Exemple #1
0
 private static function authorizeApiToken($app)
 {
     if (!v::key('apiKey', v::stringType())->validate($app->request->post()) || !v::key('apiToken', v::stringType())->validate($app->request->post())) {
         return false;
     }
     $user = AuthData::selectUserByIdentifierToken($app->request->post('apiKey'));
     if (!$user) {
         return "user";
     }
     if (!password_verify($app->request->post('apiToken'), $user->apiToken)) {
         return "password";
     }
     // Go now. Be free little brother.
     return $user->id;
 }
Exemple #2
0
 private static function login_logoutCurrentAccount($post)
 {
     if (v::key('logout', v::stringType())->validate($post)) {
         AuthData::deleteAuthToken(array(':identifier' => $post['logout']));
         return true;
     }
     return false;
 }
Exemple #3
0
 static function deleteExpiredAuthTokens($app)
 {
     AuthData::deleteExpiredAuthTokens();
     return $app->render(200, array('msg' => "Deleted expired auth tokens."));
 }
Exemple #4
0
 static function signup($app)
 {
     // Get Post Data
     $post = $app->request->post();
     // Validate Sent Input
     $valid = self::validateFacebookProfile($post);
     if ($valid !== true) {
         return array('registered' => false, 'msg' => 'Facebook signup failed. Check your parameters and try again.');
     }
     /*
             $token = self::getActiveAccessToken();
             $profile = self::getProfile($post['accessToken']);
             if(true || !$token) {
        return array('registered' => false, 'msg' => 'Facebook signup failed. You are not logged into Facebook.', 'token' => $token, 'profile' => $profile, 'post' => $post, 'cookie' => $_COOKIE);
             }
     */
     // Look for user with that email
     $existing = AuthData::selectUserAndPasswordByEmail($post['email']);
     if ($existing) {
         /// FAIL - If a user with that email already exists
         return array('registered' => false, 'msg' => 'Facebook signup failed. A user with that email already exists.');
     }
     $validUser = array(':email' => $post['email'], ':name_first' => $post['nameFirst'], ':name_last' => $post['nameLast'], ':facebook_id' => $post['facebookId']);
     $userId = AuthData::insertFacebookUser($validUser);
     if (!$userId) {
         /// FAIL - If Inserting the user failed
         return array('registered' => false, 'msg' => 'Facebook signup failed. Could not save user.');
     }
     // Select our new user
     $user = AuthData::selectUserById($userId);
     if (!$user) {
         /// FAIL - If Inserting the user failed (hopefully this is redundant)
         return array('registered' => false, 'msg' => 'Facebook signup failed. Could not select user.');
     }
     // Save "Where did you hear about us" and any other additional questions
     // This is "quiet" in that it may not execute if no paramters match
     // And it doesnt set the response for the api call
     InfoController::quietlySaveAdditional($post, $user->id);
     // Create an authorization
     $token = AuthControllerNative::createAuthToken($app, $user->id);
     if ($token) {
         // Create the return object
         $found = array('user' => $user);
         $found['user']->apiKey = $token['apiKey'];
         $found['user']->apiToken = $token['apiToken'];
         $found['sessionLifeHours'] = $token['sessionLifeHours'];
         $found['registered'] = true;
         return $found;
     } else {
         return array('registered' => false, 'msg' => 'Facebook Signup failed to creat auth token.');
     }
 }