Exemple #1
0
 public function loginUser()
 {
     try {
         $min_data = ['email', 'password'];
         $form = $this->getApp()->request()->post();
         foreach ($min_data as $required_field) {
             if (!isset($form[$required_field])) {
                 throw new \Exception("Missing required field " . $required_field . ". Required fields are " . implode(",", $min_data));
             }
         }
         $email = $form["email"];
         //-- In order to check the user password we need to retrieve the row by email and compare encoded passwords
         $user_auth = UserAuth::getByUserName($email);
         if (is_null($user_auth)) {
             throw new \Exception("No user with that email address");
         }
         //-- Ok, we have the user_auth info, lets check the password
         $salt = $user_auth->getSalt();
         $salt = base64_decode($salt);
         $password = $form["password"] . $salt;
         if (sha1($password) != $user_auth->getPassword()) {
             throw new \Exception("Wrong password");
         }
         $user_auth->setLastSuccessfulLogin(Utilities::now());
         $user_auth->persist();
         $token_info = ["user_id" => $user_auth->getUserId(), "user_name" => $user_auth->getUserName(), "created" => Utilities::now(), "env_secret" => _TOKEN_SECRET];
         $token = Utilities::generate_signed_request($token_info, _ENCODING_SECRET);
         $response_data = $user_auth->toArray();
         $response_data["token"] = $token;
         $this->getApp()->render(200, ['data' => $response_data]);
     } catch (\Exception $e) {
         $this->getApp()->render(200, ['error' => $e->getMessage()]);
     }
 }
Exemple #2
0
 private static function createFromDb($resource)
 {
     if (!is_null($resource)) {
         $user = new UserAuth();
         $user->setUserId($resource["user_id"]);
         $user->setUserName($resource["user_name"]);
         $user->setSalt($resource["salt"]);
         $user->setPassword($resource["password"]);
         $user->setLastSuccessfulLogin($resource["last_successful_login"]);
         return $user;
     }
     return null;
 }