} }); $app->get('/app/login', function () use($app, $twig, $assets) { $request = $app->request(); $action = $request->params('action'); $data = array('user' => 'testuser', 'test' => 'hahahahha', 'static_url' => $assets, 'action' => $action, 'csrf_key' => $app->view()->getData('csrf_key'), 'csrf_token' => $app->view()->getData('csrf_token')); echo $twig->render('views/login.php', $data); }); $app->post('/app/login', function () use($app, $twig, $assets) { $check_user = $MongoUser->findOne(array('$and' => array(array('email' => $slim->request()->post('email')), array('password' => $slim->request()->post('password'))))); if ($check_user) { // set the session here if (!isset($_SESSION)) { session_start(); } # nice technique : http://stackoverflow.com/questions/19068363/storing-and-retrieving-an-array-in-a-php-cookie $dataArray = array('user' => $new_user, 'message' => "User created sucessfully"); $response = json_encode($dataArray); echo $response; } else { $app->halt(401, "Credentials incorrect or user dont exist."); } }); $app->post('/app/create', function () use($app, $twig, $assets, $MongoUser) { $_user = array('_id' => uniqid(), 'email' => $app->request()->post('email'), 'password' => $app->request()->post('password')); $new_user = $MongoUser->save($_user); if ($new_user) { // redirect to login page $dataArray = array('user' => $new_user, 'message' => "User created sucessfully"); //$response = json_encode($dataArray); //echo $response;
$db = new NotORM($pdo); // Home Route $app->get('/', function () use($app) { $app->response->setStatus(200); $app->render('../templates/homepage.html'); }); // Register a user $app->post('/register', function () use($app, $db) { $app->response()->header('Content-Type', 'application/json'); $name = $app->request()->post('name'); $email = $app->request()->post('email'); $password = $app->request()->post('password'); $passwordEncryption = md5($password); if ($email === $db->users()->where('email', $email)->fetch('email')) { echo json_encode(['message' => 'That email address is already in use. Please use another email address']); } else { $user = ['name' => "{$name}", 'email' => "{$email}", 'password' => "{$passwordEncryption}"]; $result = $db->users->insert($user); $users = array(); foreach ($db->users() as $user) { $users[] = array('id' => $user['id'], 'name' => $user['name'], 'email' => $user['email']); } echo json_encode($users, JSON_FORCE_OBJECT); } }); // Login a user $app->post('/login', function () use($app, $db) { $email = $app->request->post('email'); $password = $app->request->post('password'); $new = md5($password); if ($email === $db->users()->where('email', $email)->fetch('email') && $new === $db->users->where('email', $email)->fetch('password')) { $timeNow = new DateTime();
$app->post('/login', function () use($app) { // check for required params verify_required_params(array('email', 'password')); // reading post params $email = $app->request()->post('email'); $password = $app->request()->post('password'); $response = array('request' => 'login'); // Sanitize data $email = filter_var($email, FILTER_SANITIZE_EMAIL); $password = filter_var($password, FILTER_SANITIZE_STRING); // Validate data if (!filter_var($email, FILTER_VALIDATE_EMAIL)) { $response['error'] = true; $response['msg'] = 'Input data not valid.'; echoRespnse(401, $response); $app->stop(); } $db = new DbHandler(); // check for correct email and password if ($db_uid = $db->checkUserExisits($email)) { if ($db->userLogin($email, $password)) { $response['error'] = false; $response['login'] = true; $response['msg'] = 'User logged in.'; echoRespnse(200, $response); $app->stop(); } else { $response['error'] = true; $response['msg'] = 'Password wrong.'; echoRespnse(401, $response); $app->stop(); } } else { $response['error'] = true; $response['msg'] = 'User not found.'; echoRespnse(401, $response); $app->stop(); } });
$logWriter = new \Flynsarmy\SlimMonolog\Log\MonologWriter(array('handlers' => array(new \Monolog\Handler\StreamHandler('src/log/' . date('Y-m-d') . '.log')))); //$logWriter = new \Slim\LogWriter(fopen('src/log/errors_slim.log', 'a')); //$logWriter = new \Slim\LogWriter(fopen('src/log/bullhorn.log', 'a')); $app = new \Slim\Slim(array('debug' => true, 'log.enabled' => true, 'log.level' => \Slim\Log::DEBUG, 'mode' => 'development', 'log.writer' => $logWriter, 'templates.path' => 'Stratum/templates')); $app->setName('stratum'); $log = $app->getLog(); $app->post('/endpoint/:id', function ($endpoint) use($log) { $entityBody = file_get_contents('php://input'); $log->debug($entityBody); $formController = new Stratum\Controller\FormController(); $log->debug("parsing input data"); $formResult = $formController->parse($entityBody); $formResult->setLogger($log); //form has updated mappings for each question $candidate = new Stratum\Model\Candidate(); $candidate->setLogger($log); $log->debug("parsed input data"); $candidateController = new Stratum\Controller\CandidateController(); $candidateController->setLogger($log); $candidate = $candidateController->populate($candidate, $formResult); $log->debug("Candidate submitted with name " . $candidate->getName()); $controller = new Stratum\Controller\BullhornController(); $controller->setLogger($log); $controller->submit($candidate); }); $app->get('/launch', function () use($app) { $app->redirect('http://northcreek.ca/stratum/launch.html'); }); $app->get('/launchForm', function (Request $request, Response $response) use($log) { // this is all the happy path assuming everything is set up properly from the Bullhorn side //load the id from the request
$app->post('/login', function () use($app) { // Dev only // Sleep 3 seconds before processing the request // to display the loader sleep(1); // check for required params verify_required_params(array('email', 'password')); // reading post params $email = $app->request()->post('email'); $password = $app->request()->post('password'); $response = array('request' => 'login'); // Sanitize data $email = filter_var($email, FILTER_SANITIZE_EMAIL); $password = filter_var($password, FILTER_SANITIZE_STRING); // Validate data if (!filter_var($email, FILTER_VALIDATE_EMAIL)) { $response['error'] = true; $response['msg'] = 'Input data not valid.'; echoRespnse(401, $response); $app->stop(); } $db = new DbHandler(); // check for correct email and password if ($db_uid = $db->checkUserExisits($email)) { // Check the brute force if ($db->checkBrute($db_uid)) { // Account is locked $response['error'] = true; $response['msg'] = 'Accout locked.'; echoRespnse(401, $response); $app->stop(); } if ($db->userLogin($email, $password)) { $response['error'] = false; $response['login'] = true; $response['msg'] = 'User logged in.'; echoRespnse(200, $response); $app->stop(); } else { $response['error'] = true; $response['msg'] = 'Password wrong.'; echoRespnse(401, $response); $app->stop(); } } else { $response['error'] = true; $response['msg'] = 'User not found.'; echoRespnse(401, $response); $app->stop(); } });