public function init() { $this->req->components->Account->onAuth(function ($result) { if (isset($this->req->attrs->request['email'])) { $email = Request::getString($this->req->attrs->request['email']); } else { if (!$this->req->account['logged']) { $this->req->redirectToLogin(); return; } $email = $this->req->account['email']; } $this->assign('status', 'standby'); if (!isset($this->req->attrs->request['code'])) { $this->runTemplate(); return; } $this->req->appInstance->accounts->confirmAccount(array('email' => $email, 'confirmationcode' => trim($this->req->attrs->request['code'])), function ($result) use($email) { if ($result['updatedExisting']) { $this->success(); } else { $this->req->appInstance->accounts->getAccountByEmail($email, function ($account) { $this->assign('status', isset($account['confirmationcode']) ? 'incorrectCode' : ($account ? 'alreadyConfirmed' : 'accountNotFound')); $this->runTemplate(); }); } }); }); }
public function perform() { $hash = Request::getString($_REQUEST['x']); if (!strlen($hash) || base64_decode($hash, true) === false) { $this->req->setResult(['success' => false, 'error' => 'Wrong format of extTokenHash']); return; } $this->appInstance->externalAuthTokens->findByExtTokenHash($hash, function ($result) use($hash) { if ($result) { $this->req->setResult(['success' => false, 'error' => 'This token was already used.']); return; } $ip = $this->req->getIp(); $intToken = Crypt::hash(Daemon::uniqid() . "" . $ip . "" . Crypt::randomString()); $this->appInstance->externalAuthTokens->save(['extTokenHash' => $hash, 'intToken' => $intToken, 'ip' => $ip, 'useragent' => Request::getString($_SERVER['HTTP_USER_AGENT']), 'ctime' => microtime(true), 'status' => 'new'], function ($lastError) use($intToken) { if (!isset($lastError['n']) || $lastError['n'] === 0) { $this->req->setResult(['success' => false, 'errors' => ['code' => 'Sorry, internal error.']]); return; } $type = Request::getString($_REQUEST['type']); if ($type === 'email') { // send email.... } elseif ($type === 'redirect') { $this->req->redirectTo(HTTPClient::buildUrl(['/' . $this->req->locale . '/account/extauth', 'i' => $intToken]), false); } $this->req->setResult(['success' => true, 'intToken' => $intToken]); }); }); }
public function init() { $this->req->appInstance->accounts->getAccountByName(Request::getString($_GET['username']), function ($account) { $this->assign('account', $account); $this->runTemplate(); }); }
public function perform() { if ($_SERVER['REQUEST_METHOD'] !== 'POST') { //$this->req->setResult(['success' => false, 'err' => 'POST_METHOD_REQUIRED']); //return; } $this->req->onSessionStart(function ($sessionEvent) { $username = Request::getString($_REQUEST['username']); if ($username === '') { $this->req->setResult(['success' => false, 'errors' => ['username' => 'Unrecognized username.']]); return; } $this->appInstance->accounts->getAccount(['$or' => [['username' => $username], ['unifiedemail' => $this->appInstance->accounts->unifyEmail($username)]]], function ($account) { if (!$account->exists()) { $this->req->setResult(['success' => false, 'errors' => ['username' => 'Unrecognized username.']]); return; } if (!$account->checkPassword(Request::getString($_REQUEST['password']))) { $this->req->setResult(['success' => false, 'errors' => ['password' => 'Invalid password.']]); return; } $this->cmp->loginAs($account, function () use($account) { $r = ['success' => true]; if (isset($account['confirmationcode'])) { $r['needConfirm'] = true; } $this->req->setResult($r); }); }); }); }
public function SendController() { $phones = Request::getString($_REQUEST['phones']); $text = Request::getString($_REQUEST['text']); $this->send($phones, $text, function ($result) { $this->req->setResult($result); }); }
public function perform() { if (!($AuthAgent = ExternalAuthAgents::getAgent(Request::getString($this->req->attrs->get['agent']), $this->cmp))) { $this->req->setResult(['error' => true, 'errmsg' => 'Unrecognized external auth agent']); return; } if (isset($_GET['backurl'])) { $AuthAgent->setBackUrl(Request::getString($_GET['backurl'])); } $AuthAgent->redirect(); }
public function perform() { if ($_SERVER['REQUEST_METHOD'] !== 'POST') { $this->req->setResult(['success' => false, 'err' => 'POST_METHOD_REQUIRED']); return; } $this->req->onSessionStart(function () { if (!isset($_REQUEST['email'])) { $this->req->setResult(['success' => false, 'errors' => ['email' => 'Empty E-Mail.']]); return; } $email = Request::getString($_REQUEST['email']); $code = trim(Request::getString($_REQUEST['code'])); if ($code !== '') { $this->appInstance->accountRecoveryRequests->invalidateCode(function ($lastError) use($email, $code) { if ($lastError['n'] > 0) { $this->appInstance->accountRecoveryRequests->getCode(function ($result) { if (!$result) { $this->req->setResult(array('success' => false, 'errors' => array('code' => 'Error happened.'))); return; } $this->appInstance->accounts->saveAccount(array('email' => $result['email'], 'password' => $result['password']), function ($lastError) use($result) { if ($lastError['updatedExisting']) { $this->req->setResult(array('success' => true, 'status' => 'recovered')); $this->appInstance->accounts->confirmAccount(array('email' => $result['email'])); } else { $this->req->setResult(array('success' => false, 'errors' => array('code' => 'Error happened.'))); } }, true); }, $email, $code); } else { $this->req->setResult(array('success' => false, 'errors' => array('code' => 'Incorrect code.'))); } }, $email, $code); } else { $this->appInstance->accounts->getAccountByUnifiedEmail($email, function ($account) use($email) { if (!$account) { $this->req->setResult(array('success' => false, 'errors' => array('email' => 'Account not found.'))); return; } $this->appInstance->accountRecoveryRequests->getLastCodeByEmail($email, function ($result) use($email) { if ($result['ts'] + 900 > time()) { $this->req->setResult(array('success' => false, 'errors' => array('email' => 'Too often. Wait a bit before next try.'))); } else { $password = substr(md5($email . "" . $result['code'] . "" . $this->appInstance->config->cryptsalt->value . "" . mt_rand(0, mt_getrandmax())), mt_rand(0, 26), 6); $code = $this->appInstance->accountRecoveryRequests->addRecoveryCode($email, Request::getString($_SERVER['REMOTE_ADDR']), $password); $this->appInstance->Sendmail->mailTemplate('mailAccountAccessRecovery', $email, array('email' => $email, 'password' => $password, 'code' => $code, 'locale' => $this->req->appInstance->getLocaleName(Request::getString($_REQUEST['LC'])))); $this->req->setResult(array('success' => true, 'status' => 'sent')); } }); }); } }); }
public function perform() { $this->cmp->onAuth(function () { if (!$this->req->account['logged']) { $this->req->setResult(['success' => false, 'error' => 'Not logged in.']); return; } $this->appInstance->sessions->closeSession(Request::getString($_REQUEST['id']), $this->req->account['_id'], function ($lastError) { $this->req->setResult(['success' => $lastError['n'] > 0]); }); }); }
public function perform() { $this->cmp->onAuth(function ($result) { if (!in_array('Superusers', $this->req->account['aclgroups'], true)) { $this->req->setResult(['success' => false, 'goLoginPage' => true]); return; } $this->req->appInstance->accounts->getAccount()->condSetId(Request::getString($_REQUEST['id']))->fields(['name', 'email', 'credentials.username'])->fetch(function ($item) { $this->req->setResultObj(['success' => true, 'item' => $item->toArray()]); }); }); }
public function perform() { $str = Request::getString($_REQUEST['str']); $size = Request::getInteger($_REQUEST['size']); $rounds = Request::getInteger($_REQUEST['rounds']); if (!$rounds) { $rounds = 24; } $salt = '$512=24'; $hash = Crypt::hash($str, $salt); $hex = trim(str_replace('\\x', ' ', Debug::exportBytes(base64_decode($hash), true))); $this->req->setResult(['stringWithSalt' => $str . $salt, 'base64' => $hash, 'salt' => $salt, 'hex' => $hex, 'rounds' => 24]); }
public function getBlockSourceController() { $req = $this->req; $this->appInstance->blocks->getBlockById($id = Request::getString($this->req->attrs->request['id']), function ($block) use($req, $id) { if (!$block) { $block = ['_id' => $id, 'error' => 'Block not found.']; } else { unset($block['templatePHP']); unset($block['templateBC']); $block['_id'] = (string) $block['_id']; } $req->setResult($block); }); }
public function perform() { $username = Request::getString($_REQUEST['username']); if (($r = $this->cmp->checkUsernameFormat($username)) !== true) { $this->req->setResult(['success' => true, 'error' => $r]); return; } $this->appInstance->accounts->getAccountByUnifiedName($username, function ($account) { if ($account) { $this->req->setResult(['success' => true, 'error' => 'Username already taken.']); } else { $this->req->setResult(['success' => true]); } }); }
public function perform() { $this->cmp->onAuth(function ($result) { if (!in_array('Superusers', $this->req->account['aclgroups'], true)) { $this->req->setResult(['success' => false, 'goLoginPage' => true]); return; } $this->req->appInstance->accounts->getAccount()->condSetId(Request::getString($_REQUEST['id']))->delete()->remove(function ($o) { if ($o->lastError(true)) { $this->req->setResult(['success' => true]); } else { $this->req->setResult(['success' => false, 'error' => 'Account not found.']); } }); }); }
public function perform() { $this->cmp->onAuth(function () { if (!$this->req->account['logged']) { $this->req->setResult([]); return; } $intToken = Request::getString($_REQUEST['request_token']); if ($intToken === '') { $this->req->setResult([]); return; } $answer = Request::getString($_REQUEST['answer']); if (!in_array($answer, ['yes', 'no', 'not_sure'])) { $this->req->setResult([]); return; } $this->appInstance->externalAuthTokens->findByIntToken($intToken, function ($authToken) use($answer) { if (!$authToken) { $this->req->setResult([]); return; } if ($answer === 'yes') { $authToken['status'] = 'accepted'; } elseif ($answer === 'no') { $authToken['status'] = 'rejected'; } elseif ($answer === 'not_sure') { $authToken['status'] = 'delayed'; } $this->appInstance->externalAuthTokens->save($authToken, function ($result) { if (!empty($result['err'])) { $this->req->status(500); $this->req->setResult(['success' => false]); } else { $this->req->setResult(['success' => true]); } return; }); }); }); }
public function perform() { $extToken = Request::getString($_REQUEST['p']); if (!strlen($extToken)) { $this->req->setResult(['success' => false, 'error' => 'Wrong format of extTokenHash']); return; } $this->appInstance->externalAuthTokens->findByExtToken($extToken, function ($result) { if (!$result) { $this->req->setResult(['success' => false, 'error' => 'Token not found.']); return; } if ($result['status'] === 'new') { $this->req->setResult(['success' => true, 'result' => 'wait']); return; } if ($result['status'] === 'failed') { $this->req->setResult(['success' => true, 'result' => 'failed']); return; } if (microtime(true) - $result['ctime'] > 60 * 15) { $this->req->setResult(['success' => true, 'result' => 'expired']); return; } $this->appInstance->externalAuthTokens->save(['extTokenHash' => $result['extTokenHash'], 'status' => 'used'], function ($lastError) use($result) { if (!isset($lastError['n']) || $lastError['n'] === 0) { $this->req->setResult(['success' => true, 'result' => 'failed']); return; } $this->req->onSessionStart(function ($sessionEvent) use($result) { $this->appInstance->accounts->getAccountById($result['uid'], function ($account) { $this->cmp->loginAs($account); $this->req->setResult(['success' => true]); }); }); }); }); }
public function perform() { $this->cmp->onAuth(function ($result) { if (!in_array('Superusers', $this->req->account['aclgroups'], true)) { $this->req->setResult(['success' => false, 'goLoginPage' => true]); return; } static $fields = ['email' => 1, 'username' => 1, 'regdate' => 1, 'ip' => 1, 'firstname' => 1, 'lastname' => 1, 'location' => 1, 'aclgroups' => 1, '_id' => 1]; $fieldNames = array_keys($fields); $field = function ($n) use($fieldNames) { if (!isset($fieldNames[$n])) { return null; } return $fieldNames[$n]; }; $action = Request::getString($_REQUEST['action']); if ($action === 'EditColumn') { $column = $field(Request::getInteger($_REQUEST['column'])); if ($column === null) { $this->req->setResult(['success' => false, 'error' => 'Column not found.']); return; } /** @noinspection PhpIllegalArrayKeyTypeInspection */ $this->req->appInstance->accounts->getAccount()->condSetId(Request::getString($_REQUEST['id']))->attr($column, $value = Request::getString($_REQUEST['value']))->save(function ($o) use($value) { Daemon::log(Debug::dump($o->lastError())); if ($o->lastError(true)) { $this->req->setResult(['success' => true, 'value' => $value]); } else { $this->req->setResult(['success' => false, 'error' => 'Account not found.']); } }); return; } $where = []; $sort = []; $sortDir = []; foreach ($_REQUEST as $k => $value) { list($type, $index) = explode('_', $k . '_'); if ($type === 'iSortCol') { /** @noinspection PhpIllegalArrayKeyTypeInspection */ $sort[$field($value)] = Request::getString($_REQUEST['sSortDir_' . $index]) == 'asc' ? 1 : -1; } } unset($sort[null]); $offset = Request::getInteger($_REQUEST['iDisplayStart']); $limit = Request::getInteger($_REQUEST['iDisplayLength']); $job = $this->req->job = new ComplexJob(function ($job) { $this->req->setResult(['success' => true, 'sEcho' => (int) Request::getString($_REQUEST['sEcho']), 'iTotalRecords' => $job->results['countTotal'], 'iTotalDisplayRecords' => $job->results['countFiltered'], 'aaData' => $job->results['find']]); }); $job('countTotal', function ($jobname, $job) { $this->req->appInstance->accounts->countAccount(function ($o, $n) use($job, $jobname) { /** @var ComplexJob $job */ $job->setResult($jobname, $n); }); }); $job('countFiltered', function ($jobname, $job) use($where, $limit) { /** @var ComplexJob $job */ /** @var WakePHPRequest $job->req */ $this->req->appInstance->accounts->countAccount(function ($o, $n) use($job, $jobname, $where) { /** @var ComplexJob $job */ $job->setResult($jobname, $n); }, $where); }); $job('find', function ($jobname, $job) use($where, $sort, $fields, $fieldNames, $field, $offset, $limit) { $this->req->appInstance->accounts->findAccounts(function ($cursor) use($jobname, $job, $fieldNames, $offset, $limit) { /** @var Cursor $cursor */ /** @var ComplexJob $job */ $accounts = []; foreach ($cursor as $item) { $account = []; foreach ($fieldNames as $k) { if (!isset($item[$k])) { $val = null; } else { $val = $item[$k]; if ($k === 'regdate') { $val = $val != 0 ? date('r', $val) : ''; } elseif ($k === '_id') { $val = (string) $val; } else { if ($k === 'aclgroups') { $val = (string) implode(', ', $val); } $val = htmlspecialchars($val); } } $account[] = $val; } $accounts[] = $account; } $cursor->destroy(); $job->setResult($jobname, $accounts); }, ['fields' => $fields, 'sort' => $sort, 'offset' => $offset, 'limit' => -abs($limit)]); }); $job(); }); }
public function perform() { $this->req->onSessionRead(function () { if (!isset($_SESSION['extAuth'])) { $this->req->setResult(['success' => false, 'errors' => ['email' => 'Session expired']]); return; } if (($email = Request::getString($_REQUEST['email'])) === '') { $this->req->setResult(['success' => false, 'errors' => ['email' => 'Empty E-Mail']]); return; } if (!isset($_SESSION['credentials']['email'])) { $_SESSION['credentials']['email'] = $email; $this->req->updatedSession = true; } //send $credentials = $_SESSION['extAuth']; $this->appInstance->externalSignupRequests->getRequestByCredentials($credentials, function ($request) use($email, $credentials) { if (!$request || !isset($request['code'])) { $code = $this->cmp->getConfirmationCode($email); $this->appInstance->externalSignupRequests->save(['email' => $email, 'code' => $code, 'credentials' => $credentials, 'add' => Request::getArray($_SESSION['extAuthAdd'])], function ($lastError) use($email, $code) { if (isset($lastError['err']) || isset($lastError['$err'])) { $this->req->setResult(['success' => false, 'errors' => ['email' => 'Sorry, internal error.']]); return; } $this->req->appInstance->Sendmail->mailTemplate('mailAccountCompleteSignup', $email, ['email' => $email, 'code' => $code, 'locale' => $this->req->appInstance->getLocaleName(Request::getString($_REQUEST['LC']))]); $this->req->setResult(['success' => true, 'status' => 'sent']); return; }); } else { if ('' === ($user_code = Request::getString($_REQUEST['code']))) { $this->req->appInstance->Sendmail->mailTemplate('mailAccountCompleteSignup', $email, ['email' => $email, 'code' => $request['code'], 'locale' => $this->req->appInstance->getLocaleName(Request::getString($_REQUEST['LC']))]); $this->req->setResult(['success' => true, 'status' => 'sent']); return; } if ($user_code === $request['code']) { $account = $this->appInstance->accounts->getAccountBase($this->req); $account['email'] = $email; $account['credentials'] = [$credentials]; $account = $_SESSION['extAuthAdd'] + $account; $this->appInstance->accounts->saveAccount($account, function ($lastError) use($email, $request) { if (isset($lastError['err']) || isset($lastError['$err'])) { $this->req->setResult(['success' => false, 'errors' => ['email' => 'Sorry, internal error.']]); return; } $this->appInstance->accounts->getAccountByEmail($email, function ($account) use($request) { if (!$account) { $this->req->setResult(['success' => false, 'errors' => ['email' => 'Sorry, internal error.']]); return; } $this->appInstance->externalSignupRequests->remove(['_id' => new \MongoId($request['_id'])]); $this->cmp->loginAs($account); $this->req->setResult(['success' => true, 'status' => 'verified']); return; }); }); } else { $this->req->setResult(['success' => false, 'errors' => ['code' => 'Wrong code']]); return; } } }); }); }
public function perform() { $this->req->onSessionStart(function ($sessionEvent) { /** @var ComplexJob $job */ $captchaPostCheck = false; $job = $this->req->job = new ComplexJob(function ($job) use(&$captchaPostCheck) { $errors = array(); foreach ($job->results as $result) { if (sizeof($result) > 0) { $errors = array_merge_recursive($errors, $result); } } /** @var WakePHPRequest $req */ if (sizeof($errors) > 0) { $this->req->setResult(array('success' => false, 'errors' => $errors)); return; } if (!$captchaPostCheck) { $captchaPostCheck = true; if (isset($job->results['captcha'])) { $job('captcha', Captcha::checkJob($this->req, true)); return; } } $this->req->appInstance->accounts->saveAccount(array('email' => $email = Request::getString($_REQUEST['email']), 'username' => Request::getString($_REQUEST['username']), 'location' => $location = Request::getString($_REQUEST['location']), 'password' => $password = Request::getString($_REQUEST['password']), 'confirmationcode' => $code = $this->cmp->getConfirmationCode($email), 'regdate' => time(), 'etime' => time(), 'ip' => $_SERVER['REMOTE_ADDR'], 'subscription' => 'daily', 'aclgroups' => array('Users'), 'acl' => array()), function ($lastError) use($email, $password, $location, $code) { if ($location !== '') { $this->req->components->GMAPS->geo($location, function ($geo) use($email) { $this->req->appInstance->accounts->saveAccount(array('email' => $email, 'locationCoords' => isset($geo['Placemark'][0]['Point']['coordinates']) ? $geo['Placemark'][0]['Point']['coordinates'] : null), null, true); }); } $this->req->appInstance->accounts->getAccountByUnifiedEmail($email, function ($account) use($password, $code) { if (!$account) { $this->req->setResult(array('success' => false)); return; } $this->req->appInstance->Sendmail->mailTemplate('mailAccountConfirmation', $account['email'], array('email' => $account['email'], 'password' => $password, 'code' => $code, 'locale' => $this->req->appInstance->getLocaleName(Request::getString($_REQUEST['LC'])))); $this->cmp->loginAs($account); $this->req->setResult(array('success' => true)); }); }); }); $job('captchaPreCheck', function ($jobname, $job) { /** @var ComplexJob $job */ $this->req->components->Account->getRecentSignupsCount(function ($result) use($job, $jobname) { /** @var ComplexJob $job */ if ($result['n'] > -1) { $job('captcha', Captcha::checkJob($this->req, false)); } $job->setResult($jobname, []); }); }); $job('username', function ($jobname, $job) { /** @var ComplexJob $job */ $username = Request::getString($_REQUEST['username']); if ($username === '') { $job->setResult($jobname, array()); return; } if (($r = $this->req->components->Account->checkUsernameFormat($username)) !== true) { $job->setResult($jobname, array($r)); return; } $this->req->appInstance->accounts->getAccountByUnifiedName($username, function ($account) use($jobname, $job) { $errors = array(); if ($account) { $errors['username'] = '******'; } $job->setResult($jobname, $errors); }); }); $job('email', function ($jobname, $job) { /** @var ComplexJob $job */ if (filter_var(Request::getString($_REQUEST['email']), FILTER_VALIDATE_EMAIL) === false) { $job->setResult($jobname, array('email' => 'Incorrect E-Mail.')); return; } $this->req->appInstance->accounts->getAccountByUnifiedEmail(Request::getString($_REQUEST['email']), function ($account) use($jobname, $job) { $errors = array(); if ($account) { $errors['email'] = 'Another account already registered with this E-Mail.'; } $job->setResult($jobname, $errors); }); }); $job(); }); }
public function perform() { if ($_SERVER['REQUEST_METHOD'] !== 'POST') { $this->req->setResult(['success' => false, 'err' => 'POST_METHOD_REQUIRED']); return; } $this->cmp->onAuth(function ($result) { if (!$this->req->account['logged']) { $this->req->setResult(['success' => false, 'goLoginPage' => true]); return; } $job = $this->req->job = new ComplexJob(function ($job) { /** @var ComplexJob $job */ $errors = []; foreach ($job->results as $result) { if (sizeof($result) > 0) { $errors = array_merge_recursive($errors, $result); } } /** @var WakePHPRequest $req */ if (sizeof($errors) === 0) { if (isset($_REQUEST['location'])) { $this->req->account['location'] = trim(Request::getString($_REQUEST['location'])); if ($this->req->account['location'] === '') { $_REQUEST['locationCoords'] = null; } } foreach ($_REQUEST as $k => $v) { if (!is_string($v)) { continue; } try { $this->req->account->setPublicProperty($k, $v); } catch (\Exception $e) { $errors[$k] = $e->getMessage(); } } } if (sizeof($errors) === 0) { $this->req->account->save(function ($lastError) { $this->req->setResult(['success' => true]); }); } else { $this->req->setResult(['success' => false, 'errors' => $errors]); } }); $job('password', function ($jobname, $job) { $errors = []; /** @var ComplexJob $job */ /** @var WakePHPRequest $job->req */ /** @var WakePHPRequest $req */ if (($curpassword = Request::getString($_REQUEST['currentpassword'])) !== '') { if (!$this->req->account->checkPassword($curpassword)) { $errors['currentpassword'] = '******'; } } if (Request::getString($_REQUEST['password']) !== '') { if (Request::getString($_REQUEST['currentpassword']) == '') { $errors['currentpassword'] = '******'; } } else { unset($_REQUEST['password']); } $job->setResult($jobname, $errors); }); $job(); }); }