/**
* Make user authorization from social identity to website session
* @return bool
* @throws \Ffcms\Core\Exception\ForbiddenException
*/
public function makeAuth()
{
if ($this->_record === null) {
return false;
}
// get user from belongsTo relation
$user = $this->_record->user;
// maybe user was deleted without data provider record?
if (!$user instanceof iUser) {
throw new ForbiddenException(__('User related to this social account was deleted'));
}
// initialize login model
$loginModel = new FormLogin();
// open session & return status
return $loginModel->openSession($user);
}
/**
* Approve user profile via $email and $token params
* @param string $email
* @param string $token
* @throws ForbiddenException
*/
public function actionApprove($email, $token)
{
// sounds like a not valid token
if (App::$User->isAuth() || Str::length($token) < 32 || !Str::isEmail($email)) {
throw new ForbiddenException();
}
// lets find token&email
$find = App::$User->where('approve_token', '=', $token)->where('email', '=', $email);
// not found? exit
if ($find->count() !== 1) {
throw new ForbiddenException();
}
// get row and update approve information
$user = $find->first();
$user->approve_token = '0';
$user->save();
// open session and redirect to main
$loginModel = new FormLogin();
$loginModel->openSession($user);
$this->response->redirect('/');
// session is opened, refresh page
}
