/**
* Submit handler for the login form
*/
public function onUserLogin()
{
try {
// Update wordpress passwords if necessary
WordpressAuth::verifyFromEmail(post('email'), post('password'));
$data = ['login' => post('login'), 'password' => post('password')];
AuthManager::auth($data);
$authRedirect = Session::pull('authRedirect');
// Allow plugins to override the redirect with a session variable
if (!empty($authRedirect)) {
$redirectUrl = $this->pageUrl($authRedirect);
} else {
$redirectUrl = $this->pageUrl($this->property('redirect'));
$redirectUrl = post('redirect', $redirectUrl);
}
return Redirect::intended($redirectUrl);
} catch (\Exception $e) {
// Catch all exceptions producced by RainLab User or DMA authentication
// and update error block message using OctoberCMS Ajax framework
$message = Lang::get('dma.friends::lang.userLogin.failCredentials');
// Bit doggy but if the exception message contains the login
// is because the account is been suspend or banned by RainLab user plugin
// This usually because the user has atent to loging multiple times with a
// wrong password.
if (preg_match("/\\[" . $data['login'] . "\\]/", $e->getMessage())) {
$message = $message = Lang::get('dma.friends::lang.userLogin.throttleUser', $data);
}
return ['.modal-content #errorBlock' => $message];
}
}
/**
* Resource to login user via barcode scanner for authorized kiosks
*/
public static function barcodeLogin()
{
$barcodeId = get('barcodeId');
$barcodeId = trim($barcodeId);
$location = LocationManager::getLocation();
if (!$location || empty($barcodeId)) {
return Redirect::to('/');
}
if ($location->is_authorized) {
$data = ['login' => $barcodeId, 'no_password' => true];
AuthManager::auth($data);
}
return Redirect::to('/');
}
/**
*
* @SWG\Definition(
* definition="request.user.credentials",
* required={"username", "password"},
* @SWG\Property(
* property="username",
* type="string"
* ),
* @SWG\Property(
* property="password",
* type="string"
* )
* )
*
* @SWG\Post(
* path="users/login",
* description="Authenticate user using username and password",
* summary="User authentication",
* tags={ "user"},
*
* @SWG\Parameter(
* description="User credentials payload",
* name="body",
* in="body",
* required=true,
* schema=@SWG\Schema(ref="#/definitions/request.user.credentials")
* ),
* @SWG\Response(
* response=200,
* description="Successful response",
* @SWG\Schema(ref="#/definitions/user.extended")
* ),
* @SWG\Response(
* response=500,
* description="Unexpected error",
* @SWG\Schema(ref="#/definitions/error500")
* ),
* @SWG\Response(
* response=404,
* description="User not found",
* @SWG\Schema(ref="#/definitions/UserError404")
* )
* )
*/
public function login()
{
try {
$data = Request::all();
// Update wordpress passwords if necessary
WordpressAuth::verifyFromEmail(array_get($data, 'email', ''), array_get($data, 'password'));
$data = ['login' => array_get($data, 'username', array_get($data, 'email')), 'password' => array_get($data, 'password')];
$user = AuthManager::auth($data);
if ($user) {
return $this->show($user->id);
} else {
return Response::api()->errorNotFound('User not found');
}
} catch (Exception $e) {
if ($e instanceof ValidationException) {
return $this->errorDataValidation('User credentials fail to validated', $e->getErrors());
} else {
// Lets the API resource deal with the exception
throw $e;
}
}
}