public function execute(AuthenticationCredentials $authCreds)
{
$authService = AuthenticationService::instance();
// Make sure the creds are valid
if (!$authCreds->isValid()) {
Application::instance()->getLogger()->error(sprintf('Error validating auth credentials %s', var_export($authCreds, true)));
throw new Exception('Invalid auth credentials');
}
// Account merge
if (Session::set('accountMerge') === '1') {
// Must be logged in to do a merge
if (!Session::hasRole(UserRole::USER)) {
throw new Exception('Authentication required for account merge');
}
$authService->handleAuthAndMerge($authCreds);
return 'redirect: /profile/authentication';
}
// Follow url *notice the set, returning and clearing the var
$follow = Session::set('follow');
// If the user profile doesnt exist, go to the register page
if (!$authService->getUserAuthProfileExists($authCreds)) {
Session::set('authSession', $authCreds);
$url = '/register?code=' . urlencode($authCreds->getAuthCode());
if (!empty($follow)) {
$url .= '&follow=' . urlencode($follow);
}
return 'redirect: ' . $url;
}
// User exists, handle the auth
$authService->handleAuthCredentials($authCreds);
if (!empty($follow) && substr($follow, 0, 1) == '/') {
return 'redirect: ' . $follow;
}
return 'redirect: /profile';
}
/**
* Handles the authentication and then merging of accounts
* Merging of an account is basically connecting multiple authenticators to one user
*
* @param AuthenticationCredentials $authCreds
* @throws Exception
*/
public function handleAuthAndMerge(AuthenticationCredentials $authCreds)
{
$userService = UserService::instance();
$user = $userService->getUserByAuthId($authCreds->getAuthId(), $authCreds->getAuthProvider());
$sessAuth = Session::getCredentials()->getData();
// We need to merge the accounts if one exists
if (!empty($user)) {
// If the profile userId is the same as the current one, the profiles are connceted, they shouldnt be here
if ($user['userId'] == $sessAuth['userId']) {
throw new Exception('These account are already connected');
}
// If the profile user is older than the current user, prompt the user to rather login using the other profile
if (intval($user['userId']) < $sessAuth['userId']) {
throw new Exception(sprintf('Your user profile for the %s account is older. Please login and use that account to merge.', $authCreds->getAuthProvider()));
}
// So we have a profile for a different user to the one logged in, we delete that user, and add a profile for the current user
$userService->removeAuthProfile($user['userId'], $authCreds->getAuthProvider());
// Set the user profile to Merged
$userService->updateUser($user['userId'], array('userStatus' => 'Merged'));
}
$userService->addUserAuthProfile(array('userId' => $sessAuth['userId'], 'authProvider' => $authCreds->getAuthProvider(), 'authId' => $authCreds->getAuthId(), 'authCode' => $authCreds->getAuthCode(), 'authDetail' => $authCreds->getAuthDetail()));
}
