/**
* @return string
* @throws \DreamFactory\Core\Exceptions\UnauthorizedException
*/
public static function refreshToken()
{
$token = Session::getSessionToken();
try {
$newToken = \JWTAuth::refresh($token);
$payload = \JWTAuth::getPayload($newToken);
$userId = $payload->get('user_id');
$user = User::find($userId);
$userInfo = $user->toArray();
ArrayUtils::set($userInfo, 'is_sys_admin', $user->is_sys_admin);
Session::setSessionToken($newToken);
Session::setUserInfo($userInfo);
static::setTokenMap($payload, $newToken);
} catch (TokenExpiredException $e) {
$payloadArray = \JWTAuth::manager()->getJWTProvider()->decode($token);
$forever = boolval(ArrayUtils::get($payloadArray, 'forever'));
if ($forever) {
$userId = ArrayUtils::get($payloadArray, 'user_id');
$user = User::find($userId);
Session::setUserInfoWithJWT($user, $forever);
} else {
throw new UnauthorizedException($e->getMessage());
}
}
return Session::getSessionToken();
}
/**
* @param Request $request
* @param Closure $next
*
* @return array|mixed|string
*/
public function handle($request, Closure $next)
{
// Allow console requests through
if (env('DF_IS_VALID_CONSOLE_REQUEST', false)) {
return $next($request);
}
try {
static::setExceptions();
if (static::isAccessAllowed()) {
return $next($request);
} elseif (static::isException($request)) {
//API key and/or (non-admin) user logged in, but if access is still not allowed then check for exception case.
return $next($request);
} else {
$apiKey = Session::getApiKey();
$token = Session::getSessionToken();
if (empty($apiKey) && empty($token)) {
throw new BadRequestException('Bad request. No token or api key provided.');
} elseif (true === Session::get('token_expired')) {
throw new UnauthorizedException(Session::get('token_expired_msg'));
} elseif (!Session::isAuthenticated()) {
throw new UnauthorizedException('Unauthorized.');
} else {
throw new ForbiddenException('Access Forbidden.');
}
}
} catch (\Exception $e) {
return ResponseFactory::getException($e, $request);
}
}
/**
* Registers new user.
*
* @return array
* @throws \DreamFactory\Core\Exceptions\BadRequestException
* @throws \DreamFactory\Core\Exceptions\ForbiddenException
*/
protected function handlePOST()
{
$payload = $this->getPayloadData();
$login = $this->request->getParameterAsBool('login');
$registrar = new Registrar();
$password = ArrayUtils::get($payload, 'new_password', ArrayUtils::get($payload, 'password'));
$data = ['first_name' => ArrayUtils::get($payload, 'first_name'), 'last_name' => ArrayUtils::get($payload, 'last_name'), 'name' => ArrayUtils::get($payload, 'name'), 'email' => ArrayUtils::get($payload, 'email'), 'phone' => ArrayUtils::get($payload, 'phone'), 'security_question' => ArrayUtils::get($payload, 'security_question'), 'security_answer' => ArrayUtils::get($payload, 'security_answer'), 'password' => $password, 'password_confirmation' => ArrayUtils::get($payload, 'password_confirmation', $password)];
if (empty($data['first_name'])) {
list($username, $domain) = explode('@', $data['email']);
$data['first_name'] = $username;
}
if (empty($data['last_name'])) {
$names = explode('.', $data['first_name']);
if (isset($names[1])) {
$data['last_name'] = $names[1];
$data['first_name'] = $names[0];
} else {
$data['last_name'] = $names[0];
}
}
if (empty($data['name'])) {
$data['name'] = $data['first_name'] . ' ' . $data['last_name'];
}
ArrayUtils::removeNull($data);
/** @var \Illuminate\Validation\Validator $validator */
$validator = $registrar->validator($data);
if ($validator->fails()) {
$messages = $validator->errors()->getMessages();
throw new BadRequestException('Validation failed', null, null, $messages);
} else {
$user = $registrar->create($data);
if ($login) {
if ($user->confirm_code !== 'y' && !is_null($user->confirm_code)) {
return ['success' => true, 'confirmation_required' => true];
} else {
Session::setUserInfoWithJWT($user);
return ['success' => true, 'session_token' => Session::getSessionToken()];
}
} else {
return ['success' => true];
}
}
}
/**
* Updates user profile.
*
* @return array
* @throws NotFoundException
* @throws \Exception
*/
protected function handlePOST()
{
$payload = $this->getPayloadData();
$data = ['first_name' => ArrayUtils::get($payload, 'first_name'), 'last_name' => ArrayUtils::get($payload, 'last_name'), 'name' => ArrayUtils::get($payload, 'name'), 'email' => ArrayUtils::get($payload, 'email'), 'phone' => ArrayUtils::get($payload, 'phone'), 'security_question' => ArrayUtils::get($payload, 'security_question'), 'security_answer' => ArrayUtils::get($payload, 'security_answer'), 'default_app_id' => ArrayUtils::get($payload, 'default_app_id')];
ArrayUtils::removeNull($data);
$user = Session::user();
if (empty($user)) {
throw new NotFoundException('No user session found.');
}
$oldToken = Session::getSessionToken();
$email = $user->email;
$user->update($data);
if (!empty($oldToken) && $email !== ArrayUtils::get($data, 'email', $email)) {
// Email change invalidates token. Need to create a new token.
$forever = JWTUtilities::isForever($oldToken);
Session::setUserInfoWithJWT($user, $forever);
$newToken = Session::getSessionToken();
return ['success' => true, 'session_token' => $newToken];
}
return ['success' => true];
}
/**
* Changes password by security answer.
*
* @param $email
* @param $answer
* @param $newPassword
* @param bool $login
*
* @return array
* @throws BadRequestException
* @throws InternalServerErrorException
* @throws NotFoundException
*/
protected static function changePasswordBySecurityAnswer($email, $answer, $newPassword, $login = true)
{
if (empty($email)) {
throw new BadRequestException("Missing required email for password reset confirmation.");
}
if (empty($newPassword)) {
throw new BadRequestException("Missing new password for reset.");
}
if (empty($answer)) {
throw new BadRequestException("Missing security answer.");
}
/** @var User $user */
$user = User::whereEmail($email)->first();
if (null === $user) {
// bad code
throw new NotFoundException("The supplied email and confirmation code were not found in the system.");
}
static::isAllowed($user);
try {
// validate answer
$isValid = \Hash::check($answer, $user->security_answer);
} catch (\Exception $ex) {
throw new InternalServerErrorException("Error validating security answer.\n{$ex->getMessage()}");
}
if (!$isValid) {
throw new BadRequestException("The answer supplied does not match.");
}
try {
$user->password = $newPassword;
$user->save();
} catch (\Exception $ex) {
throw new InternalServerErrorException("Error processing password change.\n{$ex->getMessage()}");
}
if ($login) {
static::userLogin($email, $newPassword);
return ['success' => true, 'session_token' => Session::getSessionToken()];
}
return ['success' => true];
}
