/** * Grant access tokens for basic user credentials. * Check the supplied username and password for validity. * * You can also use the $client_id param to do any checks required based * on a client, if you need that. * * Required for OAuth2::GRANT_TYPE_USER_CREDENTIALS. * * @param string $username Username to be check with. * @param string $password Password to be check with. * * @return boolean TRUE if the username and password are valid, and FALSE if it isn't. * Moreover, if the username and password are valid, and you want to * * @see http://tools.ietf.org/html/rfc6749#section-4.3 * * @ingroup oauth2_section_4 */ public function checkUserCredentials($username, $password) { $credentials = array('username' => $username, 'password' => $password); $response = \RUser::userLogin($credentials); return $response; }
/** * 从cursor游标得到数组 * 同时获取该记录的操作者 */ public static function getRowsFromCursor($e_cursor) { $rows = array(); $e_cursor->next(); $_ids = array(); $user_ids = array(); while ($row = $e_cursor->current()) { $t = $row->attributes; $rows[] = $t; $_ids[] = $t['_id']; if (isset($t['user'])) { if (!is_numeric($t['user'])) { //不是管理员用户 $user_ids[] = $t['user']; } } $e_cursor->next(); } $total = count($rows); if ($total > 0) { $model = $e_cursor->getModel(); $db_name = $model->getMongoDBComponent()->dbName; $c_name = $model->getCollectionName(); $criteria = new EMongoCriteria(); $criteria->db_name('==', $db_name); $criteria->c_name('==', $c_name); $criteria->r_id('in', $_ids); $criteria->limit($total); $cursor = DbAction::model()->findAll($criteria); //var_dump($_ids);exit; if ($cursor->count() > 0) { $action_info = array(); $admin_user_ids = array(); foreach ($cursor as $v) { $_id = (string) $v->r_id; $action = $v->action; $last = count($action) - 1; $admin_user_ids[] = $action[$last]['user']; $action_info[$_id] = array('action_time' => date("Y-m-d H:i", $action[$last]['time']), 'admin_id' => $action[$last]['user'], 'action_log' => isset($action[$last]['action_log']) ? $action[$last]['action_log'] : ''); } $criteria = new EMongoCriteria(); $criteria->_id('in', $admin_user_ids); $user_cursor = User::model()->findAll($criteria); $ruser_cursor = RUser::model()->findAll($criteria); $admin_names = array(); foreach ($user_cursor as $v) { $admin_names[$v->_id] = $v->name; } foreach ($ruser_cursor as $v) { $admin_names[(string) $v->_id] = $v->user_name; } foreach ($rows as $k => $v) { $_id = (string) $v['_id']; if (isset($action_info[$_id])) { $admin_id = (string) $action_info[$_id]['admin_id']; $admin_user = $admin_names[$admin_id]; $rows[$k]['action_user'] = $admin_user; $rows[$k]['action_time'] = $action_info[$_id]['action_time']; $rows[$k]['action_log'] = $action_info[$_id]['action_log']; } else { $rows[$k]['action_user'] = ''; $rows[$k]['action_time'] = ''; $rows[$k]['action_log'] = ''; } } } else { foreach ($rows as $k => $v) { $rows[$k]['action_user'] = ''; $rows[$k]['action_time'] = ''; $rows[$k]['action_log'] = ''; } } } return $rows; }
/** * Log-in client if successful or terminate api if not authorized * * @param string $scope Name of the scope to test against * @param bool $terminateIfNotAuthorized Terminate api if client is not authorized * * @throws Exception * @return bool * * @since 1.2 */ public function isAuthorized($scope, $terminateIfNotAuthorized) { $authorized = false; JFactory::getApplication()->triggerEvent('RApiHalBeforeIsAuthorizedCheck', array($scope, $terminateIfNotAuthorized, $this->options, $this->authorizationCheck, &$authorized)); if ($authorized) { return $authorized; } // OAuth2 check if ($this->authorizationCheck == 'oauth2') { /** @var $response OAuth2\Response */ $response = RApiOauth2Helper::verifyResourceRequest($scope); if ($response instanceof OAuth2\Response) { if (!$response->isSuccessful() && $terminateIfNotAuthorized) { // OAuth2 Server response is in fact correct output for errors $response->send($this->options->get('format', 'json')); JFactory::getApplication()->close(); } } elseif ($response === false && $terminateIfNotAuthorized) { throw new Exception(JText::_('LIB_REDCORE_API_OAUTH2_SERVER_IS_NOT_ACTIVE')); } else { $response = json_decode($response); if (!empty($response->user_id)) { $user = JFactory::getUser($response->user_id); // Load the JUser class on application for this client JFactory::getApplication()->loadIdentity($user); JFactory::getSession()->set('user', $user); return true; } $authorized = false || !$terminateIfNotAuthorized; } } elseif ($this->authorizationCheck == 'joomla') { // Get username and password from globals $credentials = RApiHalHelper::getCredentialsFromGlobals(); $authorized = RUser::userLogin($credentials) || !$terminateIfNotAuthorized; } if (!$authorized && $terminateIfNotAuthorized) { $customError = $this->triggerFunction('createCustomHttpError', 401, $this->apiErrors); $this->setStatusCode(401, $customError); } return $authorized || !$terminateIfNotAuthorized; }