/** * authenticate an active user * @param alias - the username * @param password - the password * @return returns a valid user object and sets the session variable +pvd_user_id+, or null if authentication fails */ public function actionAuthenticate() { $session = DTSession::sharedSession(); try { $u = $this->castUser($this->db->filter(array("alias" => array($this->db->ilike, $this->params->stringParam("alias")), "is_active" => 1))); if ($u->verifyPassword($this->params->stringParam("password"))) { $session["pvd_user_id"] = $u["id"]; return $u; } } catch (Exception $e) { } unset($session["pvd_user_id"]); return null; }
function __construct($api_name, $path, $token = null) { parent::__construct($api_name, $path, $token); $this->oauth = new OAuth($this->api["consumer_key"], $this->api["secret"]); $this->session = DTSession::sharedSession(); }
/** generate a valid consumer token @param consumer_key - should come from api config @param consumer_secret - should come from api config @param permutation - varies the token, default varies by session id. Use this to generate state-free tokens */ public function consumerToken() { $session = DTSession::sharedSession(); //ensure the session is started return substr(md5($this->secret . $this->consumer_key . session_id()), 0, 10) . $this->consumer_key; }
/** @param twid the twitter id that should be assigned to the user @param tw_acc the access token. This must be stored in the appropriate session variable ([api_name]_oauth_access_token) to make TW requests on the provider side */ public function matchTWUser($twid, $tw_acc, $tw_sec) { $session = DTSession::sharedSession(); $session["twitter_oauth_access_token"] = $tw_acc; //this needs to happen before matchTWUser tries to make any calls $session["twitter_oauth_access_secret"] = $tw_sec; return $user = DTSSOUser::upsert($this->db->where("twitter_id='{$twid}'"), array("twitter_id" => $twid), array("created_at" => DTStore::now())); }