public function add()
{
// check to see if there is an LDAP connection for this environment
//
$ldapConnectionConfig = Config::get('ldap.connections.' . App::environment());
if ($ldapConnectionConfig) {
// use LDAP
//
LDAP::add($this);
} else {
// use SQL / Eloquent
//
$this->save();
}
// check for promo code information
//
$promoCodeId = null;
if (Input::has('promo')) {
$pdo = DB::connection('mysql')->getPdo();
$sth = $pdo->prepare('SELECT * FROM project.promo_code WHERE promo_code = :promo AND expiration_date > NOW()');
$sth->execute(array(':promo' => Input::get('promo')));
$result = $sth->fetchAll(PDO::FETCH_ASSOC);
$promoCodeId = $result != false && sizeof($result) > 0 ? $result[0]['promo_code_id'] : null;
}
// create new user account
//
$userAccount = new UserAccount(array('ldap_profile_update_date' => gmdate('Y-m-d H:i:s'), 'user_uid' => $this->user_uid, 'promo_code_id' => $promoCodeId, 'enabled_flag' => 1, 'owner_flag' => 0, 'admin_flag' => 0, 'email_verified_flag' => 0));
$userAccount->save();
// create linked account
//
if (Input::has('user_external_id') && Input::has('linked_account_provider_code')) {
$linkedAccount = new LinkedAccount(array('user_external_id' => Input::get('user_external_id'), 'linked_account_provider_code' => Input::get('linked_account_provider_code'), 'enabled_flag' => 1, 'user_uid' => $this->user_uid, 'create_date' => gmdate('Y-m-d H:i:s')));
$linkedAccount->save();
$userEvent = new UserEvent(array('user_uid' => $this->user_uid, 'event_type' => 'linkedAccountCreated', 'value' => json_encode(array('linked_account_provider_code' => 'github', 'user_external_id' => $linkedAccount->user_external_id, 'user_ip' => $_SERVER['REMOTE_ADDR']))));
$userEvent->save();
}
return $this;
}
public function githubLink()
{
$username = Input::get('username');
$password = Input::get('password');
$user = User::getByUsername($username);
if ($user) {
if (User::isValidPassword($password, $user->password)) {
if ($user->hasBeenVerified()) {
if ($user->isEnabled()) {
// Attempt to load the github account the user is currently logged in as.
//
if (!Session::has('github_access_token') || !Session::has('github_access_time')) {
return Response::make('Unauthorized GitHub access.', 401);
}
if (gmdate('U') - Session::get('github_access_time') > 15 * 60) {
return Response::make('GitHub access has expired. If you would like to link a GitHub account to an existing SWAMP account, please click "Sign In" and select "Sign in With GitHub."', 401);
}
$token = Session::get('github_access_token');
$ch = curl_init('https://api.github.com/user');
curl_setopt($ch, CURLOPT_HTTPHEADER, array("Authorization: token {$token}"));
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, 'GET');
curl_setopt($ch, CURLOPT_USERAGENT, 'SWAMP');
$response = curl_exec($ch);
$github_user = json_decode($response);
if (!property_exists($github_user, 'id')) {
return Response::make('Unable to authenticate with GitHub.', 401);
}
// Make sure they don't already have an account
//
$account = LinkedAccount::where('user_uid', '=', $user->user_uid)->where('linked_account_provider_code', '=', 'github')->first();
if ($account && !(Input::has('confirmed') && Input::get('confirmed') === 'true')) {
return Response::json(array('error' => 'EXISTING_ACCOUNT', 'username' => $user->username, 'login' => $github_user->login), 401);
}
// Verify they are logged in as the account they are attempting to link to.
//
if ($github_user->id != Input::get('github_id')) {
return Response::make('Unauthorized GitHub access.', 401);
}
// Remove any old entries
LinkedAccount::where('user_uid', '=', $user->user_uid)->where('linked_account_provider_code', '=', 'github')->delete();
// Link the accounts
//
$linkedAccount = new LinkedAccount(array('linked_account_provider_code' => 'github', 'user_external_id' => Input::get('github_id'), 'enabled_flag' => 1, 'user_uid' => $user->user_uid, 'create_date' => gmdate('Y-m-d H:i:s')));
$linkedAccount->save();
$userEvent = new UserEvent(array('user_uid' => $user->user_uid, 'event_type' => 'linkedAccountCreated', 'value' => json_encode(array('linked_account_provider_code' => 'github', 'user_external_id' => $linkedAccount->user_external_id, 'user_ip' => $_SERVER['REMOTE_ADDR']))));
$userEvent->save();
Response::make('User account linked!');
} else {
return Response::make('User has not been approved.', 401);
}
} else {
return Response::make('User email has not been verified.', 401);
}
} else {
return Response::make('Incorrect username or password.', 401);
}
} else {
return Response::make('Incorrect username or password.', 401);
}
}
