コード例 #1
0
 /**
  * @docs-name Authenticate (Create New Session)
  *
  * Creates a session. A valid email and password of an existing user must be passed in, and the new session
  * (with the session id) will be returned.
  *
  * ~~~
  * Get sessions through email password
  * {
  *     "email": string,
  *     "password": string
  * }
  *
  * or get one time session to reset password
  *
  * {
  *     "email": string,
  *     "authToken": string
  * }
  *
  * @docs-param session string body required A session object (with email & password or email & authToken filled in)
  *
  * @throws \Slim\Exception\Stop
  */
 function post()
 {
     $this->model->loadFromExternalSource($this->getApp()->getRequest()->getBody());
     if (empty($this->model->email)) {
         $this->getApp()->returnError(Errors::$SESSION_EMAIL_REQUIRED);
     } else {
         /**
          * @var $user User
          */
         $user = call_user_func($this->userModelClass . '::init', $this->getApp());
         $user->findByField('email', $this->model->email);
         if (!empty($this->model->password)) {
             if ($user->passHash != Identity::passHash($this->model->password, $user->salt)) {
                 $this->getApp()->returnError(Errors::$PASSWORD_INVALID);
             }
         } elseif (!empty($this->model->authToken)) {
             if ($this->model->authToken != Identity::passHash($user->passHash, $user->lastAccessed->getTimestamp())) {
                 $this->getApp()->returnError(Errors::$TOKEN_INVALID);
             }
         } else {
             $this->getApp()->returnError(Errors::$SESSION_PASSWORD_TOKEN_REQUIRED);
         }
         $user->lastAccessed = new \DateTime('now');
         $user->save();
         $this->model->user = $user;
         $this->model->insert();
         echo $this->model->outputJSON();
     }
 }
コード例 #2
0
ファイル: User.php プロジェクト: prolificinteractive/mabi
 public function insert()
 {
     $this->salt = uniqid(mt_rand(), TRUE);
     $this->passHash = Identity::passHash($this->password, $this->salt);
     $this->password = NULL;
     $this->created = new \DateTime('now');
     parent::insert();
 }
コード例 #3
0
 /**
  * @docs-name  Email forgot password token
  *
  * json should be passed in in the following form
  * ~~~
  * {
  *     "email": string
  * }
  * ~~~
  *
  * @docs-param email string body required json object containing a user's email
  */
 public function postForgotPassword()
 {
     if ($this->getEmailProvider() == null) {
         $this->getApp()->returnError(Errors::$PASSWORD_EMAIL_PROVIDER);
     }
     if ($this->forgotEmailTemplate == null) {
         $this->getApp()->returnError(Errors::$PASSWORD_EMAIL_TEMPLATE);
     }
     /**
      * @var $user User
      */
     $data = json_decode($this->getApp()->getRequest()->getBody());
     try {
         $email = $data->email;
     } catch (\Exception $e) {
         $this->getApp()->returnError(Errors::$PASSWORD_EMAIL_REQUIRED);
     }
     $user = User::init($this->getApp());
     if (!$user->findByField('email', $email)) {
         $this->getApp()->returnError(Errors::$PASSWORD_NO_USER_EMAIL);
     }
     $user->lastAccessed = new \DateTime('now');
     $user->save();
     $authToken = Identity::passHash($user->passHash, $user->lastAccessed->getTimestamp());
     $this->forgotEmailTemplate->mergeData(array('!authToken' => $authToken));
     $resp = $this->getEmailProvider()->sendEmail($user->email, $this->forgotEmailTemplate);
     echo json_encode($resp);
 }