Ejemplo n.º 1
0
 public function oauth($tokenid)
 {
     $successURL = isset($_GET['returnurl']) ? $_GET['returnurl'] : new URL('auth', 'invalidReturn');
     $failureURL = isset($_GET['cancelurl']) ? $_GET['cancelurl'] : $successURL;
     $grant = isset($_GET['grant']) ? (int) $_GET['grant'] === 1 : null;
     $session = Session::getInstance();
     $token = db()->table('token')->get('token', $tokenid)->fetch();
     #No token, no access
     if (!$token) {
         throw new PublicException('No token', 404);
     }
     $this->view->set('token', $token);
     $this->view->set('cancelURL', $failureURL);
     $this->view->set('continue', (string) new URL('auth', 'oauth', $tokenid, array_merge($_GET->getRaw(), array('grant' => 1))));
     if (!$session->getUser()) {
         return $this->response->getHeaders()->redirect(new URL('user', 'login', array('returnto' => (string) URL::current())));
     }
     if ($grant === false) {
         return $this->response->getHeaders()->redirect($failureURL);
     }
     if ($grant === true) {
         $token->user = $this->user;
         $token->store();
         return $this->response->getHeaders()->redirect($successURL);
     }
 }
Ejemplo n.º 2
0
 public function _onload()
 {
     #Get the user session, if no session is given - we skip all of the processing
     #The user could also check the token
     $s = Session::getInstance();
     $u = $s->getUser();
     $t = isset($_GET['token']) ? db()->table('token')->get('token', $_GET['token'])->fetch() : null;
     if (!$u && !$t) {
         return;
     }
     #Export the user to the controllers that may need it.
     $user = $u ? db()->table('user')->get('_id', $u)->fetch() : $t->user;
     $this->user = $user;
     $this->token = $t;
     try {
         #Check if the user is an administrator
         $admingroupid = SysSettingModel::getValue('admin.group');
         $isAdmin = !!db()->table('user\\group')->get('group__id', $admingroupid)->addRestriction('user', $user)->fetch();
     } catch (PrivateException $e) {
         $isAdmin = false;
     }
     $this->isAdmin = $isAdmin;
     $this->view->set('authUser', $this->user);
     $this->view->set('userIsAdmin', $isAdmin);
 }
Ejemplo n.º 3
0
 public function logout()
 {
     $s = Session::getInstance();
     $s->destroy();
     return $this->response->getHeaders()->redirect(new URL());
 }