/**
*
* @param PCRequest $request
* @param PCModelApplication $application
* @return bool
*/
public function doLogin($request, $application)
{
$param = $request->getParams();
$userName = $param['uname'];
$pwd = $param['pwd'];
$keys = array('username' => $userName, "account_type" => PCModelUser::$TYPE_DEFAULT);
$user_array = PCModelManager::fetchModelObjectInstances(PCModelUser::getMapper(), $keys, NULL, TRUE);
$user = $user_array[0];
if (isset($user) && strcmp($pwd, $user->getPassword()) == 0) {
$secret = $application->getAppSecret();
$appId = $application->getIdentifier();
$time = time();
$cookieValue = PCAuth::computeHashForString($userName . $time . $secret);
$distantFuture = PCResponseCookie::getDistantFuture();
if (PCMapperToken::setTokenForUserWithIdentifier($user->getIdentifier(), $appId, $cookieValue, $distantFuture)) {
$_SESSION['user'] = $this->user_id = $user->getIdentifier();
$presence_cookie = PCResponseCookie::lifetimeCookie("presence_c", $cookieValue);
//setcookie("presence_c", $cookieValue, $expirationTime,"/");
$user_cookie = PCResponseCookie::lifetimeCookie("user", $user->getIdentifier());
//setcookie("user",$user->getIdentifier(), $expirationTime,"/");
$response = PCResponse::currentResponse();
$response->addCookie($presence_cookie);
$response->addCookie($user_cookie);
} else {
return FALSE;
}
return TRUE;
}
return FALSE;
}
/**
* Setta i cookie dell'utente
* @param PCModelUserOauth $user
* @return boolean
*/
private function authorizeUser($user) {
if(isset($user) === FALSE) return FALSE;
$_SESSION['user'] = $user->getIdentifier();
$secret = $this->application->getAppSecret();
$appId = $this->application->getIdentifier();
$time = time();
$cookieValue = PCAuth::computeHashForString($user->getUsername() . $time . $secret);
$distantFuture = PCResponseCookie::getDistantFuture();
if (PCMapperToken::setTokenForUserWithIdentifier($user->getIdentifier(), $appId, $cookieValue, $distantFuture)) {
$_SESSION['user'] = $user->getIdentifier();
$presence_cookie = PCResponseCookie::lifetimeCookie("presence_c", $cookieValue);
$user_cookie = PCResponseCookie::lifetimeCookie("user", $user->getIdentifier());
$response = PCResponse::currentResponse();
$response->addCookie($presence_cookie);
$response->addCookie($user_cookie);
PCModelUser::setCurrentUser($user);
return TRUE;
}
return FALSE;
}
/**
*
* @param PCRequest $request
* @param PCAuthCookiesAdapter $adapter
*/
public function __construct($request, $adapter = NULL) {
parent::__construct($request);
$this->adapter = ($adapter == NULL ? new PCAuthDefaultCookiesAdapter() : $adapter);
$this->application = PCModelManager::fetchObjectWithIdentifier(PCModelApplication::getMapper(), PCModelApplication::WEBSITE_APP_ID, NULL, TRUE);
$this->setupSession();
$this->authorize();
}
/**
* Crea una nuova password(aggiorna il db) e la restituisce. restituisce false in caso negativo
* @param PCModelUser $user_id l' id dell' utente
* @param string $hash l' hash inviato dall'utente
* @param PCModelUser
* @return boolean|string
*/
public static function handleRepassRequest($user_id, $hash, &$user_to_ret) {
$keys = array('request_hash'=>$hash, 'user_id'=>$user_id);
$items = PCModelManager::fetchModelObjectInstances(PCModelRepass::getMapper(), $keys, NULL, TRUE);
if (count($items) <= 0) {
return FALSE;
}
$item = $items[0];
if ($item == NULL || $item->isExpired()) {
c_dump("SCADUTA");
return FALSE;
}
$bindigngs = array(":h" => $hash, ":user"=> $user_id);
PCModelManager::deleteObject(PCModelRepass::getMapper(), "request_hash = :h AND user_id = :user", $bindigngs);
$newPwd = PCMapperRepass::rand_password(8);
$model_user = PCModelManager::fetchObjectWithIdentifier(PCModelUser::getMapper(), $item->getUser_id(), NULL, TRUE);
if($model_user == NULL){
$id = $item->getUser_id();
error_log("User non presente (user_id: $id )");
return FALSE;
}
$newPwdHash = PCAuth::computeHashForString($newPwd);
if(PCMapperUser::changePasswordForUser($model_user, $newPwdHash) == FALSE){
return FALSE;
}
$user_to_ret = $model_user;
return $newPwd;
}
/**
*
* @param PCRequest $request
*/
public function registerAction($request)
{
require_once __EXTERNAL_LIBRARIES__ . '/recaptcha/recaptchalib.php';
$auth = $request->getAuthHandler();
if ($auth->isAuthorized()) {
return new PCRendererJSON(array("error" => "you can't register a new user while logged"), 400);
}
$attributes = $request->getParams();
$privatekey = "6Lfm39cSAAAAAFpyN0tQr4TYNt1zqiaHn9E22lYb";
$resp = recaptcha_check_answer($privatekey, $_SERVER["REMOTE_ADDR"], $attributes["recaptcha_challenge_field"], $attributes["recaptcha_response_field"]);
if (!$resp->is_valid) {
// What happens when the CAPTCHA was entered incorrectly
error_log($resp->error);
return new PCRendererJSON(array("captcha_error" => "Incorrect Captcha"));
}
if (!isset($attributes['username']) || !isset($attributes['name']) || !isset($attributes['surname']) || !isset($attributes['email']) || !isset($attributes['password'])) {
throw new PCExceptionAuth("Missing param", 400);
}
$inputError = NULL;
if (PCHelperValidator::validatePassword($attributes['password'], $inputError) == FALSE) {
return new PCRendererJSON(array("error" => $inputError), 400);
}
if (PCHelperValidator::validateUsername($attributes['username'], $inputError) == FALSE) {
return new PCRendererJSON(array("error" => $inputError), 400);
}
if (PCHelperValidator::validateName($attributes['name'], $inputError) == FALSE) {
return new PCRendererJSON(array("error" => $inputError), 400);
}
if (PCHelperValidator::validateSurname($attributes['surname'], $inputError) == FALSE) {
return new PCRendererJSON(array("error" => $inputError), 400);
}
if (PCHelperValidator::validateEmail($attributes['email'], $inputError) == FALSE) {
return new PCRendererJSON(array("error" => $inputError), 400);
}
$username = $attributes['username'];
$name = $attributes['name'];
$surname = $attributes['surname'];
$email = $attributes['email'];
$password = $attributes['password'];
$store = array();
$store['username'] = $username;
$store['name'] = $name;
$store['surname'] = $surname;
$store['email'] = $email;
$store['password'] = PCAuth::computeHashForString($password);
$error = NULL;
if (PCMapperUser::createUserWithAttributes($store, $error)) {
if (PCConfigManager::sharedManager()->getBoolValue('NOTIF_ON_REGISTER')) {
PCHelperNotificationSender::sendPushNotificationToAdmin("User Registered", "uname: {$username} Name: {$name} Sur: {$surname} mail: {$email}");
}
return new PCRendererJSON(array("OK" => "User added"));
}
return new PCRendererJSON(array("error" => $error), 400);
}