/**
* Generate a token to authenticate a user
*
* @return mixed
*/
public function login($device_id = null, $device_type = null, $device_token = null)
{
// clear old sessions for any user with: same(device_id, os)
$to_remove = Token::where('device_id', '=', $device_id)->where('device_os', '=', $device_type)->delete();
$token = Token::getInstance();
$token->user_id = $this->_id;
$token->device_id = $device_id;
$token->device_os = $device_type;
$token->device_token = $device_token;
$token->save();
return $token;
}
/**
* Returns $token or false
*
* @return bool
*/
protected function getToken()
{
$tokenString = Session::get('token_string', false);
if (!$tokenString) {
return false;
}
$token = Token::where('token', $tokenString)->get()->first();
if (!count($token)) {
return false;
} else {
return $token;
}
}
private function generate_token()
{
$length = 32;
$value = '';
$keys = array_merge(range(0, 9), range('a', 'f'));
for ($i = 0; $i < $length; $i++) {
$value .= $keys[array_rand($keys)];
}
$check = new Token();
$check->where('value', $value)->get();
if ($check->exists()) {
$token = $this->generate_token();
}
$token = new Token();
$token->value = $value;
return $token;
}
/**
* Check token
*/
public function indexAction($tokenString)
{
Assets::reset()->add('main');
$token = Token::where('token', $tokenString)->get()->first();
if (!count($token)) {
return Redirect::route('info')->with('message', 'Токен не найден');
}
if (!$token->test->active) {
return Redirect::route('info')->with('message', 'Тест закрыт для тестирования');
}
switch ($token->status) {
case Token::TOKEN_STATUS_EMPTY:
case Token::TOKEN_STATUS_STARTED:
Session::put('token_string', $tokenString);
return Redirect::route('start.index');
break;
case Token::TOKEN_STATUS_EXPIRED:
Session::forget('token_string');
return Redirect::route('info')->with('message', 'Токен просрочен');
break;
default:
return Redirect::route('info')->with('message', 'Неожиданный статус токена');
}
}
/**
* Logout a user: remove the specified active token from the database
* @param user User
*/
public function logout($user)
{
if (!Input::has('token')) {
return ApiResponse::json('No token given.');
}
$input_token = Input::get('token');
$token = Token::where('key', '=', $input_token)->first();
if (empty($token)) {
return ApiResponse::json('No active session found.');
}
if ($token->user_id !== $user->_id) {
return ApiResponse::errorForbidden('You do not own this token.');
}
if ($token->delete()) {
Log::info('<!> Logged out from : ' . $input_token);
return ApiResponse::json('User logged out successfully.', '202');
} else {
return ApiResponse::errorInternal('User could not log out. Please try again.');
}
}
$app->group('/comment', function () {
// yorum ekle
$this->post('', function ($request, $response, $args) {
$user = Token::where('token', '=', $request->getHeader('token')[0])->get()->first()->user();
$newComment = json_decode($request->getBody());
$comment = new Comment();
$comment->user_id = $user->user_id;
$comment->food_id = $newComment->food_id;
$comment->comment = $newComment->comment;
$comment->create_date = date("YmdHi");
try {
$comment->save();
return $response->write(json_encode($comment) . ' ');
} catch (Illuminate\Database\QueryException $e) {
return $response->write('{"msg": "ERR"}');
}
})->setName('comment_create');
// yorum sil
$this->delete('/{id:[0-9]+}', function ($request, $response, $args) {
$user = Token::where('token', '=', $request->getHeader('token')[0])->get()->first()->user();
$comment = Comment::find($args['id']);
if ($comment->user_id != $user->user_id || !$user->isAdmin) {
return $response->write('{"msg":"Yetkisiz erişim"}');
}
$comment->deleted = true;
if ($comment->save()) {
return $response->write('{"msg": "OK"}');
}
return $response->write('{"msg": "ERR"}');
})->setName('comment_delete');
})->add($UserToken);
public function googleLogin($action = null)
{
try {
$client = new Google_Client();
$client->setAuthConfigFile(storage_path() . "/credentials/client_secret.json");
$client->setAccessType('online');
// default: offline
$client->setRedirectUri('https://api.upa.edu.mx/1/oauth2callback/auth?hauth.done=Google');
$client->setScopes(array(Google_Service_Drive::DRIVE_METADATA_READONLY, 'https://www.googleapis.com/auth/userinfo.email', 'https://www.googleapis.com/auth/userinfo.profile'));
$client->setDeveloperKey('AIzaSyARhUTSZ3VQ2wYhgqnTlSacNDOycU8_V0o');
// API key
//var_dump($client->getAccessToken());
if (isset($_GET['logout'])) {
// logout: destroy token
unset($_SESSION['token']);
die('Logged out.');
}
if (isset($_GET['code'])) {
// we received the positive auth callback, get the token and store it in session
$client->authenticate($_GET['code']);
$_SESSION['token'] = $client->getAccessToken();
$service = new Google_Service_Plus($client);
$userInfo = $service->people->get("me");
$iemail = $userInfo['emails'][0]['value'];
$files_service = new Google_Service_Drive($client);
$pageToken = NULL;
$i = 0;
do {
try {
$parameters = array();
if ($pageToken) {
$parameters['pageToken'] = $pageToken;
}
$files = $files_service->files->listFiles($parameters);
$my_files = $files->getItems();
foreach ($my_files as $f) {
// echo $i++. " - " . $f->getTitle();
// echo "<br/>";
}
$pageToken = $files->getNextPageToken();
} catch (Exception $e) {
print "An error occurred: " . $e->getMessage();
$pageToken = NULL;
}
} while ($pageToken);
$persona = Persona::byEmail($iemail)->first();
if ($persona) {
//var_dump($persona);
$token = Token::where("idpersonas", '=', $persona->idpersonas)->where("app_id", '=', 1)->whereRaw('(updated_at + INTERVAL ' . Config::get('app.session_timeout') . ' MINUTE) > NOW()')->first();
//var_dump($token);
$token = Token::create(array("idpersonas" => $persona->idpersonas, "app_id" => 1, "token" => Hash::make(uniqid() . $persona->idpersonas . str_random())));
$persona->token = $token->token;
//var_dump($persona);exit();
//return Response::json(array("usuario" => array("id" => $persona->idpersonas, "iemail" => $persona->iemail, "token" => $persona->token)));
return Redirect::to('https://intranet.upa.edu.mx/intra/validar_i_2.php?loginupp_i=' . $persona->idpersonas . '&token=' . $persona->token);
} else {
return Response::json(array('error' => "Wrong Credentials"), 404);
}
}
if (isset($_SESSION['token'])) {
// extract token from session and configure client
$token = $_SESSION['token'];
$client->setAccessToken($token);
}
if (!$client->getAccessToken()) {
// auth call to google
$authUrl = $client->createAuthUrl();
header("Location: " . $authUrl);
die;
}
// $oauth = new Google_Service_Oauth2($client);
} catch (Exception $e) {
return $e->getMessage();
}
//var_dump($profile);
}
public static function isUserToken($user_id, $token)
{
return Token::where('user_id', '=', $user_id)->where('key', '=', $token)->exists();
}
public function getIndex()
{
$tokens = Token::where('user_id', Auth::user()->id)->get();
return View::make('token.index')->with('tokens', $tokens);
}
/**
* Display one result
*
* @param $id
* @param $rid
*/
public function showAction($id, $rid)
{
$test = Test::find($id);
if (is_null($test)) {
return Redirect::route('tests.index')->with('error', 'Incorrect test id');
}
$single = Result::find($rid);
if (is_null($single) || $single->test_id != $id) {
return Redirect::route('tests.index')->with('error', 'Невозможно найти результаты');
}
$results = Result::where('test_id', $id)->where('token', $single->token)->orderBy('question_id', 'asc')->get();
if (!count($results)) {
return Redirect::route('tests.index')->with('error', 'Отсутствуют результаты теста');
}
$score = 0;
$max = 0;
foreach ($results as $result) {
$score += $result->weight;
if ($max < $result->created_at->format('U')) {
$max = $result->created_at->format('U');
}
}
$weights = [];
$tw = 0;
foreach ($test->questions as $q) {
$weights[$q->id] = 0;
foreach ($q->answers as $a) {
if (!$a->is_correct) {
continue;
}
$weights[$q->id] += $a->weight;
$tw += $a->weight;
}
if ($q->type == Question::TYPE_STRING) {
$weights[$q->id] += 1;
$tw += 1;
}
}
$token = Token::where('token', $result->token)->get();
$ends = $max - $token[0]->start;
$min = (int) ($ends / 60);
$sec = $ends - $min * 60;
$ends = ($min < 10 ? '0' . $min : $min) . ':' . ($sec < 10 ? '0' . $sec : $sec);
return View::make('tests.results_show', ['token' => Token::where('token', $single->token)->get()[0], 'test' => $test, 'total_questions' => count($test->questions), 'total_weight' => $tw, 'results' => $results, 'weights' => $weights, 'score' => $score, 'duration' => $ends]);
}
/*
|--------------------------------------------------------------------------
| Authentication Filters
|--------------------------------------------------------------------------
|
| The following filters are used to verify that the user of the current
| session is logged into this application. The "basic" filter easily
| integrates HTTP Basic authentication for quick, simple checking.
|
*/
Route::filter('logged_in', function () {
if (!Input::has('token')) {
return ApiResponse::errorUnauthorized("No token found.");
}
$token = Input::get('token');
if (!Token::where('key', '=', $token)->exists()) {
return ApiResponse::errorUnauthorized("Token mismatched.");
}
});
Route::filter('auth', function () {
if (Auth::guest()) {
return Redirect::guest('login');
}
});
Route::filter('auth.basic', function () {
return Auth::basic();
});
/*
|--------------------------------------------------------------------------
| Guest Filter
|--------------------------------------------------------------------------
/**
* User Token
*
* Generates and store the token on behalf of a user
*/
public function postToken()
{
if ($this->_isValidRequest()) {
$first_name = Input::get('first_name');
$last_name = Input::get('last_name');
$email = Input::get('email');
if (!$first_name or !$last_name or !$email) {
$this->_invalidRequest("All parameters are required");
}
// Check if token exists or not
if ($token = Token::where('email', '=', $email)->first()) {
die(json_encode(array("token" => $token->token)));
}
// Generate new token
$timestamp = hash_hmac('sha1', time(), "dksystem");
$unique_token = substr($timestamp, 0, 10) . str_random(22);
$token = new Token();
$token->token = $unique_token;
$token->first_name = Input::get('first_name');
$token->last_name = Input::get('last_name');
$token->email = Input::get('email');
$token->save();
die(json_encode(array("token" => $unique_token)));
}
}
/**
* Process payment for an OTO
*
* @param $product int
* @param $plan int
* @param $token string
*
* @return Void
*/
public function getOto($product, $plan, $token = NULL)
{
// Get product data
if (!($product = Product::where('code', '=', $product)->first())) {
// Invalid product, Redirect to website
return $this->redirectToWebsite();
}
// Get plan data
if (!($plan = Plan::where('code', '=', $plan)->where('product_id', '=', $product->id)->first())) {
// Invalid plan, Redirect to website
return $this->redirectToWebsite();
}
// If plan is not available anymore
if (!$plan->status) {
return Redirect::to($product->landing_url);
}
// Get User email address
if ($token) {
// Get Token from DB
if ($tokenData = Token::where('token', '=', $token)->first()) {
$email = $tokenData->email;
}
} else {
$cookie = "_" . $product->code . "_email";
$email = Cookie::get($cookie);
}
// If no email was found
if (empty($email)) {
return Redirect::to("checkout/{$product->code}/{$plan->code}?existing=1");
//return $this->redirectToWebsite();
} else {
// Get Buyer ID
$buyer = Buyer::where('email', '=', $email)->first();
if (!$buyer) {
return $this->redirectToWebsite();
}
// If user has already purchased the product,
// redirect to next page
$this->_check_already_purchase($email, $product, $plan);
$this->_data['buyer'] = $buyer;
// Check if stripe or paypal
$purchase = Purchase::where('buyer_id', '=', $buyer->id)->where('product_id', '=', $product->id)->first();
if (!$purchase) {
return $this->redirectToWebsite();
}
if ($purchase->pay_method == 1) {
$this->_data['gateway'] = "stripe";
}
if ($purchase->pay_method == 2) {
$this->_data['gateway'] = "paypal";
}
// If plan is subscription based and old method is PayPal
if ($purchase->pay_method == 2 and $plan->is_recurring) {
return Redirect::to("checkout/{$product->code}/{$plan->code}?existing=1&buyer={$buyer->id}");
}
$this->_data['purchase'] = $purchase;
}
// Create data for view
$this->_data['product'] = $product;
$this->_data['colors'] = json_decode($product->colors);
$this->_data['plan'] = $plan;
return View::make('checkout.oto', $this->_data);
}
/**
* Récupère un objet token avec son ID
*
* @param $token
* @return mixed
*/
public static function getWithToken($token)
{
return Token::where('id', $token)->first();
}
private function _getUserId($token)
{
if (Token::where('token', $token)->exists()) {
$user = Token::where('token', $token)->get(['user_id']);
return $user[0]->user_id;
} else {
return false;
}
}