //1. check necessary arguments are exist
     if (is_null($token) || is_null($m_id) || is_null($l)) {
         $app->enqueueMessage('Either token, m_id (modality), or l (language) are missing', 'error');
         throw new Exception('Request is invalid');
     }
     //check for nonce (existing token)
     if (ImcModelTokens::exists($token)) {
         throw new Exception('Token is already used');
     }
     //2. get the appropriate key according to given modality
     $result = $this->keyModel->getItem($m_id);
     $key = $result->skey;
     if (strlen($key) < 16) {
         $app->enqueueMessage('Secret key is not 16 characters', 'error');
         throw new Exception('Secret key is invalid. Contact administrator');
     } else {
         $this->mcrypt->setKey($key);
     }
     //3. decrypt and check token validity
     $decryptedToken = $this->mcrypt->decrypt($token);
     $objToken = json_decode($decryptedToken);
     if (!is_object($objToken)) {
         throw new Exception('Token is invalid');
     }
     if (!isset($objToken->u) || !isset($objToken->p) || !isset($objToken->t) || !isset($objToken->r)) {
         throw new Exception('Token is not well formatted');
     }
     //TODO: Set timeout at options (default is 1 minute)
     if (time() - $objToken->t > 1 * 60) {
         throw new Exception('Token has expired');
     }
     //4. authenticate user
     $userid = JUserHelper::getUserId($objToken->u);
     $user = JFactory::getUser($userid);
     $match = JUserHelper::verifyPassword($objToken->p, $user->password, $userid);
     if (!$match) {
         $app->enqueueMessage('Either username or password do not match', 'error');
         throw new Exception('Token does not match');
     }
     if ($user->block) {
         $app->enqueueMessage('User is found but probably is not yet activated', 'error');
         throw new Exception('Token user is blocked');
     }
     //5. populate token table
     $record = new stdClass();
     $record->key_id = $m_id;
     $record->user_id = $userid;
     //$record->json_size = $json_size;
     $record->method = $app->input->getMethod();
     $record->token = $token;
     $record->unixtime = $objToken->t;
     ImcModelTokens::insertToken($record);
     //this static method throws exception on error
     return $userid;
 }