public function POSTlogin($request) { $pin = $request->post('pin') ?: 0; $uid = $request->post('uid') ?: false; try { if ($uid && $pin) { // authenticate user based on password (new \models\instructor(\models\Data::ID($uid)))->authenticate($pin); \bloc\Application::instance()->session('COLUM', ['id' => $uid]); \bloc\router::redirect('/records/courses'); } else { // user must be in database based on oasis id, find them: ; $user = \models\Data::ID(\models\Student::BLEAR($pin)); // if found, generate token with sha1 of $email address and token $token = \bloc\types\token::generate($user['@email'], getenv('EMAIL_TOKEN')); // set the token on the user field if ($user->hasAttribute('token') && $user->getAttribute('token') === $token) { throw new \InvalidArgumentException("Token Already Requested", 2); } else { $user->setAttribute('token', $token); \models\Data::instance()->storage->save(); // email the user a link. $template = new \bloc\View('views/layouts/email.html'); $template->content = 'views/layouts/forms/transaction.html'; $output = ['link' => DOMAIN . "/records/token/{$user['@id']}/{$token}", 'title' => $user['@name'], 'message' => 'login to course site']; \models\Message::TRANSACTION('login', $user['@email'], (string) $template->render($output)); } } } catch (\InvalidArgumentException $e) { $type = $e->getCode() == 1 ? 'invalid' : 'duplicate'; $path = sprintf('/%s/login/%s/', $this->template, $type); \bloc\router::redirect($path); } $view = new \bloc\View(self::layout); $view->content = 'views/layouts/forms/transaction.html'; return $view->render(['link' => 'http://www.colum.edu/loopmail', 'title' => 'Email Sent', 'message' => 'check your email']); }