protected function _init()
{
parent::_init();
$isPostsExist = Model::connection()->read("SHOW TABLES LIKE 'posts'") ? true : false;
$isUsersExist = Model::connection()->read("SHOW TABLES LIKE 'users'") ? true : false;
if ($isPostsExist && $isUsersExist) {
$users = Users::first();
self::$_install = empty($users) ? false : true;
}
}
public function getUser($entity)
{
if (empty($entity->user_id)) {
return null;
}
if (is_null($entity->tempDataGet('user'))) {
$conditions = array('_id' => $entity->user_id);
$entity->tempDataSet('user', Users::first(compact('conditions')));
}
return $entity->tempDataGet('user');
}
/**
* List users through API
* Play around with changing the value of `q` to see
* how the sent signature is unique for each combination of query paramters
*
* @param int $userId Id of user to make API call as
* @param string $q Add a `q` argument to the URL to see it change
*/
public function consume($userId = false, $q = '')
{
if (!$userId) {
$this->error("Missing userId");
}
$user = Model::first($userId);
$signature = $user->sign(array($this->path, 'q' => $q));
$this->header("Generating different signatures for different urls");
$this->columns(array(array('Path', 'Username', 'Signature'), array('/', $user->username, $user->sign(array('/', 'q' => $q))), array($this->path, $user->username, $signature)));
$service = new Service(array('host' => $this->host));
$resp = $service->get($this->path, compact('q'), array('type' => 'json', 'headers' => array('X_USERNAME' => $user->username, 'X_SIGNATURE' => $signature)));
print_r($resp);
}
public function view()
{
$user = Users::first($this->request->data['id']);
return compact('user');
}
* 1. With a `Request` object to sign a user in
* 2. With no arguments to check if the current user is signed in
*
* We only need to check in the first case.
*/
if (isset($params['credentials']) && $params['credentials']) {
$request = $params['credentials'];
$signature = $request->env('HTTP_X_SIGNATURE');
$username = $request->env('HTTP_X_USERNAME');
if ($username && $signature) {
/**
* Find the username the request is attempted to be made for
* The user object is needed because it holds the secret key
* we need to be able to regenerate the signature
*/
$user = Users::first(array('conditions' => compact('username')));
if (!$user) {
throw new \Exception("Invalid user {$username}");
}
/**
* GET and POST/PUT passes payload differently, this either `query` or `data`
* Also doing rewriting can mean that the `url` GET param is added
*/
$signData = $request->is('get') ? array_diff_key($request->query, array('url' => 'sodoff')) : $request->data;
/**
* Prepend the request path so all requests with no data
* does not get the same key
*/
array_unshift($signData, $request->env('base'));
if ($signature === $user->sign($signData)) {
return true;
public function getUser($entity)
{
$uid = $entity->user_id;
return Users::first(array('conditions' => array('_id' => $uid)));
}
public function confirm($email = null, $verify = null)
{
if ($email == "" || $verify == "") {
if ($this->request->data) {
if ($this->request->data['email'] == "" || $this->request->data['verified'] == "") {
return $this->redirect('Users::email');
}
$email = $this->request->data['email'];
$verify = $this->request->data['verified'];
} else {
return $this->redirect('Users::email');
}
}
$finduser = Users::first(array('conditions' => array('email' => $email)));
$id = (string) $finduser['_id'];
if ($id != null) {
$data = array('email.verified' => 'Yes');
Details::create();
$details = Details::find('all', array('conditions' => array('user_id' => $id, 'email.verify' => $verify)))->save($data);
if (empty($details) == 1) {
return $this->redirect('Users::email');
} else {
return $this->redirect('ex::dashboard');
}
} else {
return $this->redirect('Users::email');
}
}
public function resetPassword()
{
$redirectUrl = '/';
$email = null;
if (isset($this->request->data['email'])) {
$email = $this->request->data['email'];
} else {
if (isset($this->request->args[0])) {
$email = $this->request->args[0];
}
}
$user = Users::first(array('conditions' => array('email_address' => new MongoRegex('/' . $email . '/i'))));
if (!$user) {
$this->flashMessage('User not found for password reset!', array('alertType' => 'error'));
return $this->redirect($redirectUrl);
} else {
if (!isset($user->email_address)) {
$this->flashMessage('That user does not have an email address on file. Please email the webmaster for assistance.', array('alertType' => 'error'));
return $this->redirect($redirectUrl);
}
}
$identity = PasswordIdentities::first(array('conditions' => array('user_id' => $user->_id, 'type' => 'password', 'prv_name' => 'afdc.com')));
if (!$identity) {
$identity = PasswordIdentities::create();
$identity->user_id = $user->_id;
$identity->prv_uid = strtolower($user->email_address);
}
$newPassword = $identity->generatePassword();
if ($identity->save()) {
if (Environment::is('production')) {
// Todo: replace this with something that doesn't suck
$to = $user->email_address;
$subject = '[AFDC.com] Password Reset';
$message = 'Your password has been reset. It is now: ' . $newPassword;
$headers = implode("\n", array('From: system@leagues.afdc.com', 'Reply-To: webmaster@afdc.com', 'X-Mailer: PHP/' . phpversion()));
mail($to, $subject, $message, $headers);
$this->flashMessage('An email message has been sent with the new password. Please be sure to check your spam folder.', array('alertType' => 'info'));
} else {
$this->flashMessage("A new password generated: {$user->email_address} / {$newPassword}. Due to environment limitations, no email was sent.", array('alertType' => 'info'));
}
return $this->redirect($redirectUrl);
} else {
$this->flashMessage('A new password could not be saved; please try again or email the webmaster for assistance.', array('alertType' => 'error'));
return $this->redirect($redirectUrl);
}
return compact('user', 'identity', 'newPassword');
}
public function getReporter($entity)
{
if (!isset($entity->scores->reporter_id)) {
return null;
}
$conditions = array('_id' => $entity->scores->reporter_id);
return Users::first(compact('conditions'));
}