/** * @param array $data * @return waContact */ protected function afterAuth($data) { $app_id = $this->getStorage()->get('auth_app'); $contact_id = 0; // find contact by auth adapter id, i.e. facebook_id $contact_data_model = new waContactDataModel(); $row = $contact_data_model->getByField(array('field' => $data['source'] . '_id', 'value' => $data['source_id'], 'sort' => 0)); if ($row) { $contact_id = $row['contact_id']; } // try find user by email if (!$contact_id && isset($data['email'])) { $sql = "SELECT c.id FROM wa_contact_emails e\n JOIN wa_contact c ON e.contact_id = c.id\n WHERE e.email = s:email AND e.sort = 0 AND c.password != ''"; $contact_model = new waContactModel(); $contact_id = $contact_model->query($sql, array('email' => $data['email']))->fetchField('id'); // save source_id if ($contact_id) { $contact_data_model->insert(array('contact_id' => $contact_id, 'field' => $data['source'] . '_id', 'value' => $data['source_id'], 'sort' => 0)); } } // create new contact if (!$contact_id) { $contact = new waContact(); $data[$data['source'] . '_id'] = $data['source_id']; $data['create_method'] = $data['source']; $data['create_app_id'] = $app_id; // set random password (length = default hash length - 1, to disable ability auth using login and password) $contact->setPassword(substr(waContact::getPasswordHash(uniqid(time(), true)), 0, -1), true); unset($data['source']); unset($data['source_id']); if (isset($data['photo_url'])) { $photo_url = $data['photo_url']; unset($data['photo_url']); } else { $photo_url = false; } $contact->save($data); $contact_id = $contact->getId(); if ($contact_id && $photo_url) { $photo_url_parts = explode('/', $photo_url); // copy photo to tmp dir $path = wa()->getTempPath('auth_photo/' . $contact_id . '.' . end($photo_url_parts), $app_id); $photo = file_get_contents($photo_url); file_put_contents($path, $photo); $contact->setPhoto($path); } } else { $contact = new waContact($contact_id); } // auth user if ($contact_id) { wa()->getAuth()->auth(array('id' => $contact_id)); return $contact; } return false; }
/** * @param $params * @return array|bool * @throws waException */ protected function _auth($params) { if ($params && isset($params['id'])) { $contact_model = new waContactModel(); $user_info = $contact_model->getById($params['id']); if ($user_info && ($user_info['is_user'] > 0 || !$this->options['is_user'])) { waSystem::getInstance()->getResponse()->setCookie('auth_token', null, -1); return $this->getAuthData($user_info); } return false; } elseif ($params && isset($params['login']) && isset($params['password'])) { $login = $params['login']; $password = $params['password']; } elseif (waRequest::getMethod() == 'post' && waRequest::post('wa_auth_login')) { $login = waRequest::post('login'); $password = waRequest::post('password'); if (!strlen($login)) { throw new waException(_ws('Login is required')); } } else { $login = null; } if ($login && strlen($login)) { $user_info = $this->getByLogin($login); if ($user_info && ($user_info['is_user'] > 0 || !$this->options['is_user']) && waContact::getPasswordHash($password) === $user_info['password']) { $auth_config = wa()->getAuthConfig(); if (wa()->getEnv() == 'frontend' && !empty($auth_config['params']['confirm_email'])) { $contact_emails_model = new waContactEmailsModel(); $email_row = $contact_emails_model->getByField(array('contact_id' => $user_info['id'], 'sort' => 0)); if ($email_row && $email_row['status'] == 'unconfirmed') { $login_url = wa()->getRouteUrl((isset($auth_config['app']) ? $auth_config['app'] : '') . '/login', array()); $html = sprintf(_ws('A confirmation link has been sent to your email address provided during the signup. Please click this link to confirm your email and to sign in. <a class="send-email-confirmation" href="%s">Resend the link</a>'), $login_url . '?send_confirmation=1'); $html = '<div class="block-confirmation-email">' . $html . '</div>'; $html .= <<<HTML <script type="text/javascript"> \$(function () { \$('a.send-email-confirmation').click(function () { \$.post(\$(this).attr('href'), { login: \$(this).closest('form').find("input[name='login']").val() }, function (response) { \$('.block-confirmation-email').html(response); }); return false; }); }); </script> HTML; throw new waException($html); } } $response = waSystem::getInstance()->getResponse(); // if remember if (waRequest::post('remember')) { $cookie_domain = ifset($this->options['cookie_domain'], ''); $response->setCookie('auth_token', $this->getToken($user_info), time() + 2592000, null, $cookie_domain, false, true); $response->setCookie('remember', 1); } else { $response->setCookie('remember', 0); } // return array with compact user info return $this->getAuthData($user_info); } else { if ($this->options['login'] == 'email') { throw new waException(_ws('Invalid email or password')); } else { throw new waException(_ws('Invalid login or password')); } } } else { // try auth by cookie return $this->_authByCookie(); } }
/** * @param array $data * @return waContact */ protected function afterAuth($data) { $app_id = $this->getStorage()->get('auth_app'); $contact_id = 0; // find contact by auth adapter id, i.e. facebook_id $contact_data_model = new waContactDataModel(); $row = $contact_data_model->getByField(array('field' => $data['source'] . '_id', 'value' => $data['source_id'], 'sort' => 0)); if ($row) { $contact_id = $row['contact_id']; } // try find user by email if (!$contact_id && isset($data['email'])) { $contact_model = new waContactModel(); $sql = "SELECT c.id FROM wa_contact_emails e\n JOIN wa_contact c ON e.contact_id = c.id\n WHERE e.email LIKE '" . $contact_model->escape($data['email'], 'like') . "' AND e.sort = 0 AND c.password != ''"; $contact_id = $contact_model->query($sql)->fetchField('id'); // save source_id if ($contact_id) { $contact_data_model->insert(array('contact_id' => $contact_id, 'field' => $data['source'] . '_id', 'value' => $data['source_id'], 'sort' => 0)); } } // create new contact if (!$contact_id) { $contact = new waContact(); $data[$data['source'] . '_id'] = $data['source_id']; $data['create_method'] = $data['source']; $data['create_app_id'] = $app_id; // set random password (length = default hash length - 1, to disable ability auth using login and password) $contact->setPassword(substr(waContact::getPasswordHash(uniqid(time(), true)), 0, -1), true); unset($data['source']); unset($data['source_id']); if (isset($data['photo_url'])) { $photo_url = $data['photo_url']; unset($data['photo_url']); } else { $photo_url = false; } $contact->save($data); $contact_id = $contact->getId(); if ($contact_id && $photo_url) { $photo_url_parts = explode('/', $photo_url); // copy photo to tmp dir $path = wa()->getTempPath('auth_photo/' . $contact_id . '.' . md5(end($photo_url_parts)), $app_id); $s = parse_url($photo_url, PHP_URL_SCHEME); $w = stream_get_wrappers(); if (in_array($s, $w) && ini_get('allow_url_fopen')) { $photo = file_get_contents($photo_url); } elseif (function_exists('curl_init')) { $ch = curl_init($photo_url); curl_setopt($ch, CURLOPT_HEADER, 0); curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false); curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 25); $photo = curl_exec($ch); curl_close($ch); } else { $photo = null; } if ($photo) { file_put_contents($path, $photo); $contact->setPhoto($path); } } } else { $contact = new waContact($contact_id); } // auth user if ($contact_id) { wa()->getAuth()->auth(array('id' => $contact_id)); return $contact; } return false; }
public function oauth($provider, $config, $token, $code = null) { /** * @var waOAuth2Adapter $auth */ $auth = wa()->getAuth($provider, $config); if (!$token && $code) { $token = $auth->getAccessToken($code); } $data = $auth->getUserData($token); if (wa()->getUser()->getId()) { wa()->getUser()->save(array($data['source'] . '_id' => $data['source_id'])); return wa()->getUser(); } $app_id = wa()->getApp(); $contact_id = 0; // find contact by auth adapter id, i.e. facebook_id $contact_data_model = new waContactDataModel(); $row = $contact_data_model->getByField(array('field' => $data['source'] . '_id', 'value' => $data['source_id'], 'sort' => 0)); if ($row) { $contact_id = $row['contact_id']; } // try find user by email if (!$contact_id && isset($data['email'])) { $sql = "SELECT c.id FROM wa_contact_emails e\n JOIN wa_contact c ON e.contact_id = c.id\n WHERE e.email = s:email AND e.sort = 0 AND c.password != ''"; $contact_model = new waContactModel(); $contact_id = $contact_model->query($sql, array('email' => $data['email']))->fetchField('id'); // save source_id if ($contact_id) { $contact_data_model->insert(array('contact_id' => $contact_id, 'field' => $data['source'] . '_id', 'value' => $data['source_id'], 'sort' => 0)); } } // create new contact if (!$contact_id) { $contact = new waContact(); $data[$data['source'] . '_id'] = $data['source_id']; $data['create_method'] = $data['source']; $data['create_app_id'] = $app_id; // set random password (length = default hash length - 1, to disable ability auth using login and password) $contact->setPassword(substr(waContact::getPasswordHash(uniqid(time(), true)), 0, -1), true); unset($data['source']); unset($data['source_id']); if (isset($data['photo_url'])) { $photo_url = $data['photo_url']; unset($data['photo_url']); } else { $photo_url = false; } $contact->save($data); $contact_id = $contact->getId(); if ($contact_id && $photo_url) { $photo_url_parts = explode('/', $photo_url); // copy photo to tmp dir $path = wa()->getTempPath('auth_photo/' . $contact_id . '.' . md5(end($photo_url_parts)), $app_id); if (function_exists('curl_init')) { $ch = curl_init($photo_url); curl_setopt($ch, CURLOPT_HEADER, 0); curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 25); $photo = curl_exec($ch); curl_close($ch); } else { $photo = file_get_contents($photo_url); } if ($photo) { file_put_contents($path, $photo); $contact->setPhoto($path); } } } else { $contact = new waContact($contact_id); } // auth user if ($contact_id) { wa()->getAuth()->auth(array('id' => $contact_id)); return $contact; } return false; }
/** * @param array $data * @return waContact * @throws waException */ protected function createContact($data) { $app_id = $this->getStorage()->get('auth_app'); $contact = new waContact(); $data[$data['source'] . '_id'] = $data['source_id']; $data['create_method'] = $data['source']; $data['create_app_id'] = $app_id; // set random password (length = default hash length - 1, to disable ability auth using login and password) $contact->setPassword(substr(waContact::getPasswordHash(uniqid(time(), true)), 0, -1), true); unset($data['source']); unset($data['source_id']); if (isset($data['photo_url'])) { $photo_url = $data['photo_url']; unset($data['photo_url']); } else { $photo_url = false; } $contact->save($data); $contact_id = $contact->getId(); if ($contact_id && $photo_url) { $photo_url_parts = explode('/', $photo_url); // copy photo to tmp dir $path = wa()->getTempPath('auth_photo/' . $contact_id . '.' . md5(end($photo_url_parts)), $app_id); $s = parse_url($photo_url, PHP_URL_SCHEME); $w = stream_get_wrappers(); if (in_array($s, $w) && ini_get('allow_url_fopen')) { $photo = file_get_contents($photo_url); } elseif (function_exists('curl_init')) { $ch = curl_init($photo_url); curl_setopt($ch, CURLOPT_HEADER, 0); curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false); curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 25); $photo = curl_exec($ch); curl_close($ch); } else { $photo = null; } if ($photo) { file_put_contents($path, $photo); $contact->setPhoto($path); } } /** * @event signup * @param waContact $contact */ wa()->event('signup', $contact); return $contact; }
protected function _auth($params) { if ($params && isset($params['id'])) { $contact_model = new waContactModel(); $user_info = $contact_model->getById($params['id']); if ($user_info && ($user_info['is_user'] || !$this->options['is_user'])) { waSystem::getInstance()->getResponse()->setCookie('auth_token', null, -1); return $this->getAuthData($user_info); } return false; } elseif ($params && isset($params['login']) && isset($params['password'])) { $login = $params['login']; $password = $params['password']; } elseif (waRequest::getMethod() == 'post' && waRequest::post('wa_auth_login')) { $login = waRequest::post('login'); $password = waRequest::post('password'); if (!strlen($login)) { throw new waException(_ws('Login is required')); } } else { $login = null; } if ($login && strlen($login)) { $user_info = $this->getByLogin($login); if ($user_info && ($user_info['is_user'] || !$this->options['is_user']) && waContact::getPasswordHash($password) === $user_info['password']) { $response = waSystem::getInstance()->getResponse(); // if remember if (waRequest::post('remember')) { $response->setCookie('auth_token', $this->getToken($user_info), time() + 2592000, null, '', false, true); $response->setCookie('remember', 1); } else { $response->setCookie('remember', 0); } // return array with compact user info return $this->getAuthData($user_info); } else { if ($this->options['login'] == 'email') { throw new waException(_ws('Invalid email or password')); } else { throw new waException(_ws('Invalid login or password')); } } } else { // try auth by cookie return $this->_authByCookie(); } }