/**
* @Route ("/impersonate")
* @HttpMethod ({"GET"})
*
* @param array $params
* @throws Exception
* @return string
*/
public function impersonate(array $params)
{
if (!Config::$a['allowImpersonation']) {
throw new Exception('Impersonating is not allowed');
}
$userId = isset($params['userId']) && !empty($params['userId']) ? $params['userId'] : '';
$username = isset($params['username']) && !empty($params['username']) ? $params['username'] : '';
if (empty($userId) && empty($username)) {
throw new Exception('[username] or [userId] required');
}
$authService = AuthenticationService::instance();
$userService = UserService::instance();
if (!empty($userId)) {
$user = $userService->getUserById($userId);
} else {
if (!empty($username)) {
$user = $userService->getUserByUsername($username);
}
}
if (empty($user)) {
throw new Exception('User not found. Try a different userId or username');
}
$credentials = $authService->getUserCredentials($user, 'impersonating');
Session::start();
Session::updateCredentials($credentials);
ChatIntegrationService::instance()->setChatSession($credentials, Session::getSessionId());
return 'redirect: /';
}
/**
* Checks the users current session status
* Does a remember me login
* @return void
*/
public function init()
{
$app = Application::instance();
$authService = AuthenticationService::instance();
// If the session hasnt started, or the data is not valid (result from php clearing the session data), check the Remember me cookie
if (!Session::isStarted() || !Session::getCredentials()->isValid()) {
$userId = $authService->getRememberMe();
if ($userId !== false) {
$userManager = UserService::instance();
$user = $userManager->getUserById($userId);
if (!empty($user)) {
Session::start(Session::START_NOCOOKIE);
$credentials = $authService->getUserCredentials($user, 'rememberme');
Session::updateCredentials($credentials);
ChatIntegrationService::instance()->setChatSession($credentials, Session::getSessionId());
$authService->setRememberMe($user);
}
}
}
}
/**
* @Route ("/login")
* @HttpMethod ({"POST"})
*
* @param array $params
* @param ViewModel $model
* @return string
*/
public function loginPost(array $params, ViewModel $model)
{
$userService = UserService::instance();
$authProvider = isset($params['authProvider']) && !empty($params['authProvider']) ? $params['authProvider'] : '';
$rememberme = isset($params['rememberme']) && !empty($params['rememberme']) ? true : false;
if (empty($authProvider)) {
$model->title = 'Login error';
$model->rememberme = $rememberme;
$model->error = new Exception('Please select a authentication provider');
return 'login';
}
Session::start(Session::START_NOCOOKIE);
if ($rememberme) {
Session::set('rememberme', 1);
}
if (isset($params['follow']) && !empty($params['follow'])) {
Session::set('follow', $params['follow']);
}
switch (strtoupper($authProvider)) {
case 'TWITCH':
$authHandler = new TwitchAuthHandler();
return 'redirect: ' . $authHandler->getAuthenticationUrl();
case 'GOOGLE':
$authHandler = new GoogleAuthHandler();
return 'redirect: ' . $authHandler->getAuthenticationUrl();
case 'TWITTER':
$authHandler = new TwitterAuthHandler();
return 'redirect: ' . $authHandler->getAuthenticationUrl();
case 'REDDIT':
$authHandler = new RedditAuthHandler();
return 'redirect: ' . $authHandler->getAuthenticationUrl();
default:
$model->title = 'Login error';
$model->rememberme = $rememberme;
$model->error = new Exception('Authentication type not supported');
return 'login';
}
}
/**
* Starts up the session, looks for remember me if there was no session
* Also updates the session if the user is flagged for it.
*
* @throws Exception
*/
public function startSession()
{
// If the session has a cookie, start it
if (Session::hasSessionCookie() && Session::start() && Session::hasRole(UserRole::USER)) {
ChatIntegrationService::instance()->renewChatSessionExpiration(Session::getSessionId());
}
// Check the Remember me cookie if the session is invalid
if (!Session::hasRole(UserRole::USER)) {
$user = $this->getRememberMe();
if (!empty($user)) {
Session::start();
Session::updateCredentials($this->getUserCredentials($user, 'rememberme'));
$this->setRememberMe($user);
// flagUserForUpdate updates the credentials AGAIN, but since its low impact
// Instead of doing the logic in two places
$this->flagUserForUpdate($user['userId']);
}
}
// Update the user if they have been flagged for an update
if (Session::hasRole(UserRole::USER)) {
$userId = Session::getCredentials()->getUserId();
if (!empty($userId) && $this->isUserFlaggedForUpdate($userId)) {
$user = UserService::instance()->getUserById($userId);
if (!empty($user)) {
$this->clearUserUpdateFlag($userId);
Session::updateCredentials($this->getUserCredentials($user, 'session'));
// the refreshChatSession differs from this call, because only here we have access to the session id.
ChatIntegrationService::instance()->setChatSession(Session::getCredentials(), Session::getSessionId());
}
}
}
}
use Destiny\Common\Session;
use Destiny\Common\Config;
use Destiny\Common\Routing\Router;
use Destiny\Common\Routing\RouteAnnotationClassLoader;
use Destiny\Common\DirectoryClassIterator;
use Destiny\Common\Authentication\RememberMeService;
use Destiny\Common\Authentication\AuthenticationService;
use Doctrine\Common\Annotations\FileCacheReader;
use Doctrine\Common\Annotations\AnnotationReader;
use Destiny\Common\Request;
ini_set('session.gc_maxlifetime', 5 * 60 * 60);
$context = new \stdClass();
$context->log = 'web';
require __DIR__ . '/../lib/boot.php';
$app = Application::instance();
$app->setRouter(new Router());
$app->setAnnotationReader(new FileCacheReader(new AnnotationReader(), realpath(Config::$a['cache']['path']) . '/annotation/'));
// Annotation reader and routing
RouteAnnotationClassLoader::loadClasses(new DirectoryClassIterator(_BASEDIR . '/lib/', 'Destiny/Controllers/'), $app->getAnnotationReader());
// Setup user session
$session = new SessionInstance();
$session->setSessionCookie(new SessionCookie(Config::$a['cookie']));
$session->setCredentials(new SessionCredentials());
$app->setSession($session);
// Start the session if a valid session cookie is found
Session::start(Session::START_IFCOOKIE);
// Startup the remember me and auth service
AuthenticationService::instance()->init();
RememberMeService::instance()->init();
// Attempts to find a route and execute it
$app->executeRequest(new Request());
