function get_xhr($email) { if ($this->checkAuth()) { if (!AuthUserData::emailExist(mb_strtolower($email))) { echo json_encode(StatusReturn::S200()); } else { echo json_encode(StatusReturn::E400('Email Already Being Used!')); } } }
function post_xhr($userID = null) { if ($this->checkAuth()) { if (is_null($userID)) { $userExists = AuthUserData::userExist(mb_strtolower($_POST['userName'])); $emailExists = AuthUserData::emailExist(mb_strtolower($_POST['email'])); if (mb_strlen($_POST['userName']) >= _USERNAME_MIN_LENGTH_ && !$userExists && !empty($_POST['email']) && filter_var($_POST['email'], FILTER_VALIDATE_EMAIL) && !$emailExists && !empty($_POST['password']) && is_numeric($_POST['twoFactorType'])) { $headers = getallheaders(); $subUser = new AuthSubUser(mb_strtolower($headers['Auth-User'])); $roles = array(); if (isset($_POST['roles']) && is_array($_POST['roles'])) { $roles = $_POST['roles']; } if ($newUserId = $subUser->createSubUser(mb_strtolower($_POST['userName']), mb_strtolower($_POST['email']), $_POST['password'], $_POST['twoFactorType'], $roles)) { echo json_encode(StatusReturn::S200(array('id' => $newUserId)), JSON_NUMERIC_CHECK); } else { echo json_encode(StatusReturn::E400('Unknown Error!')); } } else { if ($userExists) { echo json_encode(StatusReturn::E400('User Exists!')); } else { if ($emailExists) { echo json_encode(StatusReturn::E400('Email Exists!')); } else { echo json_encode(StatusReturn::E400('Missing roles or twoFactorType')); } } } } else { if (AuthUserData::userExistByID($userID)) { $headers = getallheaders(); $subUser = new AuthSubUser(mb_strtolower($headers['Auth-User']), (int) $userID); $allSuccess = true; if (isset($_POST['newPassword'])) { $allSuccess = $allSuccess && $subUser->updateSubUserPassword($_POST['newPassword']); } if (isset($_POST['twoFactorType']) && TwoFactor::isValidValue((int) $_POST['twoFactorType'])) { $allSuccess = $allSuccess && $subUser->updateSubUserFactor($_POST['twoFactorType']); } if (isset($_POST['roles']) && is_array($_POST['roles'])) { $allSuccess = $allSuccess && $subUser->updateSubUserRoles($_POST['roles']); } if ($allSuccess) { echo json_encode(StatusReturn::S200(array('id' => $userID)), JSON_NUMERIC_CHECK); } else { echo json_encode(StatusReturn::E400('Some or All Changes Failed to Save!')); } } else { echo json_encode(StatusReturn::E400('User Name is not a child of this account!')); } } } }
public function forgotPassword($userOrEmail, $secondFactor, $answer, $newPassword) { if (AuthUserData::emailExist($userOrEmail)) { $userAuth = AuthUserData::getUserNameByEmail($userOrEmail); $this->loadUserForced($userAuth); } else { if (AuthUserData::userExist($userOrEmail)) { $userAuth = $userOrEmail; $this->loadUserForced($userAuth); } else { return array("continue" => false); } } if ($secondFactor != '') { if ($this->checkKey($_POST['secondFactor'], 'forgotPassword')) { if ($answer != '') { if ($answer == $this->userData['securityAnswer']) { if ($newPassword != '' && $newPassword != hash('sha512', '')) { $this->createAndUpdatePassword($newPassword); AuthUserData::clearExtraKey($this->userData['userID']); return array("continue" => true, "flowDone" => true); } else { return array("continue" => true, "askForNewPassword" => true); } } } else { return array("continue" => true, "question" => $this->userData['securityQuestion']); } } else { AuthUserData::clearExtraKey($this->userData['userID']); } } else { $newExtraKey = $this->createPin(_PIN_FORGOT_PASSWORD_PLUS_CHARS_); AuthUserData::updateExtraKey($this->userData['userID'], $newExtraKey, 'forgotPassword'); $this->sendNotification('ForgotPassword', array(array('{{PIN}}'), array($newExtraKey))); return array("continue" => true, "secondFactor" => true); } return array("continue" => false); }