/** * Make user authorization from social identity to website session * @return bool * @throws \Ffcms\Core\Exception\ForbiddenException */ public function makeAuth() { if ($this->_record === null) { return false; } // get user from belongsTo relation $user = $this->_record->user; // maybe user was deleted without data provider record? if (!$user instanceof iUser) { throw new ForbiddenException(__('User related to this social account was deleted')); } // initialize login model $loginModel = new FormLogin(); // open session & return status return $loginModel->openSession($user); }
/** * Approve user profile via $email and $token params * @param string $email * @param string $token * @throws ForbiddenException */ public function actionApprove($email, $token) { // sounds like a not valid token if (App::$User->isAuth() || Str::length($token) < 32 || !Str::isEmail($email)) { throw new ForbiddenException(); } // lets find token&email $find = App::$User->where('approve_token', '=', $token)->where('email', '=', $email); // not found? exit if ($find->count() !== 1) { throw new ForbiddenException(); } // get row and update approve information $user = $find->first(); $user->approve_token = '0'; $user->save(); // open session and redirect to main $loginModel = new FormLogin(); $loginModel->openSession($user); $this->response->redirect('/'); // session is opened, refresh page }