Exemple #1
0
 public function profile()
 {
     // user connected?
     if (!isset($_SESSION['user'])) {
         $this->redirect('users/login');
     }
     // load user and authentication models
     $user = new UserModel();
     $authentication = new AuthModel();
     // get the user data from database
     $user_data = $user->findById($_SESSION['user']);
     // provider like twitter, linkedin, do not provide the user email
     // in this case, we should ask them to complete their profile before continuing
     if (!$user_data['email']) {
         $this->redirect('users/complete_registration');
     }
     // get the user authentication info from db, if any
     $user_authentication = $authentication->findByUserId($_SESSION['user']);
     // load profile view
     $this->render('users/profile', compact('user_data', 'user_authentication'));
 }
 public function authenticateWith($provider)
 {
     try {
         // create an instance for Auth with the configuration file path as parameter
         $auth = new Auth(self::$config['auth'], new Session());
         // try to authenticate the selected $provider
         $adapter = $auth->getAdapter($provider)->authenticate();
         // grab the user profile
         $user_profile = $adapter->getUserProfile();
         // load user and authentication models, we will need them...
         $authentication = new AuthModel();
         $user = new UserModel();
         # 1 - check if user already have authenticated using this provider before
         $authentication_info = $authentication->findByProviderUid($provider, $user_profile->identifier);
         // 2 - if authentication exists in the database, then we set the user as connected
         // and redirect him to his profile page
         if ($authentication_info) {
             // 2.1 - store user_id in session
             $_SESSION['user'] = $authentication_info['user_id'];
             // 2.2 - redirect to user/profile
             $this->redirect('users/profile');
         }
         // 3 - else, here lets check if the user email we got from the provider already exists in our database
         // ( for this example the email is UNIQUE for each user )
         // if authentication does not exist, but the email address returned  by the provider does exist in database,
         // then we tell the user that the email  is already in use
         // but, its up to you if you want to associate the authentication with the user having the adresse email
         // in the database
         if ($user_profile->email) {
             $user_info = $user->findByEmail($user_profile->email);
             if ($user_info) {
                 die('<br /><b style="color:red">Well! the email returned by the provider (' . $user_profile->email . ') already exist in our database, so in this case you might use the ' . '<a href="index.php?route=users/login">Sign-in</a> to login using your email and password.</b>');
             }
         }
         // 4 - if authentication does not exist and email is not in use, then we create a new user
         $provider_uid = $user_profile->identifier ?: '';
         $email = $user_profile->email ?: '';
         $first_name = $user_profile->firstName ?: '';
         $last_name = $user_profile->lastName ?: '';
         $display_name = $user_profile->displayName ?: '';
         $website_url = $user_profile->webSiteURL ?: '';
         $profile_url = $user_profile->profileURL ?: '';
         $password = rand();
         # for the password we generate something random
         // 4.1 - create new user
         $new_user_id = $user->create($email, $password, $first_name, $last_name);
         // 4.2 - creat a new authentication for him
         $authentication->create($new_user_id, $provider, $provider_uid, $email, $display_name, $first_name, $last_name, $profile_url, $website_url);
         // 4.3 - store the new user_id in session
         $_SESSION['user'] = $new_user_id;
         // 4.4 - redirect to user/profile
         $this->redirect('users/profile');
     } catch (Exception $e) {
         // Display the recived error
         switch ($e->getCode()) {
             case 0:
                 $error = 'Unspecified error.';
                 break;
             case 1:
                 $error = 'Hybriauth configuration error.';
                 break;
             case 2:
                 $error = 'Provider not properly configured.';
                 break;
             case 3:
                 $error = 'Unknown or disabled provider.';
                 break;
             case 4:
                 $error = 'Missing provider application credentials.';
                 break;
             case 5:
                 $error = 'Authentication failed. The user has canceled the authentication or ' . 'the provider refused the connection.';
                 break;
             case 6:
                 $error = 'User profile request failed. Most likely the user is not connected to the provider and ' . 'he should to authenticate again.';
                 $adapter->logout();
                 break;
             case 7:
                 $error = 'User not connected to the provider.';
                 $adapter->logout();
                 break;
         }
         // well, basically your should not display this to the end user, just give him a hint and move on..
         $error .= "<br /><br /><b>Original error message:</b> " . $e->getMessage();
         $error .= "<hr /><pre>Trace:<br />" . $e->getTraceAsString() . "</pre>";
         // load error view
         $this->render('pages/error', compact('error'));
     }
 }