/** * @Route ("/impersonate") * @HttpMethod ({"GET"}) * * @param array $params * @throws Exception * @return string */ public function impersonate(array $params) { if (!Config::$a['allowImpersonation']) { throw new Exception('Impersonating is not allowed'); } $userId = isset($params['userId']) && !empty($params['userId']) ? $params['userId'] : ''; $username = isset($params['username']) && !empty($params['username']) ? $params['username'] : ''; if (empty($userId) && empty($username)) { throw new Exception('[username] or [userId] required'); } $authService = AuthenticationService::instance(); $userService = UserService::instance(); if (!empty($userId)) { $user = $userService->getUserById($userId); } else { if (!empty($username)) { $user = $userService->getUserByUsername($username); } } if (empty($user)) { throw new Exception('User not found. Try a different userId or username'); } $credentials = $authService->getUserCredentials($user, 'impersonating'); Session::start(); Session::updateCredentials($credentials); ChatIntegrationService::instance()->setChatSession($credentials, Session::getSessionId()); return 'redirect: /'; }
/** * Checks the users current session status * Does a remember me login * @return void */ public function init() { $app = Application::instance(); $authService = AuthenticationService::instance(); // If the session hasnt started, or the data is not valid (result from php clearing the session data), check the Remember me cookie if (!Session::isStarted() || !Session::getCredentials()->isValid()) { $userId = $authService->getRememberMe(); if ($userId !== false) { $userManager = UserService::instance(); $user = $userManager->getUserById($userId); if (!empty($user)) { Session::start(Session::START_NOCOOKIE); $credentials = $authService->getUserCredentials($user, 'rememberme'); Session::updateCredentials($credentials); ChatIntegrationService::instance()->setChatSession($credentials, Session::getSessionId()); $authService->setRememberMe($user); } } } }
/** * @param AuthenticationCredentials $authCreds * @throws Exception */ public function handleAuthCredentials(AuthenticationCredentials $authCreds) { $userService = UserService::instance(); $user = $userService->getUserByAuthId($authCreds->getAuthId(), $authCreds->getAuthProvider()); if (empty($user)) { throw new Exception('Invalid auth user'); } // The user has registed before... // Update the auth profile for this provider $authProfile = $userService->getUserAuthProfile($user['userId'], $authCreds->getAuthProvider()); if (!empty($authProfile)) { $userService->updateUserAuthProfile($user['userId'], $authCreds->getAuthProvider(), array('authCode' => $authCreds->getAuthCode(), 'authDetail' => $authCreds->getAuthDetail())); } // Renew the session upon successful login, makes it slightly harder to hijack $session = Session::instance(); $session->renew(true); $credentials = $this->getUserCredentials($user, $authCreds->getAuthProvider()); Session::updateCredentials($credentials); ChatIntegrationService::instance()->setChatSession($credentials, Session::getSessionId()); // Variable is sent from the login form if (Session::set('rememberme')) { $this->setRememberMe($user); } }
/** * Flag a user session for update * @param int $userId */ public function flagUserForUpdate($userId) { $user = UserService::instance()->getUserById($userId); $credentials = $this->getUserCredentials($user, 'session'); if (Session::instance() != null && Session::getCredentials()->getUserId() == $userId) { // Update the current session if the userId is the same as the credential user id Session::updateCredentials($credentials); // Init / create the current users chat session ChatIntegrationService::instance()->setChatSession($credentials, Session::getSessionId()); } else { // Otherwise set a session variable which is picked up by the remember me service to update the session $cache = Application::instance()->getCacheDriver(); $cache->save(sprintf('refreshusersession-%s', $userId), time(), intval(ini_get('session.gc_maxlifetime'))); } ChatIntegrationService::instance()->refreshChatUserSession($credentials); }