/**
* Get the access token referred to by the request cookie.
*
* @param Request $request
* @return AccessToken|null
*/
protected function getToken(Request $request)
{
$token = array_get($request->getCookieParams(), 'flarum_remember');
if ($token) {
return AccessToken::find($token);
}
}
/**
* @param Request $request
* @return Request
*/
protected function logIn(Request $request)
{
$header = $request->getHeaderLine('authorization');
$parts = explode(';', $header);
$actor = new Guest();
if (isset($parts[0]) && starts_with($parts[0], $this->prefix)) {
$token = substr($parts[0], strlen($this->prefix));
if (($accessToken = AccessToken::find($token)) && $accessToken->isValid()) {
$actor = $accessToken->user;
$actor->updateLastSeen()->save();
} elseif (isset($parts[1]) && ($apiKey = ApiKey::valid($token))) {
$userParts = explode('=', trim($parts[1]));
if (isset($userParts[0]) && $userParts[0] === 'userId') {
$actor = User::find($userParts[1]);
}
}
}
if ($actor->exists) {
$locale = $actor->getPreference('locale');
} else {
$locale = array_get($request->getCookieParams(), 'locale');
}
if ($locale && $this->locales->hasLocale($locale)) {
$this->locales->setLocale($locale);
}
return $request->withAttribute('actor', $actor ?: new Guest());
}
/**
* {@inheritdoc}
*/
public function __invoke(Request $request, Response $response, callable $out = null)
{
if (($token = array_get($request->getCookieParams(), 'flarum_remember')) && ($accessToken = AccessToken::valid($token))) {
$this->app->instance('flarum.actor', $user = $accessToken->user);
$user->updateLastSeen()->save();
}
return $out ? $out($request, $response) : $response;
}
/**
* {@inheritdoc}
*/
public function __invoke(Request $request, Response $response, callable $out = null)
{
if (($token = array_get($request->getCookieParams(), 'flarum_remember')) && ($accessToken = AccessToken::valid($token)) && $accessToken->user->isAdmin()) {
$this->app->instance('flarum.actor', $accessToken->user);
} else {
die('Access Denied');
}
return $out ? $out($request, $response) : $response;
}
/**
* {@inheritdoc}
*/
public function __invoke(Request $request, Response $response, callable $out = null)
{
$header = $request->getHeaderLine('authorization');
if (starts_with($header, $this->prefix) && ($token = substr($header, strlen($this->prefix))) && ($accessToken = AccessToken::valid($token))) {
$this->app->instance('flarum.actor', $user = $accessToken->user);
$user->updateLastSeen()->save();
}
return $out ? $out($request, $response) : $response;
}
/**
* @param Request $request
* @param array $routeParams
* @return \Psr\Http\Message\ResponseInterface
*/
public function handle(Request $request, array $routeParams = [])
{
$user = app('flarum.actor');
if ($user->exists) {
$token = array_get($request->getQueryParams(), 'token');
AccessToken::where('user_id', $user->id)->findOrFail($token);
$user->accessTokens()->delete();
event(new UserLoggedOut($user));
}
return $this->withForgetCookie($this->redirectTo('/'));
}
/**
* @param Request $request
* @param array $routeParams
* @return \Psr\Http\Message\ResponseInterface
*/
public function handle(Request $request, array $routeParams = [])
{
$user = $request->getAttribute('actor');
if ($user->exists) {
$token = array_get($request->getQueryParams(), 'token');
AccessToken::where('user_id', $user->id)->findOrFail($token);
$user->accessTokens()->delete();
$this->events->fire(new UserLoggedOut($user));
}
return $this->withForgetCookie(new RedirectResponse($this->app->url()));
}
/**
* @param Request $request
* @param array $routeParams
*
* @return JsonResponse
*/
public function handle(Request $request, array $routeParams = [])
{
$params = ['data' => ['attributes' => $request->getAttributes()]];
$apiResponse = $this->apiClient->send(app('flarum.actor'), 'Flarum\\Api\\Actions\\Users\\CreateAction', $params);
$body = $apiResponse->getBody();
$statusCode = $apiResponse->getStatusCode();
$response = new JsonResponse($body, $statusCode);
if (!empty($body->data->attributes->isActivated)) {
$token = $this->bus->dispatch(new GenerateAccessToken($body->data->id));
// Extend the token's expiry to 2 weeks so that we can set a
// remember cookie
AccessToken::where('id', $token->id)->update(['expires_at' => new DateTime('+2 weeks')]);
return $this->withRememberCookie($response, $token->id);
}
return $response;
}
/**
* @param Request $request
* @param array $routeParams
* @return JsonResponse|EmptyResponse
*/
public function handle(Request $request, array $routeParams = [])
{
$params = array_only($request->getAttributes(), ['identification', 'password']);
$data = $this->apiClient->send(app('flarum.actor'), 'Flarum\\Api\\Actions\\TokenAction', $params)->getBody();
// TODO: The client needs to pass through exceptions(?) or the whole
// response so we can look at the response code. For now if there isn't
// any useful data we just assume it's a 401.
if (isset($data->userId)) {
// Extend the token's expiry to 2 weeks so that we can set a
// remember cookie
AccessToken::where('id', $data->token)->update(['expires_at' => new DateTime('+2 weeks')]);
event(new UserLoggedIn($this->users->findOrFail($data->userId), $data->token));
return $this->withRememberCookie(new JsonResponse($data), $data->token);
} else {
return new EmptyResponse(401);
}
}
/**
* @param Request $request
* @param array $routeParams
* @return JsonResponse|EmptyResponse
*/
public function handle(Request $request, array $routeParams = [])
{
$controller = 'Flarum\\Api\\Controller\\TokenController';
$actor = $request->getAttribute('actor');
$params = array_only($request->getParsedBody(), ['identification', 'password']);
$response = $this->apiClient->send($controller, $actor, [], $params);
if ($response->getStatusCode() === 200) {
$data = json_decode($response->getBody());
// Extend the token's expiry to 2 weeks so that we can set a
// remember cookie
AccessToken::where('id', $data->token)->update(['expires_at' => new DateTime('+2 weeks')]);
event(new UserLoggedIn($this->users->findOrFail($data->userId), $data->token));
return $this->withRememberCookie($response, $data->token);
} else {
return $response;
}
}
/**
* {@inheritdoc}
*/
public function __invoke(Request $request, Response $response, callable $out = null)
{
$header = $request->getHeaderLine('authorization');
$parts = explode(';', $header);
if (isset($parts[0]) && starts_with($parts[0], $this->prefix)) {
$token = substr($parts[0], strlen($this->prefix));
if ($accessToken = AccessToken::valid($token)) {
$this->app->instance('flarum.actor', $user = $accessToken->user);
$user->updateLastSeen()->save();
} elseif (isset($parts[1]) && ($apiKey = ApiKey::valid($token))) {
$userParts = explode('=', trim($parts[1]));
if (isset($userParts[0]) && $userParts[0] === 'userId') {
$this->app->instance('flarum.actor', $user = User::find($userParts[1]));
}
}
}
return $out ? $out($request, $response) : $response;
}
/**
* @param Request $request
* @param array $routeParams
*
* @return JsonResponse
*/
public function handle(Request $request, array $routeParams = [])
{
$controller = 'Flarum\\Api\\Controller\\CreateUserController';
$actor = $request->getAttribute('actor');
$body = ['data' => ['attributes' => $request->getParsedBody()]];
$response = $this->api->send($controller, $actor, [], $body);
$body = json_decode($response->getBody());
$statusCode = $response->getStatusCode();
$response = new JsonResponse($body, $statusCode);
if (!empty($body->data->attributes->isActivated)) {
$token = $this->bus->dispatch(new GenerateAccessToken($body->data->id));
// Extend the token's expiry to 2 weeks so that we can set a
// remember cookie
AccessToken::where('id', $token->id)->update(['expires_at' => new DateTime('+2 weeks')]);
return $this->withRememberCookie($response, $token->id);
}
return $response;
}
/**
* @param GenerateAccessToken $command
* @return AccessToken
*/
public function handle(GenerateAccessToken $command)
{
$token = AccessToken::generate($command->userId);
$token->save();
return $token;
}