private function getUser($string) { $parts = explode('=', trim($string)); if (isset($parts[0]) && $parts[0] === 'userId') { return User::find($parts[1]); } }
/** * @param Request $request * @return Request */ protected function logIn(Request $request) { $header = $request->getHeaderLine('authorization'); $parts = explode(';', $header); $actor = new Guest(); if (isset($parts[0]) && starts_with($parts[0], $this->prefix)) { $token = substr($parts[0], strlen($this->prefix)); if (($accessToken = AccessToken::find($token)) && $accessToken->isValid()) { $actor = $accessToken->user; $actor->updateLastSeen()->save(); } elseif (isset($parts[1]) && ($apiKey = ApiKey::valid($token))) { $userParts = explode('=', trim($parts[1])); if (isset($userParts[0]) && $userParts[0] === 'userId') { $actor = User::find($userParts[1]); } } } if ($actor->exists) { $locale = $actor->getPreference('locale'); } else { $locale = array_get($request->getCookieParams(), 'locale'); } if ($locale && $this->locales->hasLocale($locale)) { $this->locales->setLocale($locale); } return $request->withAttribute('actor', $actor ?: new Guest()); }
/** * @param ServerRequestInterface $request * * @return \Psr\Http\Message\ResponseInterface */ public function handle(ServerRequestInterface $request) { $userId = array_get($request->getQueryParams(), 'id'); $testCheck = new Ip(User::find($userId)); $testCheck->run(); return json_encode($testCheck->getReport()); }
private function getActor(SessionInterface $session) { $actor = User::find($session->get('user_id')) ?: new Guest(); if ($actor->exists) { $actor->updateLastSeen()->save(); } return $actor; }
/** * @param Request $request * @return \Psr\Http\Message\ResponseInterface * @throws TokenMismatchException */ public function handle(Request $request) { $session = $request->getAttribute('session'); $response = new RedirectResponse($this->app->url()); if ($user = User::find($session->get('user_id'))) { if (array_get($request->getQueryParams(), 'token') !== $session->get('csrf_token')) { throw new TokenMismatchException(); } $this->authenticator->logOut($session); $user->accessTokens()->delete(); $this->events->fire(new UserLoggedOut($user)); $response = $this->rememberer->forget($response); } return $response; }
/** * @param Request $request * @throws SingleSOException * @return \Psr\Http\Message\ResponseInterface|JsonResponse|JsonpResponse */ public function createLogoutTokenResponse(Request $request) { $params = $request->getQueryParams(); // Get the user session. $session = $request->getAttribute('session'); // Get the Flarum user if authenticated. $user_id = $session ? $session->get('user_id') : null; $user = $user_id ? User::find($user_id) : null; // Success flag. $success = 0; $message = null; // Flag to logout user. $logout = false; // If there a managed user, possibly log out. if ($user && isset($user->singleso_id)) { // Load settings, check success. $authSettings = SingleSO::settingsAuth($this->settings, false); if (!$authSettings) { $message = 'Invalid configuration.'; } else { // Verify token. if (!SingleSO::logoutTokenVerify($user->singleso_id, $authSettings['client_secret'], array_get($params, 'token'))) { $message = 'Invalid token.'; } else { // Remember to do logout. $logout = true; // User is logged out. $success = 1; } } } else { // No user to logout. $success = -1; } // Create the response data. $responseData = ['success' => $success]; if ($message) { $responseData['message'] = $message; } $response = null; // Get the JSONP callback if present. $callback = array_get($params, 'callback'); // Try to create response or convert failure to catchable exception. try { // If a JSONP callback, use JSONP, else JSON. $response = $callback ? new JsonpResponse($responseData, $callback) : new JsonResponse($responseData); } catch (InvalidArgumentException $ex) { throw new SingleSOException([$ex->getMessage() . '.']); } // Logout the current user if set to do. if ($logout) { // Remember the state after destroying session. $sessionData = $this->sessionStateGet($session); // Trigger the actual logout. $this->authenticator->logOut($session); $user->accessTokens()->delete(); $this->events->fire(new UserLoggedOut($user)); $response = $this->rememberer->forget($response); // Set the state back on the new session if existed. if ($sessionData) { $this->sessionStateSet($session, $sessionData); } } return $response; }