public function __construct($params) { global $_ENV; global $_SETTINGS; global $_LANG; global $PAGES; $this->params = array_merge($params, $_ENV, $_SETTINGS, $_LANG, $PAGES); $this->_API = new ApiCaller($this->params['api']['user_key'], $this->params['api']['api_key'], $this->params['api']['core_api_url']); if (!isset($_SESSION['email'])) { require 'controllers/AuthController.php'; $obj = new AuthController($this->params); $obj->loginAction(); exit; } else { if (isset($_SESSION['password'])) { global $_OPERATORS; if ($_OPERATORS[$_SESSION['email']] == !$_SESSION['password']) { $this->params['page_title'] = $this->params['wrong_password_text']; View::render('auth/nopasswd', $this->params); exit; } } else { $this->params['page_title'] = $this->params['wrong_password_text']; View::render('auth/nopasswd', $this->params); exit; } } }
public function init() { if (isset($_COOKIE["masterpw"]) || isset($_POST["password"])) { $authC = new AuthController(); $authC->auth(); } $data = array("navbar" => NULL, "list" => NULL); if (SessionController::getAuth()) { if (isset($_GET["scan"])) { $animeC = new AnimeController(); $animeC->scanNew(); header("location: " . str_replace("?scan", "", $_SERVER['REQUEST_URI'])); } elseif (isset($_GET["anime"]) && isset($_GET["episode"])) { $animeC = new AnimeController(); $data["video"] = array("model" => $animeC->getAnime($_GET["anime"])); } else { $animeM = new AnimeMapper(); $data["list"] = array("model" => $animeM->getAnimes()); } if (isset($_COOKIE["lastEpisode"])) { $arr = explode("|", $_COOKIE["lastEpisode"]); $data["list"]["lastEpisode"]["id"] = $arr[0]; $data["list"]["lastEpisode"]["nr"] = $arr[1]; $data["navbar"]["lastEpisode"]["id"] = $arr[0]; $data["navbar"]["lastEpisode"]["nr"] = $arr[1]; $data["video"]["lastEpisode"]["id"] = $arr[0]; $data["video"]["lastEpisode"]["nr"] = $arr[1]; $data["video"]["lastEpisode"]["timestamp"] = $arr[2]; } } $this->renderView($data); }
public function testGetAuthAdapterFunctionReturnsAuthAdapter() { $this->dispatch('/'); $auth_controller = new AuthController($this->request, $this->response, $this->request->getParams()); $return_value = $auth_controller->getAuthAdapter(array('username' => '', 'password' => '')); $this->assertTrue($return_value instanceof Zend_Auth_Adapter_Interface); }
public function indexAction($msg = null) { if ($msg != null) { $msg = $msg->compile($this->jquery); $this->view->setVar("msg", $msg); } else { $this->view->setVar("msg", ""); } $this->session->__unset("bread"); if (AuthController::isAuth()) { $user = $this->session->get('user'); switch ($user->getIdRole()) { case 1: $this->adminIndex($msg); break; case 2: $this->dvlpIndex($msg); break; case 3: $this->clientIndex($msg); break; case 4: $this->managerIndex($msg); break; } } }
public function init() { parent::init(); AuthController::getInstance()->requireLogin(); ErrorHandler::getInstance()->getUrlErrorMessage(); $this->setSmarty(); }
/** * 显示评价信息 * GET /rate * * @return Response */ public function getList() { // $rates = array(); if (Input::has('shopID')) { $shopID = base64_decode(Input::get('shopID')); if (0 == strcmp($shopID, ALL_SHOPS_FALG)) { $headerShop = (object) array("wy_shop_id" => base64_encode(ALL_SHOPS_FALG), "wy_shop_name" => ALL_SHOPS); return View::make('admin.manage.rate.rate', compact('headerShop', 'rates'))->withAll(Lang::get('messages.10015')); } else { $headerShop = AuthController::checkShop($shopID); if (empty($headerShop)) { return View::make('admin.manage.rate.rate', compact('headerShop', 'rates'))->withError(Lang::get('errormessages.-10045')); } else { $shop = Shop::where('wy_shop_id', $shopID)->first(array('wy_comprehensive_evaluation', 'wy_service_score', 'wy_goods_score')); $rates = Rate::where('wy_shop_id', $shopID)->orderBy('wy_time', 'desc')->paginate(PERPAGE_COUNT_10, array('wy_comment_id', 'wy_main_order_id', 'wy_user_phone', 'wy_time', 'wy_content')); foreach ($rates as $index => $rate) { $rate->wy_comment_id = base64_encode($rate->wy_comment_id); $mainOrder = MainOrder::where('wy_main_order_id', $rate->wy_main_order_id)->first(array('wy_order_number')); if (!empty($mainOrder)) { $rate->wy_order_number = $mainOrder->wy_order_number; } else { $rate->wy_order_number = Lang::get('errormessages.-10058'); } $rate->wy_main_order_id = base64_encode($rate->wy_main_order_id); } return View::make('admin.manage.rate.rate', compact('headerShop', 'shop', 'rates')); } } } else { return View::make('admin.manage.rate.rate', compact('rates'))->withError(Lang::get('errormessages.-10045')); } }
public function afterExecuteRoute() { $this->view->setVar("siteUrl", $this->url->getBaseUri()); if (!Auth::isAuth()) { $this->dispatcher->forward(array("controller" => "Auth", "action" => "signin")); $this->jquery->exec('$(".breadcrumb").hide();$(".menuItem").hide();$(".nomUser").hide()', true); $this->jquery->compile($this->view); } else { //$this->view->disable(); $allow = true; $user = $this->session->get('user'); if (!($this->dispatcher->getControllerName() == "Index" || $this->dispatcher->getControllerName() == "Auth")) { $allow = false; foreach ($user->getRole()->getAcl() as $acl) { if (($acl->getController() == $this->dispatcher->getControllerName() || $acl->getController() == "Default") && $acl->getAction() == $this->dispatcher->getActionName()) { $allow = true; break; } } } if (!$allow) { $this->dispatcher->forward(array("controller" => "Index", "action" => "index", "params" => array(new DisplayedMessage("Vous n'avez pas accès à cette partie de l'application.", "danger")))); return; } $this->breadCrumbsAction(); $this->menuAction(); $this->userAction(); } }
public function userSessionSwitcher() { if (AuthController::isLogged()) { AuthController::unlogUser(); } AuthController::loginUser(); }
public static function getInstance() { if (!isset(self::$instance)) { self::$instance = new AuthController(); } return self::$instance; }
/** * Routes the request to appropriate controller and returns resource params * * @return Resource $resource */ public static function getResource() { $resource = new Resource(); $firstParam = RequestManager::getParam(RequestManager::FIRST_PARAM); $secondParam = RequestManager::getParam(RequestManager::SECOND_PARAM); $thirdParam = RequestManager::getParam(RequestManager::THIRD_PARAM); if (AuthController::isLoggedIn()) { if (empty($firstParam) && empty($secondParam) && empty($thirdParam)) { $resource->setKey(Constants::INDEX_URI_KEY); } else { $className = ucfirst($firstParam) . 'Controller'; if (class_exists($className) && is_subclass_of(new $className(), 'AbstractController')) { $resource->setKey($className::MODULE_KEY); } else { if (!empty($firstParam) && !empty($secondParam) && !empty($thirdParam)) { $resource->setKey(Constants::EXPLORER_URI_KEY); } else { $resource->setKey(Constants::INDEX_URI_KEY); } } } } else { $resource->setKey(Constants::AUTH_URI_KEY); if ($firstParam !== Constants::AUTH_URI_KEY) { RequestManager::setPendingRequestURI(); } } $resource = self::setCorrectParams($resource, array($firstParam, $secondParam, $thirdParam)); return $resource; }
public function init() { parent::init(); AuthController::requireLogin(); AuthController::requireShopSession(); $this->setSmarty(); }
function get_menu($params) { $out = ''; extract($params); $prefix = empty($prefix) ? '' : $prefix; $suffix = empty($suffix) ? '' : $suffix; $pre_tag = empty($pre_tag) ? '' : $pre_tag; $after_tag = empty($after_tag) ? '' : $after_tag; $out = ''; include_once LIB_ROOT . '/pages/page.class.php'; $out .= $prefix . '<a href="/" class=menu>' . _('Home') . '</a>' . $suffix; if (!AuthController::getInstance()->isAuthorized() && $show_signup) { $out .= $prefix . '<a href="/signup.php" class=menu>' . _('Sign Up') . '</a>' . $suffix; } if ($show_memberarea) { $out .= $prefix . '<a href="/user/account.php" class=menu>' . _('Member\'s area') . '</a>' . $suffix; } if (Project::getInstance()->getCurUser()->isAdmin()) { $out .= $prefix . '<small><a href="/includes/inlines/admin/page.php?position=0" target="blank" style="font-size:9px;">(add page here)</a></small>' . $suffix; } $result = sql_query(' SELECT * FROM pages WHERE lang="' . $_COOKIE['lang'] . '" AND home=0 AND show_in_menu=1 ORDER BY position, id DESC '); while ($menu_page = mysql_fetch_assoc($result)) { $out .= $prefix . '<a href="/index.php?page=' . $menu_page['id'] . '" class=menu>' . $menu_page['name'] . '</a>' . $suffix; if (Project::getInstance()->getCurUser()->isAdmin()) { $out .= $prefix . '<small><a href="/includes/inlines/admin/page.php?position=' . $menu_page['position'] . '" target="blank" style="font-size:9px;">(add page here)</a></small>' . $suffix; } } $out .= $exclude ? '' : $prefix . '<a href="/contactus.php" class=menu>' . _('Contact Us') . '</a>' . $suffix; return $pre_tag . $out . $after_tag; }
public function display_view($message) { // Grabs the URI and breaks it apart in case we have querystring stuff $request_uri = explode('?', $_SERVER['REQUEST_URI'], 2); //Root if ($request_uri[0] === '/public_html/') { if ($_SERVER['REQUEST_METHOD'] == 'GET') { require '../App/Views/goals.php'; } if ($_SERVER['REQUEST_METHOD'] == 'POST') { GoalController::add_goal(); } } //Goals if ($request_uri[0] === '/public_html/goals') { if ($_SERVER['REQUEST_METHOD'] == 'GET') { require '../App/Views/goals.php'; } if ($_SERVER['REQUEST_METHOD'] == 'POST') { GoalController::add_goal(); } } if ($request_uri[0] === '/public_html/goals/json') { if ($_SERVER['REQUEST_METHOD'] == 'GET') { header('Location: /public_html/json_goals.php'); } } if ($request_uri[0] === '/public_html/goal') { if ($_SERVER['REQUEST_METHOD'] == 'GET') { require '../App/Views/goal.php'; } if ($_SERVER['REQUEST_METHOD'] == 'POST') { GoalController::update_goal_by_id(); } } //Register if ($request_uri[0] === '/public_html/register') { if ($_SERVER['REQUEST_METHOD'] == 'GET') { require '../App/Views/register.php'; } if ($_SERVER['REQUEST_METHOD'] == 'POST') { UserController::add_user(); } } //Login if ($request_uri[0] === '/public_html/login') { if ($_SERVER['REQUEST_METHOD'] == 'GET') { require '../App/Views/login.php'; } if ($_SERVER['REQUEST_METHOD'] == 'POST') { AuthController::login_user(); } } if ($request_uri[0] === '/public_html/logout') { if ($_SERVER['REQUEST_METHOD'] == 'GET') { AuthController::logout_user(); } } }
public function checkToken() { $auth = new AuthController(); try { $token = $auth->verifyToken(); } catch (Exception $e) { echo $this->utils->errorResponse($e->getMessage()); return false; } if (isset($token)) { if ($this->debug) { $this->utils->debug(__METHOD__, $token); } $this->userID = $token->user->userID; return true; } }
public function init() { parent::init(); AuthController::requireLogin(); AuthController::requireShopSession(); Shop::getInstance()->requireOpenShop(); $this->setSmarty(); }
/** * Display login form */ private function displayLoginForm() { if (!AuthController::isLoggedIn()) { $this->smarty->assign('LOGIN_ACTION_VALUE', AuthController::LOGIN_ACTION_VALUE); $this->render(AuthController::AUTH_LOGIN_KEY); } else { RequestManager::redirect(); } }
public static function price() { $app = \Slim\Slim::getInstance(); $data = $app->request->post(); $course_sales = isset($data['course_sales']) ? $data['course_sales'] : null; $coupons = isset($data['coupons']) ? $data['coupons'] : null; $token = AuthController::getToken($app->request->headers); $auth = Auth_Token::where('token', '=', $token)->first(); if (!$auth) { $app->response->setStatus(401); return 0; } $price_array = explode(",", $course_sales); $coupon_array = explode(",", $coupons); $result = array(); //go get price and course details and put in memory so that we minimize hits to DB $details_array = array(); foreach ($price_array as $price_id) { try { $price = Price::find($price_id); $course = $price->course; array_push($details_array, array("course_id" => $course->id, "price_id" => $price->id, "price" => $course->price)); } catch (Exception $ex) { } } foreach ($coupon_array as $code) { $code = trim($code); try { $valid_coupon = Coupon::valid()->where("code", "=", $code)->first(); } catch (Exception $e) { $valid_coupon = false; } if ($valid_coupon) { //check to see if the course exists $course_sale_id = $valid_coupon->course_sale_id; for ($i = 0; $i < sizeof($details_array); $i++) { if ($course_sale_id == $details_array[$i]["price_id"]) { $price = $details_array[$i]["price"]; $value = $valid_coupon->value; $type = $valid_coupon->type; $price_change = 0; if ($type == "percent-discount") { $price_change = $price * $value; } elseif ($type == "flat-discount") { $price_change = $value; } array_push($result, array("course_sale_id" => $course_sale_id, "code" => $code, "comments" => $valid_coupon->comments, "price" => $price, "price_change" => $price_change, "new_price" => $price - $price_change)); array_splice($details_array, $i, 1); break; } } } } $app->response->setStatus(200); return json_encode($result); }
public function route() { $request = trim(parse_url($_SERVER['REQUEST_URI'], PHP_URL_PATH), '/'); $request_arr = explode('/', $request); if ($request == '') { $controller = new IndexController($this->service); $controller->indexAction(); } elseif ($request == 'basket') { $controller = new BasketController($this->service); $controller->indexAction(); } elseif ($request == 'auth') { $controller = new AuthController($this->service); $controller->indexAction(); } elseif ($request == 'reg') { $controller = new RegController($this->service); $controller->indexAction(); } elseif ($request == 'admin') { $controller = new AdminController($this->service); $controller->indexAction(); } elseif ($request == 'admin/additem') { $controller = new AdminController($this->service); $controller->additemAction(); } elseif ($request == 'admin/category') { $controller = new AdminController($this->service); $controller->categoryAction(); } elseif ($request == 'admin/catalog') { $controller = new AdminController($this->service); $controller->catalogAction(); } elseif ($request == 'admin/orders') { $controller = new AdminController($this->service); $controller->ordersAction(); } elseif ($request = 'cat/' . $request_arr[1]) { $category_mapper = new CategoryMapper($this->service->get('db')); if (!$category_mapper->getCategoryFromCode($request_arr[1])) { $this->get404(); } else { $controller = new CatController($this->service); $controller->categoryAction($request_arr[1]); } } else { $this->get404(); } }
public function getListInfo() { $disableChange = DEFAULT_0; $headerShop = AuthController::checkUserURL(); if (empty($headerShop)) { return View::make('admin.manage.protocol.protocolinfo'); } else { return View::make('admin.manage.protocol.protocolinfo', compact('headerShop', 'disableChange')); } }
public function startShopSession() { if (Shop::getInstance()->isShopUser()) { if (AuthController::setShopSession()) { Shop::setShopSession($_GET['id_shop']); header('Location: home.php'); exit; } } header('Location: shop_selection.php?errorMessage=accessDenied'); exit; }
/** * Display a listing of the resource. * * @return Response */ public function getList() { // $user = Auth::user(); $disableChange = DEFAULT_0; $headerShop = AuthController::checkUserURL(); if (empty($headerShop)) { return View::make('admin.manage.user.user', compact('user', 'disableChange')); } else { return View::make('admin.manage.user.user', compact('headerShop', 'user', 'disableChange')); } }
/** * 显示满就减列表 * * @return Response */ public function getList() { // $shopID = base64_decode(Input::get('shopID')); $disableChange = DEFAULT_0; $headerShop = AuthController::checkUserURL(); if (empty($headerShop)) { return View::make('admin.market.reward.reward', compact('disableChange')); } else { return View::make('admin.market.reward.reward', compact('headerShop', 'disableChange')); } }
public function init() { //precedence order parent::init(); AuthController::requireLogin(); AuthController::requireShopSession(); Shop::getInstance()->requireOpenShop(); $formProcess = new FormProductProcess(); $this->verifyURLVars(); $this->requireActiveCategory(); $this->setSmarty(); }
public function profile() { $user = User::find(self::userId()); if (Request::isMethod('GET')) { return View::make("user.profile", ['user' => $user]); } else { if (User::profileSave($user)) { AuthController::setUserSession($user); } return Redirect::to('profile'); } }
/** * 获取店铺详细信息 * * @return Response */ public function getInfo() { $userID = Auth::id(); $shopInfoID = base64_decode(Input::get('shopInfoID')); $shop = Shop::where('wy_shopkeeper', $userID)->where('wy_shop_id', $shopInfoID)->first(array('wy_shop_id', 'wy_shop_type', 'wy_shop_name', 'wy_shop_icon', 'wy_province_id', 'wy_city_id', 'wy_district_id', 'wy_region_id', 'wy_latitude', 'wy_longitude', 'wy_distance', 'wy_state', 'wy_audit_state', 'wy_send_up_price', 'wy_express_fee', 'wy_phone', 'wy_send_up_time', 'wy_brief', 'wy_start_time', 'wy_keywords', 'wy_addr', 'wy_open_begin', 'wy_open_end', 'wy_delivery_begin', 'wy_delivery_end')); if (empty($shop)) { $shopID = base64_decode(Input::get('shopID')); return Redirect::route('shop.list', array("shopID" => $shopID))->with('error', Lang::get('errormessages.-10039')); } else { $shop->wy_shop_id = base64_encode($shop->wy_shop_id); $types = Dictionary::where('wy_dic_id', DIC_SHOP_TYPE)->get(array('wy_dic_item_id', 'wy_dic_value')); $typeValue = $shop->wy_shop_type; $provinceValues = Region::where('wy_region_parentid', DEFAULT_0)->where('wy_region_level', REGION_LEVEL_1)->get(array('wy_region_id', 'wy_region_name', 'wy_region_parentid', 'wy_region_shortname')); $cityValues = Region::where('wy_region_parentid', $shop->wy_province_id)->where('wy_region_level', REGION_LEVEL_2)->get(array('wy_region_id', 'wy_region_name', 'wy_region_parentid', 'wy_region_shortname')); $districtValues = Region::where('wy_region_parentid', $shop->wy_city_id)->where('wy_region_level', REGION_LEVEL_3)->get(array('wy_region_id', 'wy_region_name', 'wy_region_parentid', 'wy_region_shortname')); $disableChange = DEFAULT_0; $headerShop = AuthController::checkUserURL(); if (empty($headerShop)) { return View::make('admin.manage.shop.shopinfo', compact('shop', 'provinceValues', 'cityValues', 'districtValues', 'disableChange'))->nest('shopType', 'admin.template.dic.type', compact('types', 'typeValue')); } else { return View::make('admin.manage.shop.shopinfo', compact('headerShop', 'shop', 'provinceValues', 'cityValues', 'districtValues', 'disableChange'))->nest('shopType', 'admin.template.dic.type', compact('types', 'typeValue')); } } }
<?php $app->get('/', function () use($app) { require 'controllers/MainController.php'; $controller = new MainController(); $controller->index($app); }); $app->post('/registration', function () use($app) { require 'controllers/RegistrationController.php'; require 'models/RegistrationModel.php'; $controller = new RegistrationController(); $controller->index($app); }); $app->post('/auth', function () use($app) { require 'controllers/AuthController.php'; require 'models/AuthModel.php'; $controller = new AuthController(); $controller->index($app); });
static function addRoutes($app, $authenticateForRole) { ///// // System Admin // TODO: Create system functions route ///// $app->map("/admin/auth/delete/expired-tokens/", $authenticateForRole('admin'), function () use($app) { AuthController::deleteExpiredAuthTokens($app); })->via(['DELETE', 'POST']); /** * @api {post} /user/update/password Manage user password. * @apiName ChangeUserPassword * @apiGroup Auth * * @apiParam {String} apiKey User session key. * @apiParam {String} apiToken User session unhashed token. * * @apiParam {Integer} userId optional but Required if the User Email was not provided. Used to select the user. * @apiParam {String} email optional but Required if the User ID was not provided. Used to select the user. * @apiParam {String} current Current user password for user authentication. * @apiParam {String} new New password for the user to change it too. * * @apiSuccessExample {json} Success-Response: * HTTP/1.1 200: OK * { * "data": { * "msg": "Password successfully changed." * }, * "meta": { * "error": false, * "status": 200 * } * } * * @apiErrorExample {json} Error-Missing-Parameters: * HTTP/1.1 400: Bad Request * { * "data": { * "msg": "Password could not be changed. Check your parameters and try again." * }, * "meta": { * "error": true, * "status": 400 * } * } * * @apiErrorExample {json} Error-Invalid-New-Password: * HTTP/1.1 400: Bad Request * { * "data": { * "msg": "Invalid Password. Check your parameters and try again." * }, * "meta": { * "error": true, * "status": 400 * } * } * * @apiErrorExample {json} Error-User-Id-Not-Found: * HTTP/1.1 400: Bad Request * { * "data": { * "msg": "User not found. Check your parameters and try again." * }, * "meta": { * "error": true, * "status": 400 * } * } * * @apiErrorExample {json} Error-Unauthorized: * HTTP/1.1 401: Unauthorized * { * "data": { * "msg": "Invalid user password. Unable to verify request." * }, * "meta": { * "error": true, * "status": 401 * } * } * * @apiErrorExample {json} Error-Unknown-DB-Update: * HTTP/1.1 400: Bad Request * { * "data": { * "msg": "Password could not be changed. Try again later." * }, * "meta": { * "error": true, * "status": 400 * } * } */ $app->post("/user/update/password/", $authenticateForRole('member'), function () use($app) { AuthController::changeUserPassword($app); }); //* /auth/ routes - publicly accessable $app->group('/auth', $authenticateForRole('public'), function () use($app) { /** * @api {post} /auth/authenticate Confirm api key and token pair represents an active user login session. * @apiName Authenticate * @apiGroup Auth * * @apiParam {String} apiKey User session key. * @apiParam {String} apiToken User session unhashed token. * * @apiSuccessExample {json} Success-Response: * HTTP/1.1 200: OK * { * "data": { * "authenticated": true, * "sessionLifeHours": 1 * "user": { * "id": "28", * "nameFirst": "Rachel", * "nameLast": "Testing", * "email": "*****@*****.**", * "displayName": "Rachel", * "roles": ['3'], * "apiKey": "caf02551768a09e1aed8946ecacce3b01f253884a08bded1f1a76520b8f0c4e847914a1daea072ab957582a2c32beceacd62b5e6842f18ef2b21a3f13b16c374", * "apiToken": "c88e7640de8f34c18d7d07d6d0a26b0d9896f188766e445bac32a44cb275ba89" * } * }, * "meta": { * "error": false, * "status": 200 * } * } * * * @apiErrorExample {json} Error-Missing-Parameters: * HTTP/1.1 401: Unauthorized * { * "data": { * "authenticated": false, * "msg": "Unauthenticated: Invalid request. Check your parameters and try again." * }, * "meta": { * "error": true, * "status": 401 * } * } * * * @apiErrorExample {json} Error-Incorrect-Values: * HTTP/1.1 401: Unauthorized * { * "data": { * "authenticated": false, * "msg": "Unauthenticated: No User" * }, * "meta": { * "error": true, * "status": 401 * } * } */ $app->post("/authenticate/", function () use($app) { AuthController::isAuthenticated($app); }); /** * @api {post} /auth/signup Standard user signup. * @apiName Signup * @apiGroup Auth * * @apiParam {String} email User email address. * @apiParam {String} passowrd User unencrypted password. * @apiParam {String} nameFirst User first name. * @apiParam {String} nameLast User last name. * @apiParam {Integer} teamId optional Team to add the new player too. * * @apiSuccessExample {json} Success-Response: * HTTP/1.1 200: OK * { * "data": { * "registered": true, * "sessionLifeHours": 1 * "user": { * "id": "28", * "nameFirst": "Rachel", * "nameLast": "Testing", * "email": "*****@*****.**", * "displayName": "Rachel", * "roles": ['3'], * "apiKey": "caf02551768a09e1aed8946ecacce3b01f253884a08bded1f1a76520b8f0c4e847914a1daea072ab957582a2c32beceacd62b5e6842f18ef2b21a3f13b16c374", * "apiToken": "c88e7640de8f34c18d7d07d6d0a26b0d9896f188766e445bac32a44cb275ba89" * } * }, * "meta": { * "error": false, * "status": 200 * } * } * * @apiErrorExample {json} Error-Missing-Parameters: * HTTP/1.1 400: Bad Request * { * "data": { * "registered": false, * "msg": "Signup failed. Check your parameters and try again." * }, * "meta": { * "error": true, * "status": 400 * } * } * * @apiErrorExample {json} Error-Duplicate-Email: * HTTP/1.1 400: Bad Request * { * "data": { * "registered": false, * "msg": "Signup failed. A user with that email already exists." * }, * "meta": { * "error": true, * "status": 400 * } * } */ $app->post("/signup/", function () use($app) { AuthController::signup($app); }); /* email, nameFirst, nameLast, facebookId, accessToken */ $app->post("/signup/facebook/", function () use($app) { AuthController::facebookSignup($app); }); /* email, nameFirst, nameLast, password, venue, address, city, state, zip */ /* OPTIONAL: addressb, phone, website, facebook, logo, hours, referralCode */ $app->post("/venue/signup/", function () use($app) { AuthController::venueSignup($app); }); /* email, nameFirst, nameLast, facebookId, accessToken, venue, address, city, state, zip */ /* OPTIONAL: addressb, phone, website, facebook, logo, hours, referralCode */ $app->post("/venue/signup/facebook/", function () use($app) { AuthController::venueFacebookSignup($app); }); $app->post("/signup/additional/", function () use($app) { InfoController::saveAdditional($app); }); /** * @api {post} /auth/login Standard user login. * @apiName Login * @apiGroup Auth * * @apiParam {String} email User email address. * @apiParam {String} passowrd User unencrypted password. * * @apiSuccessExample {json} Success-Response: * HTTP/1.1 200: OK * { * "data": { * "authenticated": true, * "sessionLifeHours": 1 * "user": { * "id": "28", * "nameFirst": "Rachel", * "nameLast": "Testing", * "email": "*****@*****.**", * "displayName": "Rachel", * "roles": ['3'], * "apiKey": "caf02551768a09e1aed8946ecacce3b01f253884a08bded1f1a76520b8f0c4e847914a1daea072ab957582a2c32beceacd62b5e6842f18ef2b21a3f13b16c374", * "apiToken": "c88e7640de8f34c18d7d07d6d0a26b0d9896f188766e445bac32a44cb275ba89" * } * }, * "meta": { * "error": false, * "status": 200 * } * } * * @apiErrorExample {json} Error-Missing-Parameters: * HTTP/1.1 401: Unauthorized * { * "data": { * "authenticated": false, * "msg": "Login failed. Check your parameters and try again." * }, * "meta": { * "error": true, * "status": 401 * } * } * * @apiErrorExample {json} Error-Unregistered-Email: * HTTP/1.1 401: Unauthorized * { * "data": { * "authenticated": false, * "msg": "Unauthenticated: No User" * }, * "meta": { * "error": true, * "status": 401 * } * } * * @apiErrorExample {json} Error-Incorrect-Password: * HTTP/1.1 401: Unauthorized * { * "data": { * "authenticated": false, * "maxattempts": 6, * "msg": "Login failed. Username and password combination did not match." * }, * "meta": { * "error": true, * "status": 401 * } * } */ $app->post("/login/", function () use($app) { AuthController::login($app); }); $app->post("/forgotpassword/", function () use($app) { AuthController::forgotpassword($app); }); $app->post("/getforgotpasswordemail/", function () use($app) { AuthController::getforgotpasswordemail($app); }); $app->post("/resetpassword/", function () use($app) { AuthController::resetpassword($app); }); /* email, nameFirst, nameLast, facebookId, accessToken */ $app->post("/login/facebook/", function () use($app) { AuthController::facebookLogin($app); }); ///// ///// Logout ///// $app->post("/logout/", function () use($app) { AuthController::logout($app); }); }); }
if (empty($_POST[AuthController::LOGIN_FORM_USER]) || empty($_POST[AuthController::LOGIN_FORM_PASS])) { $flash = array(); $flash['class'] = 'danger'; $flash['message'] = 'Please enter a username and password'; } else { if (!CaptchaController::validate_captcha($_POST[AuthController::LOGIN_FORM_CAPTCHA])) { $flash = array(); $flash['class'] = 'danger'; $flash['message'] = 'Invalid captcha'; } else { $user = $_POST[AuthController::LOGIN_FORM_USER]; $pass = $_POST[AuthController::LOGIN_FORM_PASS]; //authenticate if (AuthController::is_authenticated($user, $pass)) { //save in session AuthController::save_auth($user); //redirect $redirect_url = !empty($_SESSION[AuthController::SESSION_REDIRECT_URL_KEY]) ? $_SESSION[AuthController::SESSION_REDIRECT_URL_KEY] : AuthController::LOGGED_IN_HOME_URL; http_response_code(302); header('Location: ' . $redirect_url); die; } else { //randomize sleep to timing string length attacks usleep(rand(AuthController::LOGIN_FAILED_TIMEOUT_MIN, AuthController::LOGIN_FAILED_TIMEOUT_MAX)); $flash = array(); $flash['class'] = 'danger'; $flash['message'] = 'Invalid username or password'; } } } }
/** * Create a new controller instance. * * @return void */ public function __construct() { parent::__construct(); $this->middleware('role.admin'); }
<?php ini_set('display_errors', 1); //On prépare le script à recevoir des objets JSON header("Content-type : application/json ; charset=UTF-8", true); //On autoload les classes en faisant appel à la classe autoload require '../Autoloader.php'; Autoloader::load(); //On créer les objets des controllers $authControl = new AuthController(); $questionControl = new QuestionnaireController(); $progControl = new ProgrammeController(); $userControl = new UserController(); $rituelControl = new RituelController(); $adminControl = new AdminController(); $habitsControl = new HabitsController(); //On recherche dans toutes les superglobales d'entête HTTP pour chercher l'information au bon endroit et rediriger le script vers la bonne méthode à appeler. Le champs action doit être renseigner pour demander une action de la part des scripts PHP. //Get doit être utilisé que lorsque l'on souhaite récupérer des informations if (isset($_GET['action'])) { switch ($_GET['action']) { //Permet d'obtenir toutes les informations nécessaire à un questionnaire (questions/réponses/profils de réponse). Champs requis : idProg (contient l'id BDD du programme dont on veut le questionnaire) case 'survey': echo $questionControl->showQuestions(); break; //Permet de recevoir une liste de tout les programmes. //Permet de recevoir une liste de tout les programmes. case "programs": echo $progControl->showProg(); break; //Permet de recevoir une ou plusieurs informations sur un profil utilisateur. Champs requis : accessToken, field (contient le ou les noms de champs dont on veux la valeur. Chaque nom doit être séparé par des virgules) //Permet de recevoir une ou plusieurs informations sur un profil utilisateur. Champs requis : accessToken, field (contient le ou les noms de champs dont on veux la valeur. Chaque nom doit être séparé par des virgules)