public function connect(Application $app)
{
// creates a new controller based on the default route
$controllers = $app['controllers_factory'];
/**
* Perform a logout for the user.
*/
$controllers->get('/', function (Request $request) use($app) {
$Username = $request->query->get('username');
$Token = $request->query->get('token');
$Domain = $request->query->get('domain');
$User = User::TryGetUserByUsername($Username, $Domain, $app);
if ($User !== NULL) {
$User->Load();
if ($User->Token === $Token) {
$User->Delete();
}
return $app->redirect('/logout/clear');
}
return $app->redirect('/logout/close');
});
/**
* Some URLs just for signaling with the WebView in the Android
* App. TODO: stop this and user a normal API call instead.
*/
$controllers->get('/clear', function () {
return '';
});
$controllers->get('/close', function () {
return '';
});
return $controllers;
}
public function connect(Application $app)
{
// creates a new controller based on the default route
$controllers = $app['controllers_factory'];
/**
* Display a login form
*/
$controllers->get('/', function (Request $request) use($app) {
$IsError = $request->query->get('error') === "1";
$x = $app['twig']->render('login.twig', ['error' => $IsError]);
return $x;
});
/**
* Handle login form submissions
*/
$controllers->post('/', function (Request $request) use($app) {
$UsernameInput = User::GetDomainAndUsernameFromInput($request->request->get('username'), $app);
$Password = $request->request->get('password');
$DeviceID = $request->query->get('device_id');
$Username = $UsernameInput['Username'];
$Domain = $UsernameInput['Domain'];
$Ldap = new LdapAuthentication($app);
try {
$LoginResult = $Ldap->TryToAuthenticate($Domain, $Username, $Password);
} catch (\Exception $ex) {
return $app->redirect("/login?error=1&device_id=" . urlencode($DeviceID));
}
if (!$LoginResult) {
return $app->redirect("/login?error=1&device_id=" . urlencode($DeviceID));
}
/* @var $User User */
$User = User::TryGetUserByUsername($Username, $Domain, $app);
if ($User !== NULL) {
$User->Load();
$User->ResetToken();
$User->DeviceID = $DeviceID;
$User->Save();
} else {
$User = new User($app);
$User->DeviceID = $DeviceID;
$User->Username = $Username;
$User->Domain = $Domain;
$User->ResetToken();
$User->Save();
}
$UserFields = ['Domain' => $User->Domain, 'Username' => $User->Username, 'Token' => $User->Token];
return $app->redirect('/login/close?' . http_build_query($UserFields));
});
/**
* Close the WebView on the Android client. TODO: remove the
* webview altogether
*/
$controllers->get('/close', function () {
return '';
});
return $controllers;
}
/**
* Middleware to ensure only authenticated requests produce output
* for an HTTP GET request. The domain, token, and username must appear
* in the request query string. The requestor should expect JSON payload
* in the output
*
* @param Request $request
* @param Application $app
* @return object Application response
*/
public static function EnsureAuthenticatedGETJSON(Request $request, Application $app)
{
$Username = $request->query->get('username');
$Domain = $request->query->get('domain');
$Token = $request->query->get('token');
$User = User::TryGetUserByUsername($Username, $Domain, $app);
if ($User !== null) {
$User->Load();
if ($User->Token !== $Token) {
return $app->json(['IsAuthenticated' => false], 403);
}
} else {
return $app->json(['IsAuthenticated' => false], 403);
}
}
