public function __construct() { parent::__construct(); $this->config_check(); $this->config->load('openvbx'); // check for required configuration values $this->load->database(); $this->load->library('ErrorMessages'); // deprecated in 1.2 $this->load->model('vbx_rest_access'); $this->load->model('vbx_message'); // When we're in testing mode, allow access to set Hiccup configuration $this->testing_mode = !empty($_REQUEST['vbx_testing_key']) ? $_REQUEST['vbx_testing_key'] == $this->config->item('testing-key') : false; $this->config->set_item('sess_cookie_name', $this->tenant->id . '-' . $this->config->item('sess_cookie_name')); $this->load->library('session'); $keys = array('base_url', 'salt'); foreach ($keys as $key) { $item[$key] = $this->config->item($key); if (empty($item[$key])) { redirect('install'); } } /* Rest API Authentication - one time pass only */ $singlepass = $this->input->cookie('singlepass'); if (!empty($singlepass)) { $ra = new VBX_Rest_Access(); $user_id = $ra->auth_key($singlepass); unset($_COOKIE['singlepass']); if ($user_id) { $this->session->set_userdata('user_id', $user_id); $this->session->set_userdata('loggedin', true); $this->session->set_userdata('signature', VBX_User::signature($user_id)); } } $user_id = $this->session->userdata('user_id'); // Signature check if (!empty($user_id)) { $signature = $this->session->userdata('signature'); if (!VBX_User::check_signature($user_id, $signature)) { $this->session->set_flashdata('error', 'Your session has expired'); $this->session->set_userdata('loggedin', false); } } if ($this->response_type == 'json') { $this->attempt_digest_auth(); } if (!$this->session->userdata('loggedin') && $this->response_type != 'json') { $redirect = site_url($this->uri->uri_string()); if (!empty($_COOKIE['last_known_url'])) { $redirect = $_COOKIE['last_known_url']; set_last_known_url('', time() - 3600); } return redirect('auth/login?redirect=' . urlencode($redirect)); } $this->user_id = $this->session->userdata('user_id'); $this->set_request_method(); /* Mark the user as seen */ if (!empty($this->user_id)) { try { $user = VBX_User::get($this->user_id); $user->setting_set('last_seen', new MY_ModelLiteral('UTC_TIMESTAMP()')); } catch (VBX_UserException $e) { /* Handle this gracefully, but report the error. */ error_log($e->getMessage()); } $this->connect_check(); /* Check for first run */ if ($this->session->userdata('is_admin') && $this->uri->segment(1) != 'welcome') { $this->welcome_check(); } /* Check for updates if an admin */ if ($this->session->userdata('is_admin') && $this->uri->segment(1) != "upgrade") { $this->upgrade_check(); } } }
/** * Validate the user's signature & state * State is generated in the welcome controller and passed through the oauth process * * @todo process $state passed back through the oauth process * * @param int $user_id * @return mixed VBX_User or false */ protected function validate_returning_user($user_id) { // jump through hoops to get around the Tenantization $userdata = $this->db->get_where('users', array('id' => $user_id))->result(); if (!empty($userdata[0])) { $actual_signature = $this->session->userdata('signature'); if (VBX_User::check_signature($userdata[0], $actual_signature)) { return $userdata[0]; } else { return false; } } }