/**
* Respond with JavaScript to inform the Flarum app about the user's
* authentication status.
*
* An array of identification attributes must be passed as the first
* argument. These are checked against existing user accounts; if a match is
* found, then the user is authenticated and logged into that account via
* cookie. The Flarum app will then simply refresh the page.
*
* If no matching account is found, then an AuthToken will be generated to
* store the identification attributes. This token, along with an optional
* array of suggestions, will be passed into the Flarum app's sign up modal.
* This results in the user not having to choose a password. When they
* complete their registration, the identification attributes will be
* set on their new user account.
*
* @param array $identification
* @param array $suggestions
* @return HtmlResponse
*/
protected function authenticate(array $identification, array $suggestions = [])
{
$user = User::where($identification)->first();
// If a user with these attributes already exists, then we will log them
// in by generating an access token. Otherwise, we will generate a
// unique token for these attributes and add it to the response, along
// with the suggested account information.
if ($user) {
$payload = ['authenticated' => true];
} else {
$token = AuthToken::generate($identification);
$token->save();
$payload = array_merge($identification, $suggestions, ['token' => $token->id]);
}
$content = sprintf('<script>window.opener.app.authenticationComplete(%s); window.close();</script>', json_encode($payload));
$response = new HtmlResponse($content);
if ($user) {
// Extend the token's expiry to 2 weeks so that we can set a
// remember cookie
$accessToken = $this->bus->dispatch(new GenerateAccessToken($user->id));
$accessToken::unguard();
$accessToken->update(['expires_at' => new DateTime('+2 weeks')]);
$response = $this->withRememberCookie($response, $accessToken->id);
}
return $response;
}
public function make(Request $request, array $identification, array $suggestions = [])
{
if (isset($suggestions['username'])) {
$suggestions['username'] = $this->sanitizeUsername($suggestions['username']);
}
$user = User::where($identification)->first();
$payload = $this->getPayload($identification, $suggestions, $user);
$response = $this->getResponse($payload);
if ($user) {
$session = $request->getAttribute('session');
$this->authenticator->logIn($session, $user->id);
$response = $this->rememberer->rememberUser($response, $user->id);
}
return $response;
}
public static function ensureUser($userInfo, $events, $actor)
{
// Get the user that has this ID if it already exists.
$user = User::where(['singleso_id' => $userInfo['id']])->first();
// Change any dupes to keep the unique table column integrity.
foreach (static::$userUnique as $k => $v) {
// If user is new or property is different, then check for dupe.
if (!$user || $user->{$k} !== $userInfo[$v[0]]) {
// Check for user with dupe property.
$dupe = User::where([$k => $userInfo[$v[0]]])->first();
// If conflict, rename to unique until next login.
if ($dupe) {
// If the account is local only, throw exception.
if (!isset($dupe->singleso_id)) {
throw new SingleSOException([sprintf('Local account "%s" conflict.', $k)]);
}
$dupe->{$k} = sprintf($v[1], $dupe->id);
$dupe->save();
}
}
}
// If user exists, check for changes, and save if different.
if ($user) {
$changed = false;
foreach (static::$userUnique as $k => $v) {
if ($user->{$k} !== $userInfo[$v[0]]) {
$user->{$k} = $userInfo[$v[0]];
$changed = true;
}
}
if ($changed) {
$user->save();
}
} else {
$user = User::register($userInfo['username'], $userInfo['email'], '');
// Add the unique ID and activate.
$user->singleso_id = $userInfo['id'];
$user->activate();
// Set an internal flag, trigger event, and remove the flag.
$user->_singleso_registered_user = true;
$events->fire(new UserWillBeSaved($user, $actor, ['attributes' => ['username' => $userInfo['username'], 'email' => $userInfo['email'], 'password' => '']]));
unset($user->_singleso_registered_user);
// Save to the database.
$user->save();
}
return $user;
}
/**
* Find users by matching a string of words against their username,
* optionally making sure they are visible to a certain user.
*
* @param string $string
* @param User|null $actor
* @return array
*/
public function getIdsForUsername($string, User $actor = null)
{
$query = User::where('username', 'like', '%' . $string . '%')->orderByRaw('username = ? desc', [$string])->orderByRaw('username like ? desc', [$string . '%']);
return $this->scopeVisibleTo($query, $actor)->lists('id');
}
