/**
* Check authentication cookie and set global
*/
static function authenticate()
{
global $Database, $signedIn, $currentUser, $Color, $color;
CSRFProtection::detect();
if (!POST_REQUEST && isset($_GET['CSRF_TOKEN'])) {
HTTP::redirect(CSRFProtection::removeParamFromURL($_SERVER['REQUEST_URI']));
}
if (!Cookie::exists('access')) {
return;
}
$authKey = Cookie::get('access');
if (!empty($authKey)) {
if (!preg_match(new RegExp('^[a-f\\d]+$', 'iu'), $authKey)) {
$oldAuthKey = $authKey;
$authKey = bin2hex($authKey);
$Database->where('token', sha1($oldAuthKey))->update('sessions', array('token' => sha1($authKey)));
Cookie::set('access', $authKey, time() + Time::$IN_SECONDS['year'], Cookie::HTTPONLY);
}
$currentUser = Users::get(sha1($authKey), 'token');
}
if (!empty($currentUser)) {
if ($currentUser->role === 'ban') {
$Database->where('id', $currentUser->id)->delete('sessions');
} else {
if (strtotime($currentUser->Session['expires']) < time()) {
$tokenvalid = false;
try {
DeviantArt::getToken($currentUser->Session['refresh'], 'refresh_token');
$tokenvalid = true;
} catch (CURLRequestException $e) {
$Database->where('id', $currentUser->Session['id'])->delete('sessions');
trigger_error("Session refresh failed for {$currentUser->name} ({$currentUser->id}) | {$e->getMessage()} (HTTP {$e->getCode()})", E_USER_WARNING);
}
} else {
$tokenvalid = true;
}
if ($tokenvalid) {
$signedIn = true;
if (time() - strtotime($currentUser->Session['lastvisit']) > Time::$IN_SECONDS['minute']) {
$lastVisitTS = date('c');
if ($Database->where('id', $currentUser->Session['id'])->update('sessions', array('lastvisit' => $lastVisitTS))) {
$currentUser->Session['lastvisit'] = $lastVisitTS;
}
}
$_PrefersColour = array('Pirill-Poveniy' => true, 'itv-canterlot' => true);
if (isset($_PrefersColour[$currentUser->name])) {
$Color = 'Colour';
$color = 'colour';
}
}
}
} else {
Cookie::delete('access', Cookie::HTTPONLY);
}
}
use App\UserPrefs;
if (!isset($_GET['error']) && (empty($_GET['code']) || empty($_GET['state']))) {
$_GET['error'] = 'unauthorized_client';
}
if (isset($_GET['error'])) {
$err = $_GET['error'];
if (isset($_GET['error_description'])) {
$errdesc = $_GET['error_description'];
}
global $signedIn;
if ($signedIn) {
HTTP::redirect($_GET['state']);
}
Episodes::loadPage();
}
$currentUser = DeviantArt::getToken($_GET['code']);
$signedIn = !empty($currentUser);
if (isset($_GET['error'])) {
$err = $_GET['error'];
if (isset($_GET['error_description'])) {
$errdesc = $_GET['error_description'];
}
if ($err === 'user_banned') {
$errdesc .= "\n\nIf you'd like to appeal your ban, please <a href='http://mlp-vectorclub.deviantart.com/notes/'>send the group a note</a>.";
}
Episodes::loadPage();
}
if (preg_match(new RegExp('^[a-z\\d]+$', 'i'), $_GET['state'], $_match)) {
$confirm = str_replace('{{CODE}}', $_match[0], file_get_contents(INCPATH . 'views/loginConfrim.html'));
$confirm = str_replace('{{USERID}}', Permission::sufficient('developer') || UserPrefs::get('p_disable_ga') ? '' : $currentUser->id, $confirm);
die($confirm);
