/**
* OAuth2 response handler
*/
public static function authenticateUser($code)
{
$retVal = false;
$client = self::_createOAuth2();
$auth = new OAuth2\Strategy\AuthCode($client);
try {
$token = $auth->getToken($code, ['redirect_uri' => REDDIT_HANDLER]);
if ($token) {
$response = $token->get('https://oauth.reddit.com/api/v1/me.json');
$data = json_decode($response->body());
if ($data) {
$user = self::getByName($data->name);
if (!$user) {
// Block out new user accounts
if ((int) $data->created > time() - REDDIT_MINAGE) {
$retVal = false;
} else {
$user = new User();
$user->name = $data->name;
$user->ip = $_SERVER['REMOTE_ADDR'];
if ($user->sync()) {
$retVal = true;
}
}
} else {
$retVal = true;
}
Lib\Session::set('user', $user);
}
}
} catch (Exception $e) {
}
return $retVal;
}
/**
* OAuth2 response handler
*/
public static function authenticateUser($code)
{
$retVal = false;
$client = self::_createOAuth2();
$auth = new OAuth2\Strategy\AuthCode($client);
try {
$token = $auth->getToken($code, ['redirect_uri' => REDDIT_HANDLER]);
if ($token) {
$response = $token->get('https://oauth.reddit.com/api/v1/me.json');
$data = json_decode($response->body());
if ($data) {
$user = self::getByName($data->name);
if (!$user) {
$user = new User();
$user->name = $data->name;
$user->age = (int) $data->created;
$user->ip = $_SERVER['REMOTE_ADDR'];
if ($user->sync()) {
$retVal = true;
}
} else {
// This is to update any records that were created before age was tracked
if (!$user->age) {
$user->age = (int) $data->created;
$user->sync();
}
$retVal = true;
}
Lib\Session::set('user', $user);
}
}
} catch (Exception $e) {
}
return $retVal;
}
public static function generate(array $params)
{
$action = Lib\Url::Get('action', null);
$out = new stdClass();
$out->success = false;
$user = Api\User::getCurrentUser();
if ($user) {
if (self::_isFlooding($user)) {
$out->message = 'You\'re doing that too fast!';
} else {
switch ($action) {
case 'nominate':
$out = self::_nominate($user);
break;
case 'vote':
$out = self::_vote($user);
break;
default:
$out->message = 'No action specified';
break;
}
if ($out->success) {
self::_setFloodMarker($user);
}
}
} else {
$out->message = 'You must be logged in';
}
Lib\Display::renderJson($out);
}
public static function generate(array $params)
{
$retVal = null;
$action = array_shift($params);
switch ($action) {
case 'brackets':
$retVal = \Api\Bracket::getAll();
break;
case 'bracket':
$retVal = self::_getBracket();
break;
case 'results':
$retVal = self::_getResults();
break;
case 'rounds':
$retVal = self::_getCurrentRounds();
break;
case 'login':
header('Location: ' . str_replace('authorize', 'authorize.compact', \Api\User::getLoginUrl('/')));
exit;
case 'user':
$retVal = \Api\User::getCurrentUser();
break;
case 'characters':
$retVal = self::_getBracketCharacters();
break;
}
header('Content-Type: application/json; charset=utf-8');
echo json_encode($retVal);
exit;
}
public static function generate(array $params)
{
$code = Lib\Url::Get('code', null);
$action = array_shift($params);
if ($action === 'logout') {
$user = Api\User::getCurrentUser();
if ($user) {
$user->logout();
header('Location: /brackets/');
}
}
if ($code) {
$success = Api\User::authenticateUser($code);
if ($success) {
$redirect = Lib\Url::Get('state', '/');
header('Location: ' . $redirect);
exit;
} else {
Lib\Display::addKey('content', 'We were unable to verify your account at this time or your account age does not meet the requirements.');
}
} else {
$obj = new stdClass();
$obj->loginUrl = Api\User::getLoginUrl(Lib\Url::Get('redirect'));
// Do a mobile check
if (preg_match('/iphone|android|windows phone/i', $_SERVER['HTTP_USER_AGENT'])) {
$obj->loginUrl = str_replace('authorize', 'authorize.compact', $obj->loginUrl);
}
$obj->originalUrl = Lib\Url::Get('redirect');
Lib\Display::addKey('page', 'login');
Lib\Display::addKey('title', 'Login' . DEFAULT_TITLE_SUFFIX);
Lib\Display::renderAndAddKey('content', 'login', $obj);
}
}
public function register()
{
$response = \User::createNewUser(\Input::only(['first_name', 'last_name', 'email', 'password']));
$json = ['success' => $response->isSuccessful()];
if (!$json['success']) {
$json['messages'] = $response->getMessages();
}
return \Response::json($json);
}
public static function generate(array $params)
{
$perma = array_shift($params);
$bracket = Api\Bracket::getBracketByPerma($perma);
if ($bracket) {
$bracket->results = $bracket->getResults();
$user = Api\User::getCurrentUser();
if ($user) {
$bracket->userVotes = $bracket->getVotesForUser($user);
}
Lib\Display::addKey('page', 'results');
Lib\Display::renderAndAddKey('content', 'results', $bracket);
}
}
public function update()
{
if (Input::has('user_id') && Input::has('email') && Input::has('name') && Input::has('phone') && Input::has('city_id') && Input::has('address')) {
$user = UserModel::find(Input::get('user_id'));
$user->email = Input::get('email');
$user->name = Input::get('name');
$user->phone = Input::get('phone');
$user->city_id = Input::get('city_id');
$user->address = Input::get('address');
if (Input::get('password') != '') {
$user->secure_key = md5($user->salt . Input::get('password'));
}
$user->save();
return Response::json(['result' => 'success', 'msg' => '']);
} else {
return Response::json(['result' => 'failed', 'msg' => 'Invalid Request']);
}
}
/**
* Gets the unvoted rounds for a bracket and tier
*/
public static function getBracketRounds($bracketId, $tier, $group = false, $ignoreCache = false)
{
// If no user, check as guest
$user = User::getCurrentUser();
if (!$user) {
$user = new User();
$user->id = 0;
}
$cacheKey = 'GetBracketRounds_' . $bracketId . '_' . $tier . '_' . ($group !== false ? $group : 'all') . '_' . $user->id;
$retVal = Lib\Cache::Get($cacheKey);
if (false === $retVal || $ignoreCache) {
$params = [':bracketId' => $bracketId, ':tier' => $tier, ':userId' => $user->id];
if (false !== $group) {
$params[':group'] = $group;
// Check to see how many rounds there are in the group total. If there's only one, come back and get them all
$row = Lib\Db::Fetch(Lib\Db::Query('SELECT COUNT(1) AS total FROM round WHERE bracket_id = :bracketId AND round_tier = :tier AND round_group = :group', [':bracketId' => $bracketId, ':tier' => $tier, ':group' => $group]));
if (is_object($row) && (int) $row->total == 1) {
$retVal = self::getBracketRounds($bracketId, $tier, false, $ignoreCache);
$result = null;
} else {
$result = Lib\Db::Query('SELECT *, (SELECT character_id FROM votes WHERE user_id = :userId AND round_id = r.round_id) AS user_vote FROM round r WHERE r.bracket_id = :bracketId AND r.round_tier = :tier AND r.round_group = :group ORDER BY r.round_order', $params);
}
} else {
$result = Lib\Db::Query('SELECT *, (SELECT character_id FROM votes WHERE user_id = :userId AND round_id = r.round_id) AS user_vote FROM round r WHERE r.bracket_id = :bracketId AND r.round_tier = :tier ORDER BY r.round_order', $params);
}
if ($result && $result->count > 0) {
$retVal = [];
// Hashmap of characters to retrieve in the next step
$characters = [];
while ($row = Lib\Db::Fetch($result)) {
$round = new Round($row);
// If the tier is not 0, character2 is "nobody", and the number of items is not a power of two
// this is a wildcard round and the user has already voted
if ($row->round_tier != 0 && $row->round_character2_id == 1 && ($result->count + 1 & $result->count) != 0) {
return null;
}
// Save off the character IDs for retrieval later
$characters[$row->round_character1_id] = true;
$characters[$row->round_character2_id] = true;
$retVal[] = $round;
}
// Retrieve the characters
$result = Character::query(['id' => ['in' => array_keys($characters)]]);
if ($result && $result->count) {
while ($row = Lib\Db::Fetch($result)) {
$character = new Character($row);
$characters[$character->id] = $character;
}
// Replace all the instances for the rounds
foreach ($retVal as $round) {
$round->character1 = $characters[$round->character1Id];
$round->character2 = $characters[$round->character2Id];
// Flag the character the user voted for if the voted
if ($round->votedCharacterId) {
if ($round->votedCharacterId == $round->character1->id) {
$round->character1->voted = true;
} else {
$round->character2->voted = true;
}
}
}
}
}
Lib\Cache::Set($cacheKey, $retVal);
}
return $retVal;
}
protected static function _checkLogin()
{
$user = Api\User::getCurrentUser();
$readonly = Lib\Url::GetBool('readonly', null);
if (!$user && !$readonly && stripos($_SERVER['HTTP_USER_AGENT'], 'google') === false) {
header('Location: /user/login/?redirect=' . urlencode($_GET['q']));
exit;
}
// Setup a default user if we're in readonly
if (!$user) {
$user = new stdClass();
$user->id = 0;
}
// Seed the test bucket with the user's ID
Lib\TestBucket::initialize($user->id);
return $user;
}
/**
* Create a new user instance after a valid registration.
*
* @param array $data
* @return User
*/
protected function create(array $data)
{
return User::create(['name' => $data['name'], 'email' => $data['email'], 'password' => bcrypt($data['password'])]);
}
/**
* @name logout()
* @param string session_key
* @method POST
*/
public function logout()
{
if (Input::has('session_key')) {
$retVal = array("status" => "ERR", "msg" => "Invalid session.");
try {
$user = \User::where('session_key', '=', Input::get('session_key'))->firstorFail();
if ($user) {
$retVal = array("status" => "OK");
$user->session_key = null;
$user->save();
$actor = $user->fullname . ' - ' . $user->email;
\Event::fire('log.api', array($this->controller_name, 'logout', $actor, 'logged out'));
} else {
$actor = Input::get('session_key');
\Event::fire('log.api', array($this->controller_name, 'logout', $actor, 'user not found'));
}
} catch (ModelNotFoundException $e) {
}
return Response::json($retVal);
}
}
<?php require_once __DIR__ . "/env.php"; require_once __DIR__ . "/util/Http.php"; require_once __DIR__ . "/api/Auth.php"; require_once __DIR__ . "/api/User.php"; $accessToken = \api\Auth::getAccessToken(); $code = $_GET["code"]; $userInfo = \api\User::getUserInfo($accessToken, $code); echo json_encode($userInfo);