/** * Module installation action * * @return mixed */ public function actionIndex() { /** * @var Module $m * @var User $user */ $m = $this->_module; $userClass = $this->fetchModel(Module::MODEL_USER); if (isset($m->installAccessCode) && !$m->hasSuperUser()) { $model = new InstallForm(['scenario' => Module::SCN_ACCESS]); $session = Yii::$app->session; if (!isset($model->action)) { $model->action = self::SETUP; } if ($model->load(Yii::$app->request->post())) { if ($model->action === self::SETUP && $model->validate()) { $model = new InstallForm(['scenario' => Module::SCN_INSTALL]); } elseif ($model->action === Module::SCN_ACCESS && $model->validate()) { $model = new InstallForm(['scenario' => Module::SCN_INSTALL]); $model->scenario = Module::SCN_INSTALL; $model->action = Module::SCN_INSTALL; if (isset(Yii::$app->params['adminEmail'])) { $model->email = Yii::$app->params['adminEmail']; } } elseif ($model->action === Module::SCN_INSTALL) { $model->access_code = $m->installAccessCode; if ($model->validate()) { $user = new $userClass(['username' => $model->username, 'password' => $model->password, 'email' => $model->email, 'status' => Module::STATUS_SUPERUSER, 'scenario' => Module::SCN_INSTALL]); $user->setPassword($model->password); $user->generateAuthKey(); if (!$user->save()) { $session->setFlash('error', Yii::t('user', 'Error creating the superuser. Fix the following errors:<br>{errors}', ['errors' => Module::showErrors($user)])); $model->action = Module::SCN_INSTALL; $model->scenario = Module::SCN_INSTALL; } else { $session->setFlash('success', Yii::t('user', 'User module successfully installed! You have been automatically logged in as the superuser (username: <b>{username}</b>).', ['username' => $model->username])); $session->setFlash('warning', Yii::t('user', 'You should now remove the <code>installAccessCode</code> setting from user module configuration for better security.')); Yii::$app->user->login($user); $user->setLastLogin(); return $this->forward(Module::ACTION_ADMIN_VIEW, ['id' => $user->id]); } } else { $model->action = Module::SCN_ACCESS; $model->scenario = Module::SCN_ACCESS; } } } return $this->render($model->scenario, ['model' => $model, 'user' => isset($user) ? $user : null]); } return $this->safeRedirect(); }
/** * Social client authorization callback * * @param Client $client * * @return \yii\web\Response * @throws BadRequestHttpException */ public function onAuthSuccess($client) { /** * @var SocialProfile $socialClass * @var User $userClass * @var SocialProfile $auth * @var User $user * @var AuthEvent $event */ $socialClass = $this->fetchModel(Module::MODEL_SOCIAL_PROFILE); $userClass = $this->fetchModel(Module::MODEL_USER); $attributes = $client->getUserAttributes(); $clientId = $client->getId(); $clientTitle = $client->getTitle(); $sourceId = (string) $attributes['id']; $email = $client->getEmail(); $username = $this->parseUsername($client->getUsername(), $userClass); $event = new AuthEvent(); $event->client = $client; $event->userClass = $userClass; $event->socialClass = $socialClass; $auth = $socialClass::find()->where(['source' => $clientId, 'source_id' => $attributes['id']])->one(); $event->model = $auth; $this->_module->trigger(Module::EVENT_AUTH_BEGIN, $event); $transaction = static::tranInit($event); try { if (Yii::$app->user->isGuest) { if ($auth) { // login $user = $auth->user; $this->doAuthLogin($user, $event, $clientTitle); static::tranCommit($transaction); $event->result = AuthEvent::RESULT_LOGGED_IN; } else { // signup if (!empty($email) && $userClass::find()->where(['email' => $email])->exists()) { $event->flashType = 'error'; $event->message = Yii::t('user', 'User with the same email as in <b>{client}</b> account already exists but is not linked to it. Login using email first to link it.', ['client' => $clientTitle]); $event->result = AuthEvent::RESULT_DUPLICATE_EMAIL; } else { $minPassLen = $this->getConfig('registrationSettings', 'randomPasswordMinLength', 10); $maxPassLen = $this->getConfig('registrationSettings', 'randomPasswordMaxLength', 14); $password = Yii::$app->security->generateRandomString(rand($minPassLen, $maxPassLen)); $user = new $userClass(['username' => $username, 'email' => $email, 'password' => $password]); $user->generateAuthKey(); $user->status = Module::STATUS_ACTIVE; $success = false; if ($user->save()) { $auth = new $socialClass(['user_id' => $user->id, 'source' => $clientId, 'source_id' => $sourceId]); if ($auth->save()) { $this->doAuthLogin($user, $event, $clientTitle); static::tranCommit($transaction); $event->result = AuthEvent::RESULT_SIGNUP_SUCCESS; $success = true; } } if ($success === false) { $event->result = AuthEvent::RESULT_SIGNUP_ERROR; $event->flashType = 'error'; $event->message = Yii::t('user', 'Error while authenticating <b>{client}</b> account.<pre>{errors}</pre>', ['client' => $clientTitle, 'errors' => Module::showErrors($user)]); throw new Exception('Error authenticating social client'); } } } } else { // user already logged in if (!$auth) { // add auth provider $user = Yii::$app->user; $id = $user->id; $auth = new $socialClass(['user_id' => $id, 'source' => $clientId, 'source_id' => $attributes['id']]); $event->model = $auth; if ($auth->save()) { static::tranCommit($transaction); $event->result = AuthEvent::RESULT_LOGGED_IN; $event->flashType = 'success'; $event->message = Yii::t('user', 'Successfully authenticated <b>{client}</b> account for <b>{user}</b>.', ['client' => $clientTitle, 'user' => $user->username]); } else { $event->result = AuthEvent::RESULT_AUTH_ERROR; $event->flashType = 'error'; $event->message = Yii::t('user', 'Error while authenticating <b>{client}</b> account for <b>{user}</b>.{errors}', ['client' => $clientTitle, 'errors' => Module::showErrors($auth)]); throw new Exception('Error authenticating social client'); } } else { $event->flashType = 'info'; $event->message = Yii::t('user', 'You are already connected with this <b>{client}</b> account.', ['client' => $clientTitle]); $event->result = AuthEvent::RESULT_LOGGED_IN; } } } catch (Exception $e) { static::tranRollback($transaction); $this->raise($e, $event); } $this->_module->trigger(Module::EVENT_AUTH_COMPLETE, $event); static::setFlash($event); }